HSM or Java Keystore?
The encrypted password hash and the end-to-end encryption feature allow to either use a 'Java Keystore' or an 'HSM Keystore'. To achieve the best security guarantees, use an HSM. This provides, e.g., the following advantage:
- Keys are not stored on the IAM machine.
- In case the database with the encrypted data (e.g. the password hashes) and the the IAM hard disk are stolen, the adversary does not obtain the encryption key and is thus unable to encrypt the data.
- If a Java Key Store were used, the encryption key would be leaked to the adversary in this scenario, allowing her to decrypt.
Restrict access to HSM configuration files on the IAM machine
These files should be read only for all users, and writable only by root.
Selecting Encryption Algorithms
Consider the algorithms supported by the HSM used, and choose an algorithm according to current best practices.
In the password hash encryption use case, our tests were made with the algorithm 'AES/ECB/PKCS5Padding'. Consider using, e.g., AES in GCM mode if available.
HSM Setup and Connection
Follow the best practices as provided by your HSM manufacturer for both the HSM setup and establishing secure connections to the HSM.