The Private Life of Encryption Keys

No-one tells you that security of your keys starts well before you create them

It is common sense but we tend to look at things in a certain way. We discuss security of cloud platforms, but forget they run on physical processors that had to be designed, manufactured, and initialized.



Payment industry may require hardware security modules (HSM) but they only protect your keys from people using them. What about people who manufactured their processors or network cards.