HSM explained

Cryptography relies heavily on confidentiality of its private keys . A HSM (Hardware security module) is a physical computing hardware used for secure key storage, key management and cryptographic operations.

HSM vendors have designed HSM in various form factors ranging from nano-form with USB interface, network appliance, PCI extension card, to HSM cloud as a service.

Applications and use-cases

• Public key infrastructure: HSM are used to securely store Certificate authority (CA) private key and also sign certificates.
• Web servers and clients (browsers) use Transport layer security (TLS) to form a secure channel called HTTPS. Servers offload security-sensitive computations to HSM when performing a TLS handshake with the client.
• Secure manufacturing is necessary to prevent counterfeit devices. OEM utilize HSM for key generation, injecting keys and certificates in every genuine device to grant them a unique identity.
• Code signing: A software publisher can distribute binaries over the without the risk of tampering. Code signing employs software vendor’s private key to generate the code signing certificate. The software vendor securely stores its private key in a HSM.

HSM system architecture

The HSM consist of a secure processor with secure volatile memory and non-volatile memory (NVM), cryptographic primitives, True Random number generator (TRNG) and various peripherals (USBD, I2C, SPI, GPIO).

HSM Block diagram

Cryptographic API for HSM

Users can interact with HSM through a Command-line interface (CLI) or a Graphical user Interface. An application uses a Cryptographic Application Programming Interface (API) to interface and performs key management and cryptographic functions on HSM. There are a few industry-standard API interfaces for HSM

• Public key Cryptographic standard token interface (PKCS #11)
• Java Cryptographic Extension (JCE) API
• Microsoft CNG

There are three types of API functions

• Key Management API: Using this API, the application can execute key management functions such as key transport, key backup and restore.
• Command API: The application employs this API to run cryptographic primitive operations, key generation functions.
• User Management API: The application uses this API to create users and manage their access rights.

Validation of the HSM security levels

HSM vendors typically use two international standards to benchmark and validate the security level of their HSM products.

• FIPS (Federal Information Processing Standard) 140–2
• CC (Common Criteria)

Conclusion

This article explains the use-case, architecture, and cryptographic API for HSM.