Also, closed-source hardware HSMs are blackboxes that are fundamentally paranoia-inducing. There's no reason to trust that the vendor, supply chain and/or manufacturers didn't backdoor them or introduce other attack surfaces. The only way to trust an implementation is decap a sample of ASICs and match features against masks you generated... from sources you trust (whether open source or yours).
If it's a black box, there's no way to trust it (all modern CPUs, N/S-bridge, memory, flash (ssd), hd controllers, on and on.)
Conclusion: We need more open-source hardware that is production-quality (BSD licensed)! This would be very expensive in terms of people time, but it's necessary move since corporations can't be trusted.
Not necessarily. Organisations which wish to cooperate with the government (and they are legion) may still consider RSA. Though one wonders if NSA advised government organisations to avoid RSA. Hmmm.
Also, closed-source hardware HSMs are blackboxes that are fundamentally paranoia-inducing. There's no reason to trust that the vendor, supply chain and/or manufacturers didn't backdoor them or introduce other attack surfaces. The only way to trust an implementation is decap a sample of ASICs and match features against masks you generated... from sources you trust (whether open source or yours).
If it's a black box, there's no way to trust it (all modern CPUs, N/S-bridge, memory, flash (ssd), hd controllers, on and on.)
Conclusion: We need more open-source hardware that is production-quality (BSD licensed)! This would be very expensive in terms of people time, but it's necessary move since corporations can't be trusted.