PALO ALTO, CA, APRIL 8, 2015 – Yubico, the leading provider of simple and open online identity protection, today announced the launch of YubiHSM 1.5. At the size of a thumbnail, the YubiHSM protects authentication secrets on a standard server.
Yubico’s new YubiHSM enables an easy, affordable way of protecting encryption secrets and passwords stored on an authentication server. The product protects sensitive data against remotely conducted intrusion attacks and internal threats, such as employees attempting to copy secrets.
The module is configured by default to support the Yubico One-Time Password validation, but can be configured to handle AES encryption/decryption, secure comparison of decrypted data or HMAC-SHA1 validation with the key stored on the YubiHSM.
“Two major attack vectors for data breaches are passwords and servers, Yubico offers protection for both,” said Stina Ehrensvard, CEO and Founder, Yubico. “The YubiHSM 1.5 sits inside the USB-port of a standard server; protecting cryptographic secrets in an easy and affordable way.”
The YubiHSM is successfully deployed by hundreds by organizations around the world, including leading Internet companies, U.S. Department of Defense contractors and the Swedish data encryption company StoredSafe.
“StoredSafe is designed to store your most sensitive information, that’s why we require two-factor authentication with YubiKeys,” said Fredrik Söderblom, CEO, StoredSafe. “To further improve security, we incorporated YubiHSM in the platform to store cryptographic keys for all YubiKey hardware devices. This provides an excellent YubiKey authentication server and enables our customers to be independent of the internet and networking services when in need of access to critical data.”
Core Features of YubiHSM 1.5 include:
- Small form factor, measuring 10mm x 11mm x3mm
- Works with any standard USB port, across multiple operating systems including Linux and Windows.
- Offers encryption with a Message Authentication Code (MAC), HMAC-SHA1 hashing, AES encryption/decryption, and cryptographic True Random Number Generation.
- Provides a physically isolated environment for cryptographic processing.
- Has no moving parts and requires no additional maintenance once installed.
- Capable of supporting any counter-based OTP protocol including Yubico OTP and OATH-HOTP authentication.
- Works with Yubico Validation Server.
- Extremely low power consumption.
As the inventors of the YubiKey®, Yubico sets new world standards for secure login across the Internet. Our unique USB and NFC key offers one-touch strong authentication supporting multiple authentication protocols for all devices and platforms — with no driver or client software needed. With successful enterprise deployments in 146 countries, including 8 of the top 10 Internet companies, Yubico is adding the consumer market to its list of strong authentication converts. Founded in 2007, Yubico is privately held with offices in Palo Alto, Calif., Stockholm, and London. For more information, please visit www.yubico.com.
Yubico Public Relations