The journey of building it was interesting in its own right. We set off to build a better HSM (hardware security module). Then we thought we really should add a web service and integrate the whole thing in such a way that anyone can use it within seconds from their laptops. Eventually, we decided that to prove how simple it is to use Enigma Bridge, we should write a few applications.
Just in case you think: why have they decided to do that in the first place? – here’s a blurb.
I have been advising banks on security for quite a few years now and one thing that existing HSMs do not work for the cloud. They just do not. Amazon offers HSMs in their AWS but you basically rent a box (for $20,000 over year 1). Surely, there must be a better way!
HSMs have been used for a long time. Their killer app was an acceleration of secure web (HTTPS). At the time, HSMs were much faster than main server processors for encryption. What HSM also did was that it provided physical protection of encryption keys. Keys can go in but there is no way to extract them. Ever. Banking and other regulated industries started using HSMs to simplify compliance and audits. This compliance model still works because HSMs are evaluated for security by the National Institute of Standards and Technology (NIST) and these evaluations are widely recognized. (The standard NIST uses is called FIPS140-2 and if you really want something worth the money, you should go for devices evaluated on Level 3 = the device will erase secrets when it detects an attack.)
The thing is that HSMs are not really fast anymore. Still, the fact they provide this physical security, a physical boundary, could be a useful “lock and key” for the cloud! We thought we could do something about it. I put some ideas on paper in 2014. I recently looked back at that document and I was surprised. We not only followed the path but basically delivered all I sketched out.
- High-speed cryptography suitable for use in data centers.
- Scalability with fully automatic distribution of keys to an arbitrary number of devices. Transactions are processed regardless of the geographical locations of users.
- Controlled use of customer secrets (keys) – customer has control over its keys through physical tokens. Removal of such tokens will destroy all copies of the secrets (keys) – everywhere.
- Protection of customer secrets – customer keys are stored and used only in trusted and secure hardware – FIPS 140-2 Level 3 certified hardware.
- Detailed billing information about the use of particular secrets/keys on a transaction basis.
We knew what we wanted to build, we talked to a lot of people to verify that it made sense, and we built it.
All good and we thought – cool, it must be easy to sell it once it works! Well, nothing is easy. We realised that a lot of people just did not understand what a “platform” was good for. They needed applications, something tangible, something easy to understand and possibly test. We realised that a new smartphone fingerprint-based authentication (you can show and play with – “wow it shows a green YES and a red NO”) is much more comprehensible than a back-end authentication system that can handle all user logins for a company like Barclays, Lloyds, or Santander.
And why this post right now? Because we are ready to introduce the first tactile demonstration of our Enigma Bridge platform. We have a demonstration video at Vimeo and we have screenshots, and we will publish the service link on Monday.
I almost forgot – EnigmaLink is for private sending of files across computers and smartphones.