Hardware security modules are tamper-resistant and PKCS11 PIN is required to use keys. if a software application wants to perform some cryptographic functions, it should know the PIN. but the application is running in a non-secure environment and storing PINs in this environments is risky. Isn't there a contradiction between storing keys in a tamper-resistant hardware and storing PIN in a non-secure software environment? How this problem can be solved?
Aucun commentaire:
Enregistrer un commentaire