Hardware Security Module (HSM) is a physical computing device to protect and manage digital keys, and provide encryption processing, for strong authentication.
Security inside standard server
Proven symmetric encryption (v1.0) by the best IT enterprise
Asymmetric encryption, advanced functions, and use privilege (v2.0)(to be launched in May, 2017)
Low price / Portability / High security
HSM(Hardware Security Module)
protects encryption key data while accelerating encryption.
Safe Microsoft Active Directory certificate service
- YubiHSM 2 provides cost-effective hardware-based key to protect digital keys for Microsoft PKI implementation.
- Once distributed to Microsoft Active Directory certificate service, YubiHSM 2 protects CA route keys while protecting all signatures and check services using the route keys.
Improved encryption key protection
- YubiHSM 2 provides strong options to safely create, store, and manage digital keys including core functions to create, write, sign, decrypt, hash, and warp keys.
16 Concurrent connections
- Several applications can set sessions for encryption using YubiHSM
- A session will be exited after non-activity or lasted long to improve performance by eliminating session creation time.
Hardware based encryption work
- YubiHSM 2 can be used as a comprehensive encryption toolbox for broad range of open source and commercial applications. Most general use case is the hardware-based digital signature creation and verification. Functions of YubiHSM 2 can be accessed through industrial standard PKCS # 11 or Microsoft CNG or basic Windows, Linux, and macOS libraries with Key Storage Provider (KSP) of Yubico
Support for extensive platform
- Linux, Windows and MacOS
Additional functions include network sharing, role-based access control, backup and restoration of N wrap keys, falsification test record logging, and broad encryption function (RSA, ECC, ECDSA (ed2519), SHA-2 and AES).
- Complexity and travel expenses can be reduced for employees by easily managing several YubiHSMs that are remotely deployed through enterprise.
“Nano” form factor, low power consumption: Thanks to “Nano” form factor, HSM can be entirely inserted into USB-A port so it is fully hidden in the front or back of server without any projection. Power cost can be saved because the minimum power is 30mA.
|Support for security standards||Hashing (SHA-1/256/384/512)
RSA (2048/3072/4096 bit key, Signing PKCS#1v1.5/PSS, Decryption PKCS#1v1.5 /OAEP)
ECC (Curves secp224r1~521r/bp256r1~512r1/curve25519, Signing ECDSA/EdDSA, Decryption ECDH)
Key wrap (AES-CCM Wrap at 128~256 bits)
Random numbers (seed NIST SP 800-90 AES 256 CTR_DRBG)
|Compatibility||API : MS CNG (KSP), PKCS#11, Native YubiHSM Core Libraries (C, python)|
|Others||** Server based|