How to Improve HSM Usability

In this article, we will explore some of the reasons why HSMs can be difficult to use and look at a novel solution that helps to overcome these problems.

HSMs – The Last 20 Years

Hardware security modules (HSMs) started to appear in the latter half of the 1990s, taking advantage of the new FIPS 140-1 “Security Requirements for Cryptographic Modules” standard published by NIST in 1994. They have changed relatively little over the last two decades, with the market being dominated by a handful of vendors.

HSMs offer a number of capabilities that make them very attractive to use in cryptographic applications, including:

• A certified random number generator for generating high-quality cryptographic keys
• High-performance cryptographic processing for high cryptographic throughput
• Tamper resistance to protect keys and other sensitive data from physical attack
• Internationally-recognized certification programs to meet mandatory compliance requirements
  

The Inherent Challenges in Using HSMs

However, the requirement for complex hardware, the expensive FIPS certification procedure, and the lack of competition has resulted in HSMs being widely regarded as just as problematic to use today as they were 20 years ago. Challenges include:

• Using multiple HSMs for scaling and resilience – this can be hard to achieve and typically requires vendor-specific tools
• Complex application programming interface (API) – HSMs typically offer PKCS#11, which was developed alongside HSMs in the 1990s and has also changed little since then
• As hardware devices with fixed functionality, adding new functionality (such as new cryptographic algorithms) requires firmware updates, if not entirely new hardware.

Due to this inflexibility, HSMs are frequently dedicated to particular applications, with different applications frequently employing different HSM brands or models. As a result, organizations can find themselves with dozens, if not hundreds, of HSMs being managed by different teams in different ways – a very expensive situation.

What if there was an alternative? A method for applications to share a small pool of HSMs, with simple scaling and resilience, a simple, high-level programming API, and the ability to manage it all centrally?

Introducing CSG

Cryptomathic’s Crypto Service Gateway (CSG) is that solution! CSG is a scalable software solution that supports a wide range of general-purpose and payment HSMs from all the major vendors. The key principal CSG provides are:

• efficiency – a small number of HSMs can be shared between many applications whilst solving the challenge of scalability and resilience; furthermore, the HSMs can be centrally managed and monitored by a single operations team
• faster development – a high-level API reduces the burden on developers, enabling applications to be delivered more quickly and with less risk
• centralized control of key usage and cryptographic policy – rather than leaving the complexity of defining and managing the usage of keys and cryptographic policy to application developers, CSG enables these to be centralized defined and managed by crypto experts and recorded in a single audit log. 

In addition, Cryptomathic can add custom functionality (such as new algorithms) into HSMs according to customer needs and make accessible via CSG.

Summary

HSMs have changed little over the last 20 years and are seen as being difficult and expensive to use. However, CSG solves these problems and enables organizations to roll out an “HSM-as-a-Service” capability. As well as providing hardware and resource efficiency gains, CSG makes life easier for developers, operators, managers, and auditors alike.