Luna HSM Firmware 7.8.0
Luna HSM Firmware 7.8.0 was released in July 2022. It includes bug fixes and updated FIPS compliance requirements. This version is no longer available for download; Thales recommends using Luna HSM Firmware 7.8.1 or newer.
New Features and Enhancements
Luna HSM firmware 7.8.0 includes the following new features and enhancements:
Universal Cloning
Cloning (or migration) of keys and objects between Thales HSMs, has been enhanced as follows.
Updated encryption
Cloning encryption is now ECC-based (formerly RSA) and separates session-key negotiation from the use of session keys for migrating/transfering keys and objects within the security perimeter of the cryptographic module with the following advantages:
>Consolidate HSM resources with secure and transparent exchanges of cryptographic material among mixed authentication modes:
•multifactor quorum-authenticated and
•password-authenticated partitions.
>Transfer keys to an entirely new domain, providing full interoperability between on-premises Luna Network HSM 7 partitions and Luna Cloud HSM services.
Enhanced cipher suite options
Multiple cipher suites are available for cloning.
>Ciphers can be individually enabled or disabled by command.
>The protocol negotiates the strongest common suite enabled on source and target.
Multiple domains
Extended Domain Management widens the scope of key-migration/key-cloning operations, while maintaining the cryptographic module's security perimeter.
>Up to three domains can be associated with a partition.
>Domains can be labeled for ease of management, and the labels can be changed for convenience.
>Password-authenticated cloning domains (text string) and multifactor quorum-authenticated domains (PED key secret) can be mixed on a single partition.
>Keys and objects can be shifted from one domain (that you control) to another (that you control).
Session Key Lifetime Management
>Negotiated sessions have a finite lifetime (minimizing possibility of abuse), while being renegotiated with no burden to your applications.
>Multiple keys/objects can be transferred at one time, from one partition to another without requiring key-negotiation for each transfer (compare with prior behavior).
See Universal Cloning.
HSM SO Can Perform Time Management
The protocol (CPv4) behind universal cloning uses HSM time for session durations and other messaging. Time is also important in logging/auditing.
Time management functions formerly restricted to the Audit role are now available to the HSM SO, simplifying administration.
Clusters and Keyrings
CAUTION! TECHNICAL PREVIEW -- EVALUATION ENVIRONMENT ONLY
Clusters are presented as a technical preview, to give customers the opportunity to validate our new HSM management features, designed to reduce operation cost and maximize the return on investment of a fleet of HSMs. This release does not provide a migration path from standard Luna partitions or Luna Cloud HSM services to keyrings. Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments.
DO NOT INSTALL THE CLUSTER PACKAGE ON A LUNA NETWORK HSM IN PRODUCTION
When the lnh_cluster package is installed, access to any existing partitions on the HSM is disabled, and this can only be reversed by re-imaging the Luna Network HSM 7 appliance (see Re-Imaging the Appliance to Baseline Software/Firmware Versions). Re-imaging is a destructive action; all roles, partitions, and keys are destroyed. The Luna Network HSM 7 must be completely reconfigured; all partitions must be recreated and their contents restored from backup. In particular, do not attempt to configure clustering on a Luna Network HSM 7 that already has V1 partitions created; either delete these partitions or re-image the appliance before configuring a cluster.
Luna Network HSM 7 now allows you to store your cryptographic objects in an encrypted cluster within the appliance memory. This process uses Scalable Key Storage to encrypt the cluster and the SMK is shared with all member HSMs. The cluster contains keyrings, which are analogous to application partitions and can be accessed by a client in much the same way, by connecting to any member appliance. Keys are retrieved from the cluster, decrypted within the secure confines of the HSM, and used by the HSM for cryptographic operations. This configuration allows you to store many more keys than you can normally store within HSM partitions. The management of backup and restore operations is greatly simplified; the HSM administrator can back up the full content of a cluster, at scheduled intervals or on demand.
A cluster can consist of one Luna Network HSM 7 member appliance, or multiple appliances that share the contents of the cluster. Adding multiple members to a cluster improves performance, and provides redundancy and failover for your client applications. Thales recommends a maximum of 4 members per cluster.
Up to 3500 keyrings can be created on the cluster, and each keyring can contain up to 256 objects. Each Luna HSM Client can manage up to 3500 keyrings, which can be spread across multiple clusters.
Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments.
See About the Cluster Administration Guide.
Valid Update Paths
You can update the Luna HSM firmware to version 7.8.0 from the following previous versions:
>7.0.1, 7.0.2, 7.0.3, 7.1.0, 7.2.0, 7.3.0, 7.3.3, 7.4.0, 7.4.1
Advisory Notes
This section highlights important issues you should be aware of before deploying HSM firmware 7.8.0.
Minimum Password Length is Increased to 8 Characters
Luna HSM Firmware 7.7.2 and newer enforces minimum 8-character passwords and challenge secrets, to comply with FIPS requirements. The previous limit was 7 characters. If you were using a 7-character password prior to upgrading the firmware, that password continues to work. Future password changes will use the new 8-character minimum.
If you have an existing HA group whose member partitions use a 7-character password/challenge secret, you must change all members to use a minimum 8-character password before adding a new member that uses Luna HSM Firmware 7.7.2 or newer.
RSA Keygen Mechanism Remapping on Luna 7.7.1 or Newer Partitions Requires Minimum Luna HSM Client 10.4.0
Luna HSM Firmware 7.7.1 or newer partitions that have been individually set to FIPS mode using the new partition policy 43 require Luna HSM Client 10.4.0 or newer to automatically remap older RSA mechanisms as described in RSA Mechanism Remap for FIPS Compliance.
Partition policy to control the use of DigestKey is added
Partition capability/policy 9: Allow DigestKey is added with Luna HSM Firmware 7.8.0; it controls the possibility of final keys being derived outside of the HSM. The policy defaults to OFF, which is the more secure option. Previously, DigestKey was always allowed, and this new policy provides choice for those who do not need the option, as well as for those who do need it.
NOTE Partition Policy 9 is destructive when switched OFF-to-ON, so have any partition contents backed up before you update HSM firmware. After update from any firmware prior to version 7.8.0, if you require this ability, you can switch the policy ON and then restore your material to the partition and resume using your application.
Special Considerations for Luna HSM Firmware 7.7.0 and Newer
Luna HSM Firmware 7.7.0 introduces new capabilities, features, and other significant changes that affect the operation of the HSM. Due to some of these changes, you must be aware of some special considerations before updating to Luna HSM Firmware 7.7.0 or newer. For more information, refer to Special Considerations for Luna HSM Firmware 7.7.0 and Newer before proceeding with the update.
3DES Usage Counter
For Luna HSM Firmware 7.7.0 and newer, triple-DES keys have a usage counter that limits each key instance to encrypting a maximum of 2^16 8-byte blocks of data when the HSM is in FIPS mode (HSM policy 12: Allow non-FIPS algorithms is set to 0). When the counter runs out for a key instance, that key instance can no longer be used for encryption or wrapping or deriving or signing, but can still be used for decrypting and unwrapping and verifying pre-existing objects.
The CKA_BYTES_REMAINING attribute is available when HSM policy 12: Allow non-FIPS algorithms is set to 0, but cannot be viewed if that policy is set to 1.
The attribute is preserved during backup/restore using a Luna Backup HSM 7; restoring puts the counter back to whatever value it had before backup.
The attribute is not preserved through backup/restore using a Luna Backup HSM G5; restoring sets the counter to like-new state (no usage).
FIPS Changes in Luna HSM Firmware 7.7.0 and Newer
New restrictions have been added to some mechanisms when the HSM or partition is in FIPS approved configuration (HSM policy 12: Allow non-FIPS algorithms or partition policy 43: Allow non-FIPS algorithms set to
Mechanisms not permitted to wrap objects in FIPS mode
The following mechanisms are not permitted to wrap objects in FIPS mode (unwrap operations are permitted):
Mechanisms not permitted to sign data in FIPS mode
The following mechanisms are not permitted to sign data in FIPS mode (verify operations are permitted):
Mechanisms approved for use in FIPS mode
The following mechanisms are now approved for use in FIPS mode:
3DES Usage Counter
The attribute is preserved through backup/restore using a Luna Backup HSM 7; restoring the key restores the counter's setting at the time of backup.
The attribute is not preserved through backup/restore using a Luna Backup HSM G5; restoring the key resets the counter to the maximum.
