NetHSM: Bringing Open Source to the World of Hardware Security Modules

by Isabella Leandersson and Virgile Robles on Mar 27th, 2024

Nitrokey is one of the world’s foremost open-source hardware security companies. They develop IT security hardware for data encryption, decryption, and signing, including key and user authentication. After eight years of development, they recently released the first fully open-source Hardware Security Module (HSM): an easy-to-use, highly-secure, and customisable security solution.

Tarides is proud to have played a part in the development of Nitrokey’s HSM solution NetHSM, helping to get the project over the finish line after its initial implementation by Robur and Nitrokey. We value the benefits of open-source, which for NetHSM include customisability, vendor independence, and backdoor checking. Having an open-source option changes the landscape of hardware security and gives users greater choice and more robust security guarantees.

Why Use an HSM?

HSMs are physical devices that are used for managing secrets, such as digital keys and other sensitive data, and for cryptography including decryption and signing. HSMs are used in many industries for use cases where security is paramount, including in banking, engineering, chemistry, blockchain, etc. For example, one way to use an HSM is as part of a Public Key Infrastructure (PKI), where it generates, stores, and manages asymmetric keys to sign messages and verify signatures. When keys are mapped to identities, this infrastructure can be used to control access to sensitive resources or secure internal communications.

While general-purpose computers are technically capable of performing the same operations as HSMs, using an HSM has its advantages. By separating all security operations from others into a dedicated device, it is much easier to build and audit defences against tampering, and in general audit usage logs for misuse. In some cases, having a physical HSM also opens up the possibility of specialised acceleration hardware for cryptographic operations, enabling the processing of requests in bulk very efficiently compared to general-purpose hardware.

What Makes NetHSM Stand Out?

NetHSM comes with more benefits than general-purpose HSMs, combining several additional features into a powerful security solution. Some of these include:

  • High Performance and Scalability: One NetHSM alone can handle thousands of cryptographic key operations per second, and due to their statelessness, several NetHSM devices can be clustered together to enable extremely high throughput and availability.
  • Memory- and Type-Safe Programming Language: NetHSM is mostly implemented in OCaml, a type- and memory-safe programming language. The main system at all levels – including the TCP/IP, HTTP, TLS, and application stack – is completely written in OCaml from scratch. The implication is that many security vulnerabilities are eliminated, thanks to the secure-by-design principles of OCaml.
  • Transparency: NetHSM's source code is available for anyone to read in its open-source repository. Easy access to the code means that the system's implementation can be independently audited for the absence of back doors and security flaws by users. Even if you're just curious, you can look at the repo and discover how the system and its features are implemented.
  • Easy to Use: NetHSM is easily managed via a convenient command-line interface, and client systems can integrate the REST API using the SDKs available in 35 programming languages or use the PKCS#11 module. For a quick, pain-free, start, users can access the free NetHSM service or run it as a container. Due to being open-source all tools, drivers, and documentation are publicly available to users.
  • Small Attack Vector: NetHSM is based on MirageOS unikernel technology, that combines operating system and application into a uniquely tailored firmware that contains no unnecessary code. As a result, NetHSM achieves a very small overall system size (around 30 MB) which constitutes a minimal attack vector making it significantly more challenging for bad actors to target.

MirageOS and OCaml Make a Big Difference

Nitrokey chose to develop NetHSM using OCaml and MirageOS. As previously mentioned, OCaml is a type- and memory-safe language with strong security features. In fact, the language’s design entirely eliminates the risk of the most common cyber attacks. OCaml’s safety record, combined with its growing open-source community, optimised workflows, tools, and performance is a great choice for a groundbreaking project such as NetHSM.

In addition, the library operating system MirageOS leverages the strengths of OCaml to construct secure, high-performance unikernels. At its lowest level, NetHSM runs the Muen separation kernel which securely hosts multiple independent components. Muen is a kernel that has been formally verified (using mathematical guarantees) that it does not contain any runtime errors.

The core component running within Muen is ‘Keyfender’, a MirageOS unikernel with a critical role. Keyfender provides the HTTP endpoints to the NetHSM API, and performs requests made to that endpoint. All cryptographic operations are performed in this unikernel and it is the only component with decrypted access to key stores. Consequently, the security of this component is of paramount importance, which is why Nitrokey chose to use MirageOS and OCaml. Furthermore, the code performing the cryptographic operations themselves, particularly elliptic curves operations, is derived from the fiat-crypto project, which generates cryptographic primitives that are formally proved for functional correctness.

How We Helped

Tarides joined the project mid 2022 to help get the project to the finish line. We fixed some remaining issues with networking and endpoint interfaces, and added caching for performance and improvements to the test suite. We also did a lot of general maintenance work, ironing out small issues before release. Robur did the lion’s share of the initial work designing and building Keyfender. If you would like to discover more, the software is (of course) open-source and can be found on the NetHSM GitHub repository.

Until Next Time!

Ensuring cybersecurity and protecting sensitive data is crucial for the functioning of several industries in our modern world. Without the guarantees of HSM devices, including secure key management and tamper-resistant storage, users’ personal and sensitive information would be at risk. With NetHSM, information is safeguarded above and beyond what other solutions offer. The open-source solution allows for backdoor checking, and MirageOS, Muen, and OCaml add their own layers of protection.

Check out Nitrokey’s blog post to discover more about how you can use NetHSM in your own projects and for your business. At Tarides, we value working with partners who prioritise open-source, secure, and high-quality solutions just like we do and we are proud to bring our expertise to projects like NetHSM.

You can stay up-to-date with Tarides on X (formerly known as Twitter) and LinkedIn, and contact us on our website for more information or for help with your projects!