|
Algorithm
|
Private Key Size (bytes)
|
|
ML-KEM-512
|
1,632
|
|
ML-KEM-768
|
2,400
|
|
ML-KEM-1024
|
3,168
|
|
ML-DSA-44
|
2,560
|
|
ML-DSA-65
|
4,032
|
|
ML-DSA-87
|
4,896
|
Using Key Wrapping to Enable User-Space Applications of PKS
To solve this problem, Power11 introduces a new feature to Platform KeyStore called “Key Wrapping”. With this new feature, partitions can now store hypervisor-protected secrets in their own partition-managed storage locations. These secrets are protected via an AES-GCM-256 symmetric key that is randomly generated by the hypervisor and stored as an object in PKS. This symmetric key object (referred to as a “wrapping key”) has additional policy-based protections that prevent it from ever being exposed directly to the partition. This secure wrapping key object can then be used by the OS to wrap and unwrap partition secrets via two new hypervisor calls. The metadata stored with a wrapped secret contains integrity data computed with AES-GMAC that gets validated during object unwrapping to ensure that the contents of the wrapped secret are not altered by the partition. The individual wrapped secrets also have policy options to enable enforcement of different OS secure boot or PKS states at the time the secret is unwrapped. There is no limit on the number of unique wrapping keys that can be generated by consumers (beyond the total size configured for PKS), and wrapping keys can be generated and removed by the consumer at will. With this new feature, operating systems on Power11 are now equipped to provide hypervisor-backed encryption solutions for customer applications.
Below are two diagrams that illustrate the benefit of using the PKS Wrapping Key mechanism to securely store multiple ML-DSA-87 private keys. Figure 1 shows the PKS storage footprint using direct PKS writes, while Figure 2 shows the PKS and partition managed storage footprints using PKS wrapping operations. Using direct PKS writes, 5 ML-DSA-87 private keys consume almost 20% of the maximum configurable Platform KeyStore storage size. Using PKS wrapping operations, the PKS storage footprint is significantly reduced, and the partition storage footprint equates to a fraction of a penny in enterprise hard drive costs.
Figure 1
Figure 2