Best price/performance hardware security module

Enhanced Protection for Cryptographic Keys

Secure generation, storage and management of digital keys.

Hardware-Based Cryptographic Toolbox

A comprehensive cryptographic toolbox for hardware-based digital signature generation and verification.

Secure Microsoft Active Directory Certificates

Hardware-backed key to protect digital keys used in a Microsoft-based PKI implementation.

YubiHSM 2

Easy, affordable, and secure HSM solution

  • General Purpose HSM
  • Introduces asymmetric cryptography
  • Windows, Linux, and Mac support
  • USB-A

Enable Hardware-Based Cryptographic Operations

The YubiHSM 2 is a game changing hardware solution for protecting Certificate Authority root keys from being copied by attackers, malware, and malicious insiders. It offers superior cost effective security and easy deployment making it accessible for every organization. It offers a higher level of security for cryptographic digital key generation, storage, and management, for organizations running Microsoft Active Directory Certificate Services.

The YubiHSM 2 features are accessible through Yubico’s Key Storage Provider (KSP) for industry-standard PKCS#11 or Microsoft’s CNG, or via native Windows, Linux and macOS libraries . Its ultra-slim “nano” form factor fits inside a server’s USB port, eliminating the need for bulky additional hardware, and offers flexibility for offline key transfer or backup.

YubiHSM 2 can be used as a comprehensive cryptographic toolbox for a wide range of open source and commercial applications. The most common use case being hardware-based digital signature generation and verification. YubiHSM 2 offers a compelling option for secure generation, storage and management of digital keys including essential capabilities to generate, write, sign, decrypt, hash and wrap keys.

451 Research Paper on YubiHSM

451 Research Report on the YubiHSM 2

“Yubico now offers customers the ability to protect credentials at the front end, as well as the back-end servers that need key protection.”