The Linux Crypto API which provides potentially hardware accelerated cryptographic services to the Linux kernel and user space programs running under it, has a little known but extremely useful feature hidden away in the bowls of this under documented mechanism: the ability to perform cryptographic operations with keys which are locked away in a hardware vault and are not accessible for reading by software running on the main CPU.

This feature, introduced silently (possibly too silently) by IBM for use with their s390 mainframes in 2016, has since been adopted for use in embedded systems by the author when compatible hardware is present and has the potential to provide a critical layer of security for secret keys in these complicated times haunted by the spectre of speculative execution side channel attacks.

The presentation will explain the feature in depth, explain how to tell if your system of choice supports it, show case how to use the feature and some of the gotchas involved.