- See
Possum for main information
Technology/Laboratory/Software/Possum for the developed design scope of the Software
Technology/Laboratory/Hardware/Possum for the developed design scope of the Hardware
Brain/Study/Possum/Hardware for the ongoing project concept
CAcert.org Possum Project
Possum is a cross-competence Project for an Open Source Security Module. This is like a commercial HSM, but driven to CAcert's more open requirements.
The Possum Project can be the basis of Next Generation Open Source CAcert.org Security Module / Signing-Server, and part of the Next Generation Design of CAcert.org Open Source Software BirdShack as well.
Business Proposal
- Possum is not yet designed. In order to design Possum, we could (hypothetically)
Design it ourselves
Contract it to an expert group
This concept is about exploring the the third option.
A Design Competition for Possum
- This could be run along the lines of the NIST/AES effort. An open-to-all call asking for a design for each module. Each module should be specified to a sufficient standard.
- A time-line should be set with phases. For example, following the lines of the AES effort:
- 1. Announce
- 2. Open presentation of all designs, X months later
- 3. Comment and attack period
- 4. Selection of finalists
- 5. Presentation of finalists
- 6. Comment and attack period
- 7. Selection of winner
- 8. Production of reference implementations
- This fits the criteria of a peer-reviewed exercise, so it is most of the way to being academically viable. To further market it, budget for the team(s) travel and accomodation to present their proposals within a major related conference.
- Funding could be found from a number of sources.
Requirements
- Possum needs to be:
- - Buildable by small independent groups.
- - Low-cost
- - Relatively secure
- - Protect the key data from extraction
- - Protect the system from unauthorised requests
- - Small verifiable software footprint
- - Simple, trailing edge hardware footprint
- - Single standardised protocol
- - Open access
- - All components buildable and usable without license issues
- - Published design
- - No patents
Components
There are these Major Tech Components:
Hardware Platform
- Hardware Interfaces
- Physical Protection Module
- -
Protocol
- Serial
Software
- Crypto, protocol driver, key store, application
Hardware
- - Hardware must be readily sourcable and low cost.
- - Security not speed.
- - It should have an application interface and a management interface,
- - Small footprint: Low power, low heat, small size.
Requirements for the Hardware are developed at Technology/Laboratory/Hardware/Possum.
Notes on the project-work for the hardware side are at Brain/Study/Possum/Hardware.
Protocol
- - Certificate operations
- - Capable of layering over different packet networks.
- - Simple layout
- - Some Management requests
- - Highly reliable
- - Simple layout
See fuller requirements at Technology/Laboratory/Software/Possum.
Software
- - Capable of digital signing
- - Keeps logs of all requests received and handled
- - Protocol driver
- - Management access
See fuller requirements at Technology/Laboratory/Software/Possum.
Misc
Other Applications
- Our Primary interest is CAcert's digital signing server, but this design can be turned to other things:
- Digital cash server, e.g., Ricardo or Epointsystem.
- - Personal safe for private information
- - MP3 server
- Tahoe server or other file-sharing technology
References
- Peter Gutmann, "An Open-source Cryptographic Coprocessor," Usenix 2000.
- Peter Gutmann, "Hardware Encryption Modules," forthcoming book.
Feedbacks
- iang at c.o
Inputs & Thoughts, below:
Inputs & Thoughts
20090922-hugi
Can't find Proposal Variant B?
YYYYMMDD-YourName
Text / Your Statements, thoughts and e-mail snippets, Please