This document provides an overview of Amazon Web Services' (AWS) CloudHSM service. It discusses how CloudHSM is tamper-proof and tamper-evident, can be used as a keystore or for document timestamping, and needs to be backed up. It also summarizes how CloudHSM can be integrated with other AWS services like S3, EBS, EC2, Redshift, and RDS. Finally, it briefly discusses auditing capabilities and some common use cases for CloudHSM.

1. ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
CloudHSM Deep-Dive
Dave Walker – Specialised Solutions Architect Security/Compliance
Amazon Web Services UK Ltd

2. CloudHSM
• Tamper-Proof and Tamper-Evident
– Destroys its stored keys if under attack
• FIPS 140-2 Level 2 certified
• Base position is to be a Keystore
• Can also be used to timestamp documents
• You can send data for encrypt / decrypt
• Needs to be backed-up (ideally to HSM on customer premises)
• Can be (and should) be combined in HA clusters
• Is NOT a key management system
– but can work with some third-party ones
• Communicates via:
– PKCS#11
– JCE
• Some applications need a “plugin”
• Safenet have one for Apache

3. CloudHSM Integration with S3, EBS, EC2
• S3
– Integration using SafeNet KeySecure on EC2
– White paper at http://www2.safenet-inc.com/AWS-
guides/SafeNetKMIP_AmazonS3_IntegrationGuide.pdf
• EBS and EC2
– Use SafeNet KeySecure (6.1.2 or later) on EC2, backed by CloudHSM, for key
management
– Install SafeNet ProtectV Manager on EC2 (c1.medium / m1.medium)
– Install ProtectV Client on EC2 instances
– Use ProtectV for EBS volume encryption (ext3, ext4, swap)
– Supported platforms:
• RHEL 5.8, 6.2, 6.3
• CentOS 6.2
• Microsoft Windows 2008, 2012
– Encrypt full EBS-backed EC2 instances, including root volumes

4. AWS Databases and CloudHSM
• Redshift:
– When using CloudHSM
• Redshift gets cluster key from HSM
• Redshift generates a database key and encrypts it with the cluster key from the CloudHSM
• Redshift encrypts data with the database key
• Redshift supports re-encryption
• RDS
– RDS / Oracle EE can use CloudHSM to store keys as per Oracle Wallet
• So TDE can be HSM-backed
• Note that in-memory database contents (once the database has
been unlocked) are cleartext
– RAM encryption is not something AWS has today, but it has been done in other
contexts
– Homomorphic encryption
– Proof-of-concept with KVM

5. SafeNet Product Support for AWS
SafeNet Product AWS Service(s) Supported Notes
ProtectV and Virtual
KeySecure for AWS
EC2 or VPC Instances and EBS
Storage
GovCloud (Beta)
• Requires Safenet KeySecure (HW or Virtual)
• Available in AWS MarketPlace, as well as SafeNet sales channels
Virtual KeySecure for AWS CloudHSM • Available in AWS Marketplace
• CloudHSM supports Virtual KeySecure as the hardware root of trust
for vKS master keys
StorageSecure AWS Storage Gateway • Safenet KeySecure Hardware (optional)
• iSCSI integration (however StorageSecure also supports CIFS,
NFS, FTP, TFTP and HTTP protocols.)
Luna SA 7000 HSM CloudHSM
RedShift
RDS (via 3rd party vendor)
• High availability
• Key synchronization
• Key Management
Luna Backup HSM CloudHSM • Key backup
ProtectApp S3 and EBS volumes • Can be integrated with Amazon S3 Encryption Clients and AWS
SDKs (Java and .Net)
• Requires SafeNet KeySecure (HW or virtual)
• Can be installed on an EC2/VPC instance to protect data stored on
EBS volumes.
ProtectFile EBS volumes and S3 • Requires SafeNet KeySecure (HD or Virtual)

6. Difference between CloudHSM and
KMSCloudHSM
• Single-tenant HSM
• Customer-managed durability and
availability
• Customer managed root of trust
• FIPS 140-2 Validation
• Broad third-party app support
• Symmetric and asymmetric ops
• High fixed price ($16.5k/yr/hsm)
KMS
• Multi-tenant AWS service
• Highly available and durable key
storage and management
• AWS managed root of trust
• Extensive auditing
• Broad support for AWS services
• Symmetric encryption only
• Usage-based pricing

7. Why Customers Choose CloudHSM
• Reasons include:
– Control
• Complete control of encryption keys, AWS cannot access key material
• Fine-grained control of how AWS assets can use your keys
– Compliance
• FIPS 140-2 level 2 or 3 certification
• Common Criteria EAL4 certification
– Performance/Availability
• When required, “local” CloudHSM much better than on-prem
– Network transit times
– Usage patterns

8. Customer Control Over Keys
• Three reasons for this requirement
– Regulatory (hard), Policy (soft) and Trust (soft)
• Soft requirements may be addressed by threat
modelling
– KMS can be simpler and less expensive for customer to use
– Important to engage customer’s governance resources
• With CloudHSM, customers have absolute
control and authority over keys through
separation of duties

9. Separation of Duties
• Separation of duties is enforced by the HSM
appliance itself, using RBAC
Customer control keys
and crypto operations
CloudHSM
AWS manages the
appliance

10. Third-Party Compliance Validation
• Requirements
– PCI or other vertical-specific security standard
– Government workloads (US, Canada, and others)
– Enterprise policies increasingly require FIPS validation
• CloudHSM uses SafeNet Luna SA 7000
appliances
– FIPS 140-2 Level 2 Validated
– Common Criteria EAL4 Validated

11. Performance/Availability Advantages
• Customers may have existing on-prem HSMs
• Applications that require HSM access could
leverage on-prem HSMs over VPN or DX
• Latency and availability characteristics of VPN
or DX make CloudHSM desirable

12. Amazon Really Can’t Access Keys
• AWS has “appliance admin” to the HSM
• Luna SA separates appliance admin from “security officer”
• Customer initializes HSM themselves via SSH
• AWS never sees partition credentials
• Device is automatically wiped if unauthorised access
attempted
• Bottom line – you don’t have to trust AWS, you are trusting
the HSM vendor (SafeNet) and and third party FIPS/CC
validations

13. Operations
• Each HSM is dedicated to one customer
– No sharing or partitioning of the appliance
• Customer is responsible for operating the HSMs in HA mode
– SafeNet Client handles replication to multiple HSMs (up to 16)
– SafeNet Client load balances across available HSMs
• Password authentication controls access to the HSM
– PEDs (Pin Entry Devices) are not currently supported
• AWS monitors & manages the devices and network
infrastructure
• See FAQ and Technical docs for additional details

14. • Self-service provisioning and management now
supported through a public API
– CreateHSM and DeleteHSM to provision and terminate HSMs
– ModifyHSM permits changing the network configuration as well as
setting up syslog forwarding
• ListHSMs and DescribeHSM allow discovery and
querying of provisioned HSMs
• ListAvailableZones provides visibility into where
CloudHSM capacity is available
CloudHSM Public API and SDK

15. • Provisioning and de-provisioning
– Easy to provision an HSM, intialise it, clone keys from existing
HSMs
• Easier HSM management
– Lots of automation in the CLI to reduce management effort
• Simpler HA configuration
– Help you build and maintain HSM high availability (HA)
configurations
– From 9 manual steps, interacting with appliance shell directly
– To 2 simpler steps: create-hapg, add-hsm-to-hapg (for each HSM)
• Source code available via open source license
CloudHSM Command Line Interface (CLI) Tools

16. • Transparent data encryption support for RDS
Oracle databases
• Store master encryption keys in CloudHSM
instances
• High availability support for two or more HSMs
• Up to 20 separate databases per HSM
CloudHSM for RDS Oracle TDE

17. Auditing
• CloudTrail
– Track resource changes
– Audit activities for security and compliance purposes
– Review all CloudHSM API calls
• Syslog
– Audit operations on the HSM appliance
– Send syslog to customer-built and managed collector

18. CloudHSM Use Cases

19. EBS Volume Encryption
• Master key stored in CloudHSM
• SafeNet ProtectV & KeySecure
• Instances with ProtectV client
authenticate to KeySecure
• ProtectV client encrypts all I/O to
EBS volume (AES256)
Availability Zone
CloudHSM
Customer
Applications
SafeNet
KeySecure
SafeNet
ProtectV
Client

20. Redshift Encryption
• Cluster master key in CloudHSM
• Direct integration – no client software required
Your
applications
in Amazon
EC2
Amazon Redshift
Cluster
Your encrypted data
in Amazon Redshift
AWS CloudHSM

21. Database Encryption (non-RDS)
• Customer-managed
database in EC2
– Oracle 11g & 12c with
Transparent Data Encryption
(TDE)
– Microsoft SQL Server 2008 &
2012 with TDE
– Master key in CloudHSM
AWS
CloudHSM
Your database
with TDE in
Amazon EC2
Master key is created in
the HSM and never
leaves
Your applications
in Amazon EC2

22. Custom Software Applications
• Architectural building block to help you secure
your applications
• Use standard libraries, with back-end HSM
rather than software-based crypto
– PKCS#11, JCA/JCE, Microsoft CAPI/CNG/EKM
• Code examples and details in the CloudHSM
User Guide make it easier to get started

23. Other Use Cases
• Customer use cases continue to emerge:
– Enterprises using on-prem HSMs and want to move these workloads to the cloud
– Startups who want to offer high assurance services and achieve compliance
– Enterprises who are not using HSMs for some of their on-prem apps but who want
to use HSMs for these apps in the cloud
• Examples:
– Object encryption
– Digital Rights Management (DRM)
– Document signing, secure document management & secure document repository
– Payments, financial applications & transaction processing
– Privileged account management
– Certification authority (CA)

24. Using CloudHSM

25. Detailed Examples
• Building the CloudHSM Environment
• Configuring High Availability
• Integrating with RDS

26. Building a CloudHSM Environment
• Create customer
infrastructure using CF
template
• Install the CLI Tools
• Provision HSMs
• Initialise HSMs

27. Create Infrastructure with CF

28. Create Infrastructure with CF
Lookup your AZ identifiers on the EC2
Dashboard, and use those names

29. Install CLI Tools on Control Instance
• SSH to control instance deployed by CF Template
• Download and install the CloudHSM CLI Tools
# Install python 2.7
sudo yum install python27
wget https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py
sudo python2.7 ez_setup.py
# Download and install the CloudHSM CLI Tools
wget https://s3.amazonaws.com/cloudhsm-software/CloudHsmCLI.egg
sudo easy_install-2.7 -s /usr/local/bin CloudHsmCLI-beta.egg
cloudhsm version
{
"Version": ”<version>"
}
• Assign an IAM role to your instance to permit CloudHSM API access

30. Provision HSMs
• Create two HSMs (one for each subnet)
$ cloudhsm -c cloudhsm.conf create-hsm --ssh-public-key-file
cloudhsm_ssh.pub --iam-role-arn
arn:aws:iam::315160724404:role/CloudHSM-FRA-CloudHsmRole-
1ZEAT0Z2PB8P --subnet-id subnet-d244b0bb
{
"HsmArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hsm-
f32462d6",
"RequestId": "e55c9da1-7b5b-11e4-9222-dd57de14ff9c"
}

31. Provision HSMs
• Describe status, wait until status changes from “PENDING” to “RUNNING”
$ cloudhsm -c cloudhsm.conf describe-hsm -H arn:aws:cloudhsm:eu-central-1:315160724404:hsm-
f32462d6
{
"EniId": "eni-047fbd6d",
"EniIp": "10.0.201.252",
"HsmArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6",
"IamRoleArn": "arn:aws:iam::315160724404:role/CloudHSM-FRA-CloudHsmRole-1ZEAT0Z2PB8P",
"Partitions": [],
"RequestId": "2179b6f0-7b5c-11e4-a252-9d68fcf58947",
"SerialNumber": "472673",
"SoftwareVersion": "5.1.0-25",
"SshPublicKey": “…",
"Status": ”RUNNING",
"SubnetId": "subnet-d244b0bb",
"SubscriptionStartDate": "2014-12-04T02:18:56.292Z",
"SubscriptionType": "PRODUCTION",
"VendorName": "SafeNet Inc."
}

32. Provision HSMs
• Look for ENI “CloudHSM Managed Interface, DO
NOT DELETE!” in the description

33. Provisioning HSMs
• Change the ENI security group to the one with the
description “Allows SSH and NTLS from the
public subnet”

34. Initialize the HSM
$cloudhsm -c cloudhsm.conf initialize-hsm -H
arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6 -
-label hsmLabel --cloning-domain cloningDomain --so-
password sopassword
{
"Status": "Initialization of the HSM successful"
}

35. Configure High Availability
• Create an HAPG (high availability partition group)
$ cloudhsm -c cloudhsm.conf create-hapg --group-label
Partition_001
Partition_001
{
"HapgArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hapg-
8e3be050",
"RequestId": "ce3e1b17-7b64-11e4-a252-9d68fcf58947"
}

36. Configure High Availability
• Add the HSMs to the HAPG
cloudhsm -c cloudhsm.conf add-hsm-to-hapg -H
arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6 --
hapg-arn arn:aws:cloudhsm:eu-central-1:315160724404:hapg-
8e3be050 --cloning-domain cloningDomain --partition-password
partitionPassword --so-password sopassword
{
"Status": "Addition of HSM arn:aws:cloudhsm:eu-central-
1:315160724404:hsm-f32462d6 to HAPG arn:aws:cloudhsm:eu-
central-1:315160724404:hapg-8e3be050 successful"
}
(then do it again for the second HSM)

37. Done!
• After this, you are ready to set up custom
software with SafeNet clients, RDS integration,
customer-managed databases, and more.
• Comprehensive documentation available at
http://aws.amazon.com/cloudhsm

38. CloudHSM Pricing and Trials
• HSM provisioned in any region has a $5,000
one-time charge, then metered hourly after that
• There is no “stop” only “terminate”
– We know this is challenging, since re-provisioning will incur
another $5,000 upfront charge
• 30-day trials are available for customers on
premium support
– Access these by opening a case with dev support

39. Conclusion
• HSMs, for basic key storage and bulk crypto,
are available in AWS, if you need them
• They’ll have better performance that on-prem
HSMs, owing to co-location
• CloudHSM (and HSMs in general) aren’t for
everyone
– Customers need trained staff, tight operational practice