Hardware Security Module (HSM)

A Hardware Security Module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. HSMs are hardened, tamper-resistant hardware devices that strengthen encryption practices by generating keys, encrypting and decrypting data, and creating and verifying digital signatures. Some hardware security modules (HSMs) are certified at various FIPS 140-2 Levels.

HSMs traditionally come in the form of a plug-in card (SAM/SIM card) or an external device that attaches directly to a computer or network server.

HSMs may have features that provide tamper evidence such as visible signs of tampering or logging and alerting, or tamper resistance which makes tampering difficult without making the HSM inoperable, or tamper responsiveness such as deleting keys upon tamper detection. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing, or a combination of chips in a module that is protected by the tamper evident, tamper resistant, or tamper responsive packaging.

A vast majority of existing HSMs are designed mainly to manage secret keys. Many HSM systems have means to securely back up the keys they handle outside of the HSM. Keys may be backed up in wrapped form and stored on a computer disk or other media, or externally using a secure portable device like a smart card or some other security token.

Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure (PKI) or online banking application, HSMs can typically be clustered for high availability and performance. Some HSMs feature dual power supplies and field replaceable components such as cooling fans to conform to the high-availability requirements of data center environments and to enable business continuity.

Functions supported by HSMs include:

• Life-cycle management of cryptographic keys used to lock and unlock access to digitized information. Remember that the privacy strength
  of encrypted information is determined by the sophistication of the encryption algorithm and the security of the cryptographic keys. The
  most sophisticated encryption algorithm is compromised by weak cryptographic key security. Life-cycle management of cryptographic
  keys includes generation, distribution, rotation, storage, termination, and archival.
• Cryptographic processing which produces the dual benefits of isolating and offloading cryptographic processing from application servers.

In use since the early 1990’s, HSMs are available in two forms:

• Standalone network-attached appliances, and
• Hardware cards that plug into existing network-attached systems.

As the use of encryption to protect the confidentiality of digitized information has increased, partially driven by governmental regulations
(e.g., eIDAS (electronic IDentification, Authentication and trust Services) for electronic transactions in the European Market, General Data
Protection Regulation (GDPR) for the collection and processing of personal information, and Health Insurance Portability and Accountability Act (HIPAA)
in the secure transport of heath information over the Internet) and industry mandates (e.g., Payment Card Industry Data Security Standard,
Requirements 3 and 4).

History

The hardware security module (HSM), a type of secure cryptoprocessor, was invented by Egyptian-American engineer Mohamed M. Atalla, in 1972. He invented a high security module dubbed the “Atalla Box” which encrypted PIN and ATM messages, and protected offline devices with an un-guessable PIN-generating key. In 1972, he filed a patent for the device. He founded Atalla Corporation (now Utimaco Atalla) that year, and commercialized the “Atalla Box” the following year, officially as the Identikey system. It was a card reader and customer identification system, consisting of a card reader console, two customer PIN pads, intelligent controller and built-in electronic interface package. It allowed the customer to type in a secret code, which is transformed by the device, using a microprocessor, into another code for the teller. During a transaction, the customer’s account number was read by the card reader. It was a success, and led to the wide use of high security modules.

Fearful that Atalla would dominate the market, banks and credit card companies began working on an international standard in the 1970s. The IBM 3624, launched in the late 1970s, adopted a similar PIN verification process to the earlier Atalla system. Atalla was an early competitor to IBM in the banking security market.

At the National Association of Mutual Savings Banks (NAMSB) conference in January 1976, Atalla unveiled an upgrade to its Identikey system, called the Interchange Identikey. It added the capabilities of processing online transactions and dealing with network security. Designed with the focus of taking bank transactions online, the Identikey system was extended to shared-facility operations. It was consistent and compatible with various switching networks, and was capable of resetting itself electronically to any one of 64,000 irreversible nonlinear algorithms as directed by card data information. The Interchange Identikey device was released in March 1976. Later in 1979, Atalla introduced the first network security processor (NSP). Atalla’s HSM products protect 250 million card transactions every day as of 2013, and secure the majority of the world’s ATM transactions as of 2014.