A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure crypto processor chips.
They are designed to have very high security, and as such, are used to protect an organization’s most valuable cryptographic keys. Due to their long history, HSMs are also widely trusted by the most security-conscious in the industry.
Hardware security modules, normally referred to as HSMs, have been getting a great deal of attention in the cybersecurity space over the last several years. This recent recognition is well-deserved, as HSMs offer some of the strongest security among any physical devices available to the public.
Challenges
While many enterprises have already invested in HSMs, not all businesses have done the same. There are still many organizations that store cryptographic data and private key material in the cloud, on end-user workstations, or some combination of those places, with only software-level protection. This creates major security vulnerabilities and simply isn’t the recommended approach to cryptographic key management. If this situation sounds familiar to you, an HSM might be just the solution you need.
How can this technology help you?
A hardware security module can be employed in any application that uses digital keys. Typically, the keys would be of high value – meaning there would be a significant, negative impact to the owner of the key if it were compromised.
The functions of an HSM are:
- onboard secure cryptographic key generation
- onboard secure cryptographic key storage, at least for the top level and most sensitive keys, which are often called master keys
- key management
- use of cryptographic and sensitive data material, for example, performing encryption or digital signature functions
- offloading application servers for complete asymmetric and symmetric cryptography.
HSMs are also deployed to manage transparent data encryption keys for databases and keys for storage devices such as disk or tape.
HSMs provide both logical and physical protection of these materials, including cryptographic keys, from disclosure, non-authorized use, and potential adversaries.
HSMs support both symmetric and asymmetric (public-key) cryptography. For some applications, such as certificate authorities and digital signing, the cryptographic material is asymmetric key pairs (and certificates) used in public-key cryptography. With other applications, such as data encryption or financial payment systems, the cryptographic material consists mainly of symmetric keys.
Some HSM systems are also hardware cryptographic accelerators. They usually cannot beat the performance of hardware-only solutions for symmetric key operations. However, with performance ranges from 1 to 10,000 1024-bit RSA signs per second, HSMs can provide significant CPU offload for asymmetric key operations. Since the National Institute of Standards and Technology (NIST) is recommending the use of 2,048-bit RSA keys from year 2010, performance at longer key sizes has become more important. To address this issue, most HSMs now support elliptic curve cryptography (ECC), which delivers stronger encryption with shorter key lengths.
Advantages
If an attacker gains access to your business’s most critical data, like a root certificate or a code signing key, the consequences can be catastrophic. That’s why it’s so essential to store sensitive cryptographic material in hardware security modules.
HSMs are crafted to be the most secure physical devices available to private companies. Virtually all HSMs are FIPS 140-2 certified, normally at Level 2 or Level 3 but sometimes certified at Level 4, the highest tier, for companies that need unparalleled security.
Tamper Resistance
According to FIPS 140-2, the National Institute of Standards and Technology publication that establishes specific standards for hardware security devices, an HSM must use tamper-evident coating or seals in order to receive certification as a Level 2 (or higher) device.
The special coating or seal must be placed on the exterior of the physical device, such that the coating or seal “must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module.” Thus, even if your HSM isn’t stored on-premise, you can be sure that nobody is gaining access to your company’s private key material.
Detailed Access Logs
For an HSM to qualify as a FIPS 140-2 Level 3 certified device, it must contain an “audit mechanism to record modifications, accesses, deletions, and additions of cryptographic data.” This includes attempts to access cryptographic data so you can view unsuccessful attempts of unauthorized users to gain access to the material stored on the HSM, alerting you to attacks.
These 3 characteristics are what make HSMs such a worthwhile investment for securing mission-critical cryptographic data.
PKI environment (CA HSMs)
In PKI environments, the HSMs may be used by certification authorities (CAs) and registration authorities (RAs) to generate, store, and handle asymmetric key pairs. In these cases, there are some fundamental features a device must have, namely:
• Logical and physical high-level protection
• Multi-part user authorization schema
• Full audit and log traces
• Secure key backup
On the other hand, device performance in a PKI environment is generally less important, in both online and offline operations, as Registration Authority procedures represent the performance bottleneck of the infrastructure.
Card payment system HSMs (bank HSMs)
Specialized HSMs are used in the payment card industry. HSMs support both general-purpose functions and specialized functions required to process transactions and comply with industry standards. They normally do not feature a standard API.
Typical applications are transaction authorization and payment card personalization, requiring functions such as:
- verify that a user-entered PIN matches the reference PIN known to the card issuer
- verify credit/debit card transactions by checking card security codes or by performing host processing components of an EMV based transaction in conjunction with an ATM controller or POS terminal
- support a crypto-API with a smart card (such as an EMV)
- re-encrypt a PIN block to send it to another authorization host
- perform secure key management
- support a protocol of POS ATM network management
- support de facto standards of host-host key | data exchange API
- generate and print a “PIN mailer”
- generate data for a magnetic stripe card (PVV, CVV)
- generate a card keyset and support the personalization process for smart cards
The major organizations that produce and maintain standards for HSMs on the banking market are the Payment Card Industry Security Standards Council, ANS X9, and ISO.
SSL connection establishment
Performance-critical applications that have to use HTTPS (SSL/TLS), can benefit from the use of an SSL Acceleration HSM by moving the RSA operations, which typically requires several large integer multiplications, from the host CPU to the HSM device. Typical HSM devices can perform about 1 to 10,000 1024-bit RSA operations/second. Some performance at longer key sizes is becoming increasingly important. To address this issue, some HSMs now support ECC. Specialized HSM devices can reach numbers as high as 20,000 operations per second.
DNSSEC
An increasing number of registries use HSMs to store the key material that is used to sign large zonefiles. OpenDNSSEC is an open-source tool that manages signing DNS zone files.
On January 27, 2007, ICANN and Verisign, with support from the U.S. Department of Commerce, started deploying DNSSEC for DNS root zones.
Cryptocurrency wallet
Cryptocurrency can be stored in a cryptocurrency wallet on an HSM.
Request more information about HSM solutions
Vendors
