Luna HSM Firmware 7.8.7

Luna HSM firmware 7.8.7 was released in April 2024. It includes bug fixes and improvements.

>Download Luna HSM Firmware 7.8.7 for PCIe HSM

New Features and Enhancements

Luna HSM firmware 7.8.7 includes the following new features and enhancements:

Curve secp256k1 performance

Curve secp256k1 handling has been optimized, improving performance of all ECDH and ECIES and BIP32 mechanisms where it is used.

SLIP10 for BIP32

SLIP10 derivation is added for BIP32 key type, with curve options secp256k1, NIST P-256, and ED25519. See SLIP 10.

ECIES HKDF Support

Support for HKDF (HMAC Key Derive Function) is added to ECIES. Adds HKDF Extract and Expand functions to support all Hash methods. Includes tools CKDemo, Multitoken, and fmultitoken. Requires firmware version 7.8.7 or newer and Luna HSM Client 10.7.1 or newer. See ECIES Enhancement for HKDF.

Valid Update Paths

You can update the Luna HSM firmware to version 7.8.7 from the following previous versions:

>7.0.1, 7.0.2, 7.0.3, 7.1.0, 7.2.0, 7.3.0, 7.3.3, 7.4.0, 7.4.1, 7.7.0, 7.7.1-20, 7.8.0, 7.8.1, 7.8.2, 7.8.4

CAUTION!   Do Not Update Directly From Luna HSM Firmware 7.7.2; this update path is not supported.

Advisory Notes

This section highlights important issues you should be aware of before deploying HSM firmware 7.8.7.

FIPS Changes in Luna HSM Firmware 7.8.7 and Newer

New restrictions have been added to some mechanisms when the HSM is in FIPS mode (HSM policy 12: Allow non-FIPS algorithms set to OFF), to comply with FIPS 186-5 Digital Signature Standard (NIST SP 800-186).

Mechanisms no longer available in FIPS mode

The following mechanisms are now restricted from use in FIPS mode:

>CKM_AES_MAC

>CKM_AES_MAC_GENERAL

>CKM_DES3_MAC

>CKM_DES3_MAC_GENERAL

>CKM_DSA_KEY_PAIR_GEN

>CKM_DSA_PARAMETER_GEN

Mechanisms not permitted to sign objects in FIPS mode

The following mechanisms are not permitted to sign objects in FIPS mode:

>CKM_DSA

>CKM_DSA_SHA224

>CKM_DSA_SHA256

>CKM_RSA_X9_31

>CKM_SHA3_224_DSA

>CKM_SHA3_256_DSA

>CKM_SHA3_384_DSA

>CKM_SHA3_512_DSA

>CKM_SHA224_RSA_X9_31

>CKM_SHA256_RSA_X9_31

>CKM_SHA384_RSA_X9_31

>CKM_SHA512_RSA_X9_31

Do Not Update Directly From Luna HSM Firmware 7.7.2

Luna HSM Firmware 7.7.2 must not be updated directly to Luna HSM Firmware 7.8.4 or newer, or unexpected problems may occur. If you are updating from Luna HSM Firmware 7.7.2, you must first install Luna HSM Firmware 7.8.1.

Luna HSM Firmware 7.8.4 or Newer Requires Luna HSM Client 10.7.0 or Newer

Changes in Luna HSM Firmware 7.8.4 and newer require update to Luna HSM Client 10.7.0 or newer. Thales recommends that you update your client software before updating your HSM firmware. As usual, the newer client can work with older firmware.

FIPS Changes in Luna HSM Firmware 7.8.4 and Newer

New restrictions have been added to some mechanisms when the HSM is in FIPS mode (HSM policy 12: Allow non-FIPS algorithms set to OFF), to comply with NIST's planned withdrawal of FIPS SP800-67 Rev2 on January 1, 2024.

Mechanisms not permitted to encrypt objects in FIPS mode

The following mechanisms are not permitted to encrypt objects in FIPS mode:

>CKM_DES_CFB8

>CKM_DES_CFB64

>CKM_DES_OFB64

>CKM_DES3_CBC

>CKM_DES3_CBC_PAD

>CKM_DES3_CTR

>CKM_DES3_ECB

The following encryption mechanisms are no longer available in FIPS mode:

>CKM_DES3_CBC_ENCRYPT_DATA

>CKM_DES3_ECB_ENCRYPT_DATA

DES3 encryption is blocked in ECIES mechanisms.

HMAC mechanisms are blocked from using a DES3 key for signing.

>CKM_SHA3_224_HMAC

>CKM_SHA3_224_HMAC_GENERAL

>CKM_SHA3_256_HMAC

>CKM_SHA3_256_HMAC_GENERAL

>CKM_SHA3_384_HMAC

>CKM_SHA3_384_HMAC_GENERAL

>CKM_SHA3_512_HMAC

>CKM_SHA3_512_HMAC_GENERAL

Mechanisms not permitted to sign objects in FIPS mode

The following mechanisms are not permitted to sign objects in FIPS mode:

>CKM_DES3_CMAC

>CKM_DES3_CMAC_GENERAL

CKM_RSA_PKCS not permitted to decrypt/unwrap objects in FIPS mode

CKM_RSA_PKCS is now restricted from performing decrypt/unwrap operations in FIPS mode.

FIPS Changes in Luna HSM Firmware 7.8.0 and Newer

The following mechanism is now restricted from use in FIPS mode:

>CKM_X9_42_DH_PARAMETER_GEN

FIPS Changes in Luna HSM Firmware 7.7.2 and Newer

The following mechanisms have new operation restrictions in FIPS mode:

>CKM_RSA_PKCS: cannot encrypt | Cannot legacy decrypt | Cannot legacy unwrap

>CKM_RSA_PKCS_OAEP: Cannot legacy decrypt | Cannot legacy unwrap

NOTE   This page lists FIPS-related changes made since the last FIPS-validated firmware release. For a comprehensive list of changes across all released versions of the Luna HSM firmware, see Changes to FIPS Mode Mechanisms and Operations by Firmware Version. Refer to this section if you are updating from a firmware version that is older than the last FIPS-validated version.

Minimum Password Length is Increased to 8 Characters

Luna HSM Firmware 7.7.2 and newer enforces minimum 8-character passwords and challenge secrets, to comply with FIPS requirements. The previous limit was 7 characters. If you were using a 7-character password prior to upgrading the firmware, that password continues to work. Future password changes will use the new 8-character minimum.

If you have an existing HA group whose member partitions use a 7-character password/challenge secret, you must change all members to use a minimum 8-character password before adding a new member that uses Luna HSM Firmware 7.7.2 or newer.

Partition policy to control the use of DigestKey is added

Partition capability/policy 9: Allow DigestKey is added with Luna HSM Firmware 7.8.0; it controls the possibility of final keys being derived outside of the HSM. The policy defaults to OFF, which is the more secure option. Previously, DigestKey was always allowed, and this new policy provides choice for those who do not need the option, as well as for those who do need it.

NOTE   Partition Policy 9 is destructive when switched OFF-to-ON, so have any partition contents backed up before you update HSM firmware. After update from any firmware prior to version 7.8.0, if you require this ability, you can switch the policy ON and then restore your material to the partition and resume using your application.

RSA Keygen Mechanism Remapping on Luna 7.7.1 or Newer Partitions Requires Minimum Luna HSM Client 10.4.0

Luna HSM Firmware 7.7.1 or newer partitions that have been individually set to FIPS mode using the new partition policy 43 require Luna HSM Client 10.4.0 or newer to automatically remap older RSA mechanisms as described in RSA Mechanism Remap for FIPS Compliance.

Special Considerations for Luna HSM Firmware 7.7.0 and Newer

Luna HSM Firmware 7.7.0 introduces new capabilities, features, and other significant changes that affect the operation of the HSM. Due to some of these changes, you must be aware of some special considerations before updating to Luna HSM Firmware 7.7.0 or newer. For more information, refer to Special Considerations for Luna HSM Firmware 7.7.0 and Newer before proceeding with the update.

3DES Usage Counter

For Luna HSM Firmware 7.7.0 and newer, triple-DES keys have a usage counter that limits each key instance to encrypting a maximum of 2^16 8-byte blocks of data when the HSM is in FIPS mode (HSM policy 12: Allow non-FIPS algorithms is set to 0). When the counter runs out for a key instance, that key instance can no longer be used for encryption or wrapping or deriving or signing, but can still be used for decrypting and unwrapping and verifying pre-existing objects.

The CKA_BYTES_REMAINING attribute is available when HSM policy 12: Allow non-FIPS algorithms is set to 0, but cannot be viewed if that policy is set to 1.

The attribute is preserved during backup/restore using a Luna Backup HSM 7; restoring puts the counter back to whatever value it had before backup.

The attribute is not preserved through backup/restore using a Luna Backup HSM G5; restoring sets the counter to like-new state (no usage).