I4P BLOG

Types of HSMs

Now that we have covered what HSMs are and what features they offer, let’s take a look at the different types of HSMs!

There are two main types of HSM modules: Payment HSMs designed for payment and transaction purposes and general purpose HSMs to generate, store and manage keys; encrypt and decrypt data, and create and verify digital signatures.

HSM modules can be used on-premise and remotely. Most of the significant cloud providers offer cloud-based HSM services that enable organizations to generate and use their own encryption keys in the cloud infrastructure.  While this way has its own advantages, there might be performance issues and latency issues. With proper support, it is easier and safer to maintain your own solution.

Some HSM modules offer special features that can be utilized by QTSPs. For example, the Trident HSM meets the requirements of eIDAS, the regulation of the European Parliament and the Council that specifies the conditions and requirements for electronic identification and trust services for electronic transactions in the internal market. This means that QTSPs can run their qualified electronic signatures based on the Trident HSM.

i4p_ebook_icons_3

There are special options on the HSM market for organizations that need an extra high level of security. For example, Trident HSM offers a special Secure Multi-Party Computation capability. This enables companies to organize multiple HSM devices into a distributed cluster and manage (generate, store, use, delete) its cryptographic keys in a truly distributed way within the cluster. This means that the key material cannot be identified independently on any of the devices, so even if one or even two of them is compromised in any way, the information obtained is worthless. 

The effectiveness and reliability of HSMs is verified by international security certificates, so the owners of the HSM can rest assured that their data and processes are protected by proven methods and technologies. The two most common certifications are FIPS 140-2 and Common Criteria. FIPS 140-2 is mandated in the US for many federal agencies using cryptographic-based security systems to protect sensitive information in computer and telecommunication systems. On the other hand, in many European countries, Common Criteria certifications are required in such cases. Many public organizations are not obliged to use solutions with such certifications, but choose to do so anyway, in order to ensure the security and reliability of the purchased product. Find out more about the differences between the two most common certifications from our whitepaper ‘Standards and certifications for HSM devices‘.

To learn more about the topic, download our free ebook: Why every company needs HSM.

Share this POST

blog POSTS

SSCD certification for Trident HSM

Trident HSM has received the SSCD certification that confirms that our solution is suitable for creating qualified electronic signatures and qualified electronic seals, in „local use mode” as well.

Read more..

Address:
HU-1125 Budapest,
Fogaskerekű utca 4-6.

Phone: +36 1 700 1200
Email: info@i4p.com
Website: https://www.i4p.com

Follow us!

blog posts

25 Oct: SSCD certification for Trident HSM

Trident HSM has received the SSCD certification that confirms that our solution is suitable for creating qualified electronic signatures and qualified electronic seals, in „local use mode” as well.

recent NEWS

A client has specifically asked for it, so we made a delta certification and Trident HSM has received also SSCD certificate for its "local use-case". This is how we work, we listen to our valued customers and and try hard to introduce the features they as…https://lnkd.in/dgbiW39Y

Interesting article, although it states that "off-the-shelf key management products like HSMs don't support the algorithm that you need for multi-party computation” even though there is one HSM that does support multi-party computation: the Common Criteri…https://lnkd.in/dw8bJkMd

Get your free ebook:

Why every company needs HSM modules?

Download this ebook to find out:

  • What is a Hardware Security Module (HSM)?
  • Why do you need an HSM?
  • Why is an HSM beneficial for your company?
  • What type of HSMs are available and what are they useful for?
  • How do you choose the right HSM for your organization?
  • How do you deploy and use an HSM?