YubiHSM acting as an oracle

2015-06-15T02:57:06+01:00

I'm trying to find out if I can have a YubiHSM act as an oracle - that is, I set some secret key on the YubiHSM, then I pass the HSM a value for encryption (or decryption) and I get back the encrypted (or decrypted) result. For example, after initializing the YubiHSM with a secret key, I might do something like this:

Code:

encrypted_value = yubihsm_encrypt(plaintext_to_protect)
decrypted_plaintext = yubihsm_decrypt(encrypted_data)

Is this something I can do, preferably in C/C++, or is the best I can do have the YubiHSM act as storage for the secret keys?

Statistics: Posted by jgoguen — Mon Jun 15, 2015 2:57 am

Yubico Forum

YubiHSM acting as an oracle