Hardware Security Module (HSM)

Apart from more popular solutions, such as IDS, IPS, firewall, and VPN, there is a less well-known, but extremely important component for secure data processing called a Hardware Security Module (HSM).

It is a hardware-based cryptographic device that generates, stores, and protects cryptographic keys. Some HMSs also act as hardware accelerators for these types of operations.

They are generally physical devices that are separate from user computers or company servers and specifically designed to safeguard cryptographic keys throughout their life cycle. HSMs are integrated into encrypted infrastructures of many of the world’s most security-sensitive companies, where they manage, process, and store secret keys within robust, tamper-resistant devices.

Companies use HSMs to protect transactions, identities, and applications, since they offer encryption, decryption, authentication, and digital signatures for a wide variety of applications.

Acting as a peripheral device, an HSM generates secure data (protected by public key cryptography or PKI) for long-term access and can also provide physical protection.

The role of HSMs is to provide secure storage of PKI certificates which constitute sensitive data in this technology. Therefore, they ensure a very high level of security as long as certain policies are followed which basically state that the protected keys are completely secure if they are generated within the device’s hardware. When keys generated outside of the HSM are imported, they might leak.

HSM Cryptoprocessor

A cryptoprocessor is a fundamental component of any HSM. It is a processor designed specifically for management and generation of cryptographic keys.

The main difference between a processor of this type and a normal one is that the former has specific internal instructions for managing cryptographic keys, making it much more efficient in generating keys. This is one of the principal advantages of implementing hardware-based functions.

A cryptoprocessor also guarantees that key processing occurs entirely within the HSM and no unencrypted information ever leaves the device. Some of the security measures usually implemented in such devices are:

• Tamper detection and response
• Conductive shield layers to prevent capture of internal device signals
• Controlled execution to prevent timing delays that could reveal secret information
• Automatically erasing the device when tampering is detected
• Authenticating the operating system or applications by controlling their execution based on a chain of trust

HSM Forms and Groups

An HSM can be said to be both an electronic safe and a cryptographic engine, so these devices can have different forms, including network cabinets, USB drives, or PCI/PCI-e cards.

HSMs are not just local peripheral devices, they are connected to the network to protect materials located in several interconnected systems.

Regardless of the form, they all have two specific functions: protecting the secret components they store and accelerating the cryptographic operations they perform.

HSMs can be divided into two main groups according to their functionality: general-purpose HSMs and payment HSMs.

General-purpose HSMs use a standard cryptographic interface, usually PKCS#11, although they can also support other interfaces such as JAVA and XML.

In addition to the functions of general-purpose HSMs, payment HSMs have customization options that allow them to comply with the standards commonly used in electronic financial transaction solutions, including certain ANSI and ISO standards (X.9, X.17), industry-specific regulations (DUKPT, Base 24), and regional banking regulations (AMB).

Benefits and Applications

HSMs provide hardware security for business-critical applications such as databases or web servers by:

• Enhancing the security of applications
• Cutting the costs of regulatory compliance
• Simplifying key management for digital signatures and encryption
• Complying with standards and regulations
• Improving availability, scalability, and administration for reliable, proactive cryptographic key management

In particular, HSMs are used practically anonymously in many different everyday operations:

• When a card is used to make a purchase, the transaction identifier is encrypted and decrypted several times by a payment HSM
• Several HSMs are involved in every interbank network transaction
• An HSM is involved when a certificate authority signs a certificate revocation list or issues a certificate
• When a car passes through an electronic toll collection system on a highway or a ship transits the Panama Canal, an HSM processes the transaction

HSM Security Standards

Standards have been introduced that define different levels of security ensured by HSMs, namely, the Federal Information Processing Standard (FIPS, or its current version FIPS-2) developed by the National Institute of Standards and Technology (NIST) to establish the levels of security offered by this type of cryptographic device.

This standard specifies requirements for the use of cryptographic devices by government agencies or contractors and establishes four different levels of security for validating HSMs.

The general requirements for each of the established levels are as follows:

• Level 1: This is the level of security of any general-purpose PC with an encryption board. There are no physical security requirements beyond the use of a recognized cryptographic algorithm and security function at this level.
• Level 2: This level builds on the previous one by adding the requirement for physical security mechanisms that provide tamper detection to identify potential unauthorized access to the managed keys. These mechanisms must be in the form of seals that must be broken to access the device that stores plaintext cryptographic keys and critical security parameters (the parameters stored in cryptoprocessor logs and used to generate the keys).
• Level 3: In addition to the requirements of level 2, the device must not only detect unauthorized access, but also respond to such access to, use, or modification of the module. The device should be able to detect when it is being opened and automatically erase critical security parameters, making it unusable and ensuring confidentiality of the stored keys.
• Level 4: This level also builds on the previous ones by adding new requirements to them. Here, apart from detecting unauthorized physical access, the module must be able to detect environmental conditions, such as humidity, temperature, or voltage, that might affect its normal operation. In this way, it can be ensured that the security of the information stored in the module will not be compromised.

Any HSM that manages cryptographic keys for PKI must be certified at FIPS-2 level 3 or higher.

In conclusion, security of information systems is a vital concern in today’s world, and cryptographic mechanisms are generally used for protection and storage of cryptographic keys and digital signatures. A smart way to implement this is through hardware with an HSM as an essential component of a secure data processing scheme.