Hardware Security Module
A Hardware Security Module (HSM) is a physical device used to securely generate, store and manage digital keys, ensuring that sensitive information – such as cryptographic artifacts, authentication credentials, and digital signatures – remain protected from unauthorized access and modification. These devices are typically tamper-resistant, designed to safeguard against both physical and cyber attacks, and are critical in industries where data security is paramount, such as financial services, healthcare and government institutions.
Hardware Security Module Definition
What is a Hardware Security Module (HSM)? A Hardware Security Module is a physical device for securely generating, storing and managing cryptographic keys used for critical functions. They are typically employed to provide strong security for sensitive data, such as trade secrets and intellectual property, primarily for encryption and decryption, but can also be used for strong authentication of applications, databases and services.
HSM usage and implementation varies widely, and can be standalone air-gapped devices, embedded in other external devices such as smart cards, USB tokens and IoT devices, connected to a network server or even offered as a cloud service.
Enterprises generally deploy an HSM to securely isolate cryptographic operations from everyday activities, ensuring that sensitive tasks like identity management, transaction security, and application protection are handled in a controlled environment. By using an HSM, companies can enforce strict access controls, such as for the purposes of managing encryption keys or executing digital signatures, thereby mitigating security risks and maintaining operational integrity with high security and compliance, especially in industries where data protection is critical.
Hardware Security Module (HSM) FAQs
How Does a Hardware Security Module Work?
Although it is imperative to secure cryptographic keys, managing their lifecycle presents challenges in practice. An HSM can simplify and help alleviate the difficulties across all aspects of the cryptographic key lifecycle:
- Provisioning. An HSM can generate cryptographic keys, ensuring they are securely created within a tamper-resistant environment.
- Backup and key storage.To safeguard against loss, an HSM is able to backup digital keys and securely store them onboard.
- Deployment. Once keys are generated, backed up or stored, they can be deployed or securely transported from the HSM to a downstream computing or another cryptographic device, ready for use in secure operations. In most instances, the keys themselves remain on device, and only the derived outputs (such as digital signatures or encrypted artifacts) are provided by the HSM so there is no leakage of critical cryptographic information.
- Management. Encryption key management is often governed by internal policies and industry standards, ensuring keys retain their integrity and are monitored effectively. This includes key rotation and replacing expiring keys with new ones – both of which are made easier with functions and tools included onboard a HSM.
- Archiving. Decommissioned keys can be securely archived for long-term storage, ensuring they remain accessible in case they are needed to decrypt historical data.
- Disposal. When no longer required, keys can be permanently and securely destroyed to ensure they cannot be misused in the future.
Hardware security module architecture often incorporates tamper-proof features to help detect and resist attacks. For example, hardware security modules may produce alerts and periodic logs using sensors, be encased in physically hardened enclosures, include tamper-evident seals, and protect internal components using fine mesh. In the event tampering is detected, an HSM may trigger a self-destruct mechanism, break electric circuits, delete specific keys or become completely inoperable to ensure that any sensitive information remains secure. This is a critical feature that ensures attackers are unable to extract valuable data, even if they have gained physical access to the device.
Why Hardware Security is Important
Hardware security is crucial because it provides a physical layer of protection that complements software security measures. While software security can defend against many types of cyberattacks, it is vulnerable to certain threats, like malware, tampering, or exploitation of software vulnerabilities. Hardware security, such as through an HSM, ensures that sensitive operations, like encryption or key management, are conducted in a secure, tamper-resistant environment where such attacks are ineffective or unable to be staged. This separation also adds a vital defense against attacks that target system integrity at a lower level, such as physical breaches, providing a robust safeguard even if hardware defenses are compromised.
Why Use a Hardware Security Module?
An HSM should be used because it offers an unparalleled level of security for managing cryptographic keys and performing sensitive operations, such as encryption, decryption, and digital signing, in a tamper-resistant environment. Unlike software-based solutions, an HSM provides physical protection against attacks, ensuring that cryptographic keys cannot be accessed or compromised even if other systems are breached. This is particularly important for enterprises handling sensitive data, processing financial transactions or have a need to maintain regulatory compliance. A HSM excels at protecting cryptographic assets which are vital to both security and legality.
Who Uses Hardware Security Modules?
A hardware security module can be useful for any enterprise that manages sensitive information such as customer data, financial data, intellectual property and employee information.
An HSM can secure data, among many other use cases, for the following industries or products:
- Banking and financial services
- Blockchain and cryptocurrencies
- Personal Identifiable Information (PII)
- Healthcare and medical devices
- Payment gateways
- Digital certificates associated with websites and PKI
- Government and defense
- Cloud services
- IoT devices
- Automotive industry
Besides data security, an HSM can also be used for digital signing, ensuring compliance of data regulations, in addition to key generation and management.
What are the Advantages of a Hardware Security Module?
There are a number of distinct advantages, but here are some of the most important benefits of using an HSM:
Cloud and containers/Kubernetes. An HSM provides a secure way to manage data and cryptographic keys within cloud environments, helping users maintain control over sensitive assets despite the uncertainty of physical security aspects. They also ensure the protection of containerized applications and secure workloads in dynamic environments like Kubernetes.
Digital signing and code signing. Cryptographic keys used for digital and code signing can be safeguarded against unauthorized access, tampering and manipulation, ensuring software integrity.
Encryption and tokenization. An HSM enhances the protection of encryption keys, ensuring the security of data both at rest and in transit, and supports tokenization processes for added security in data protection.
Identity and authentication. These devices can facilitate the creation and management of trusted credentials for strong identity authentication, ensuring that only verified identities can access sensitive systems or data.
Key management. Tools to help enforce policies for secure key management across different applications and cloud platforms can be found onboard an HSM, ensuring that keys are rotated, expired, and protected according to best practices and compliance standards.
Payments. The protection of cryptographic keys involved in payment transactions is a common use case, ensuring the security of payment credentials and compliance with financial regulations like PCI-DSS.
Privileged access and secrets management. An HSM can simplify and secure the management of privileged access, protecting sensitive credentials and secrets for DevOps teams while addressing insider threats.
Public key infrastructure (PKI). They protect certificate authority (CA) signing keys, a critical component in PKI, ensuring the security of trusted certificates and the broader infrastructure.
TLS/SSL applications (firewalls, load balancers, ADCs, etc.). The ability to secure root or primary keys used for TLS/SSL encryption in applications like firewalls and Application Delivery Controller (ADCs), can ensure the integrity and confidentiality of encrypted communications.
Because the hardware security module handles a multitude of functions, including encryption and decryption, and protecting cryptographic keys, there are several important hardware security features that allow it to achieve its goals, and learning about these will contribute to a broader understanding of hardware security modules:
Access controls. An HSM enforces strict access control over sensitive data and devices, ensuring that only authorized users can interact with critical cryptographic operations.
Application programming interfaces (APIs). HSMs support a wide range of APIs, allowing for seamless integration and development of both off-the-shelf and custom applications. This includes industry standards such as Cryptography API: Next Generation (CNG) and Public-Key Cryptography Standard (PKCS).
Isolated. To further enhance security, an HSM is often housed in isolated environments, typically off-site or in a third-party data center. This isolation helps prevent unauthorized access and provides an additional layer of physical security.
Data security and privacy compliance. Hardware security modules are designed to meet stringent data security and privacy regulations. They comply with standards like Common Criteria (CC), the Federal Information Processing Standardization (FIPS) 140-2, General Data Protection Regulation (GDPR), and the Payment Card Industry Data Security Standard (PCI DSS), ensuring that data is protected according to both government and industry requirements.
Tamper-resistant. Built with tamper-resistant technology, an HSM has undergone a hardening process to withstand physical attacks and unauthorized tampering. This ensures that sensitive keys and data remain secure, even in high-risk environments.
Are There Any Disadvantages of Hardware Security Modules?
Using a hardware security module can present several disadvantages, primarily related to cost and complexity. They can be expensive to implement, with pricing varying significantly based on the desired functionality and security levels, which may not be feasible for smaller organizations. Additionally, many HSM devices are challenging to upgrade and integrate into existing systems, which can lead to operational inefficiencies or increased maintenance efforts. Despite these challenges, leveraging the scalability of cloud-native technologies can help alleviate some of these issues by providing more flexible and cost-effective solutions for managing cryptographic functions.
Hardware Security Module vs TPM (Trusted Platform Module)?
A Trusted Platform Module (TPM) is an internationally recognized standard for a secure microcontroller designed to enhance hardware security by integrating cryptographic keys directly into the device. The TPM serves several critical functions:
- Encrypt data and authenticate devices using a unique RSA bind key specific to the TPM, ensuring that only authorized platforms can access secured information.
- Maintain platform integrity by storing system metrics, which provide a reliable way to check that the system has not been tampered with.
- Generates a hash summary of the software and hardware configuration, enabling remote attestation and allowing third parties to verify that the software remains unchanged and trustworthy.
- The TPM includes a hardware-based random number generator,, which is crucial for producing secure cryptographic keys and ensuring unpredictability in cryptographic processes.
- Similar to an HSM, a TPM securely generates, manages, restricts the use of, and stores cryptographic keys. This management includes capabilities such as key wrapping and storage, ensuring that keys are protected against unauthorized access and attacks.
An HSM differs from a TPM primarily in its scope and application. An HSM is a standalone device designed for high-performance cryptographic operations, such as managing encryption keys, securing transactions, and performing complex cryptographic tasks across various systems and applications. In contrast, a TPM is a specialized chip embedded into other devices that provide hardware-based security for platform integrity and are more limited in function, focusing on securing hardware and software at the device level. An HSM typically offers greater scalability and flexibility for enterprise applications, while a TPM is used primarily for ensuring device security and establishing trust within individual systems.
What are the Different Types of Hardware Security Module Solutions?
Traditional HSM devices are large, robust, tamper-resistant, physical devices designed to secure cryptographic processes.. Hardware security module vendors test these devices rigorously to ensure they meet the highest security standards, including Common Criteria and FIPS 140-2.
Some HSM providers even offer subscription-based, as-a-service models that enable customers to access, generate, and safeguard their sensitive data and cryptographic key material in the cloud. This flexibility allows enterprises to leverage HSM capabilities without the need for costly on-premise infrastructure. Both traditional and hosted HSM solutions provide their own benefits, so enterprises need to carefully assess all of the options before architecting a complete solution.
On-premise HSM deployments can include various configurations:
- Network-attached HSMs serving multiple downstream servers and applications, making them ideal for larger-scale deployments.
- Embedded HSMs (such as PCIe cards) provide a cost-effective solution compared to a network-attached solution, but may require more processing power and custom-built servers.
- A modular and independent HSM which is not connected to the cloud, i.e. an air-gapped configuration, provides some of the highest level of physical security and often meets the strongest level of security compliance, although it may have limited scalability.
In contrast, hosted or as-a-service solutions include:
- Scalable containerized HSMs tailored for cloud platforms, offering real multi-tenant solutions that support independent deployments per container.
- An as-a-service solution that offers partially or fully shared and managed HSM devices on the backend. Functions, such as key management, may be conducted in-house or integrated as part of the service solution.
- A solution that facilitates containerized tenant management with protections at FIPS 140-2 level 3, allowing for cloud scalability while maintaining customer control over encryption policies.
- Using the Cloud Service Provider (CSP)’s own HSM cluster, such as those offered by Azure, AWS, and Google, provides the total advantage of outsourcing the hardware and datacenter, but may limit customer control over keys.
How to Choose the Best Hardware Security Module Solution
When deciding between various HSM vendors, besides the obvious cost analysis, consider the implementation assistance they offer, the range of solutions provided to best meet the requirements, as well as support for its firmware and potentially compatible software. Many general purpose hardware security modules may offer only limited support for various combinations of software and firmware across deployment models— so decide early on whether the solution will require hybrid, on-premises or a cloud hardware security module.
Does Yubico Support Hardware Security Modules?
Yubico offers the smallest HSM in the world for securing modern infrastructures, the YubiHSM. Yubico’s USB hardware security module delivers enhanced cryptographic key protection, simplified deployment and rapid integration, at a fraction of the cost of a traditional HSM. The reduced cost, combined with extreme portability and size, also make it an ideal candidate for virtualized environments.
Find out more about Yubico and Hardware Security Modules here.
Get started
Find the right Yubikey
Take the quick Product Finder Quiz to find the right key for you or your business.
Get protected today
Browse our online store today and buy the right YubiKey for you.