A Hardware Security Module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. HSMs are hardened, tamper-resistant hardware devices that strengthen encryption practices by generating keys, encrypting and decrypting data, and creating and verifying digital signatures. Some hardware security modules (HSMs) are certified at various FIPS 140-2 Levels.
HSMs traditionally come in the form of a plug-in card (SAM/SIM card) or an external device that attaches directly to a computer or network server.
HSMs may have features that provide tamper evidence such as visible signs of tampering or logging and alerting, or tamper resistance which makes tampering difficult without making the HSM inoperable, or tamper responsiveness such as deleting keys upon tamper detection. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing, or a combination of chips in a module that is protected by the tamper evident, tamper resistant, or tamper responsive packaging.
A vast majority of existing HSMs are designed mainly to manage secret keys. Many HSM systems have means to securely back up the keys they handle outside of the HSM. Keys may be backed up in wrapped form and stored on a computer disk or other media, or externally using a secure portable device like a smart card or some other security token.
Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure (PKI) or online banking application, HSMs can typically be clustered for high availability and performance. Some HSMs feature dual power supplies and field replaceable components such as cooling fans to conform to the high-availability requirements of data center environments and to enable business continuity.
Functions supported by HSMs include:
- Life-cycle management of cryptographic keys used to lock and unlock access to digitized information. Remember that the privacy strength
of encrypted information is determined by the sophistication of the encryption algorithm and the security of the cryptographic keys. The
most sophisticated encryption algorithm is compromised by weak cryptographic key security. Life-cycle management of cryptographic
keys includes generation, distribution, rotation, storage, termination, and archival.
- Cryptographic processing which produces the dual benefits of isolating and offloading cryptographic processing from application servers.
In use since the early 1990’s, HSMs are available in two forms:
- Standalone network-attached appliances, and
- Hardware cards that plug into existing network-attached systems.
As the use of encryption to protect the confidentiality of digitized information has increased, partially driven by governmental regulations
(e.g., eIDAS (electronic IDentification, Authentication and trust Services) for electronic transactions in the European Market, General Data
Protection Regulation (GDPR) for the collection and processing of personal information, and Health Insurance Portability and Accountability Act (HIPAA)
in the secure transport of heath information over the Internet) and industry mandates (e.g., Payment Card Industry Data Security Standard,
Requirements 3 and 4).