Hardware Security Module

A hardware security module (HSM) is a type of secure cryptoprocessor targeted at managing digital keys, accelerating cryptoprocesses in terms of digital signings/second and for providing strong authentication to access critical keys for server applications. These modules are physical devices that traditionally come in the form of a plug-in card or an external TCP/IP security device that can be attached directly to the server or general purpose computer. Modules are also deployed in the form of network HSMs to manage Transparent Data Encryption keys associated with some databases.

The goals of an HSM are (a) onboard secure generation, (b) onboard secure storage, (c) use of cryptographic and sensitive data material, (d) offloading application servers for complete asymmetric and symmetric cryptography. HSMs provide both logical and physical protection of these materials from non-authorized use and potential adversaries. In short, they protect high-value cryptographic keys.

The cryptographic material handled by most HSMs are asymmetric key pairs (and certificates) used in public-key cryptography. Some HSMs can also handle symmetric keys and other arbitrary data.

Many HSM systems have means to securely backup the keys they handle either in a wrapped form via the computer's operating system or externally using a smartcard or some other security token. HSMs should never allow for secrets' exportation in plaintext form, even when migrating between HSMs or performing backup operations.

Some HSM systems are also hardware cryptographic accelerators. They usually cannot beat the performance of software-only solutions for symmetric key operations. However, with performances ranges from 1 to 7,000 1024-bit RSA signs/second, HSM's can provide significant CPU offload for asymmetric key operations. Since NIST is recommending the use of 2,048 bit RSA keys from year 2010, performance at longer key sizes is becoming increasingly important.

Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure or online banking application, HSMs can typically be clustered for high availability. Some HSMs feature dual power supplies to enable business continuity.

A few of the HSMs available in the market have the ability to execute specially developed execution modules within the HSM's secure enclosure such as Thales CodeSafe Technology. Such ability is useful, for example, in cases where special algorithms or business logic has to be executed in a secured and controlled environment. The execution modules can be developed in native C language, in .NET, Java or other programming languages. While providing the benefit securing application-specific code, these execution engines confuse the status of an HSM's FIPS or Common Criteria validation status.