OEM Code
To provide a guarantee that the equipment leaving the Dinamo Networks factory arrives at the customer without any alterations or violations that compromise its integrity, a verification scheme using HSM integrity challenge/response is implemented on Dinamo .
The scheme, called OEM Code, works as follows:
- There is a K key maintained by the manufacturer;
- An HMAC will be generated for each HSM with the K key and the HSM's serial number;
- During the manufacturing phase, this HMAC will be stored in a protected memory area of the HSM (outside the operating memory and volatile memory);
- On a separate channel from the HSM transport and preferably non-electronic, the HMAC is sent to the customer;
- When they receive the equipment (and at any time), the customer can display the HMAC (challenge) of the HSM via the console, and then simply compare it with the HMAC they received on a separate channel (response) to certify the integrity of the HSM;
- In the event of a breach, the HMAC is destroyed in the HSM's protected memory, and the firmware will no longer be able to display the information, thus highlighting the breach attempt.