Key Storage in Hardware

Let’s learn how to store keys in hardware and manage the potential loss or unavailability of keys.

We'll cover the following

Hardware security modules
Storing keys on an HSM
Other types of hardware
Communicating with hardware
Evaluating hardware

The safest medium in which to store a cryptographic key is hardware. There are, of course, different types of hardware devices with varying levels of security.

Hardware security modules

The most secure hardware storage media for cryptographic keys are hardware security modules (HSMs). These dedicated hardware devices provide key management functions and are sometimes known as tamper-resistant devices. Many HSMs can also perform bulk cryptographic operations, often at high speed. An HSM can be peripheral or incorporated into a more general-purpose device such as a point-of-sale terminal.

While we have chosen to introduce HSMs as mechanisms for the secure storage of cryptographic keys, it is important to appreciate that HSMs are often used to enforce other phases of the key lifecycle.

Get hands-on with 1200+ tech skills courses.

Introduction

Basic Principles

Historical Cryptosystems

Theoretical versus Practical Security

Symmetric Encryption

Public-Key Encryption

Data Integrity

Digital Signature Schemes

Entity Authentication

Cryptographic Protocols

Key Management

Public-Key Management

Cryptographic Applications

Cryptography for Personal Devices

Control of Cryptography

Mathematics Appendix

Closing Remarks

Key Storage in Hardware

Hardware security modules