Following twelve rigorous weeks, during which 25 students dedicated themselves to 1,250 development days, the cyber security development project reached completion on 19.06. In cooperation with Mannheim University of Applied Sciences, Hardware Security Modules (HSMs) were implemented on various operating systems.
What is a hardware security module?
A hardware security module is a specialized hardware device (part) designed for the secure management and storage of cryptographic keys. HSMs offer a high level of security and can perform cryptographic operations such as encryption, decryption, signature generation, verification, key generation, and management. These HSMs are often found in a separate hardware area on more modern end devices.
Five teams, one task
Five teams have developed innovative solutions on five different platforms. These included MacOS/iOS, Google Android TEE/SE, Network Key Storage, Samsung Knox and USB dongles. In addition to iteratively developing a prototype further according to SCRUM methods, each team should prepare a risk analysis and comprehensive documentation. In between, each development underwent an external pentest. The biggest security gaps were identified during the pentest and rectified by the students during the project. Integration into a crypto abstraction layer concluded the CEP.
The winning team impressed with its high quality
The Google Android Team NetWatch implemented the requirements particularly well, taking first place with its outstanding performance. At the final presentation on June 19 at the Mannheim University of Applied Sciences, the students impressed with their coding, confident presentation and clear documentation. Congratulations to: Ahmed Bada, Mark Beck, Hannes Heck, Marko Nikolic and Pietro Orazio. All solutions developed are open source and can be viewed at this link.
What happens next?
With the integrated HSMs, enmeshed will be able to securely generate and read keys on end devices in the future. An HSM’s isolated and protected environment significantly reduces the risk of stolen or compromised keys. The next steps are to extend the program to other operating systems and to improve the implementations submitted by the students.
We would like to thank all participating students for their hard work and remarkable contributions. Special thanks also go to Prof. Smits and Prof. Föller-Nord for their support and the opportunity to work together.