Java – Crypto : The principles of Hardware Security Module HSM

Hello,
Through several articles, I would like present the cryptographic mechanisms, types of keys, certificate, types of algorithms …etc:

• PRESENTATION : Concepts of Cryptography (concepts, types of keys symmetric/asymmetric, …)
• The principles of SSL
• The principles of Signature and Certificate
• The principles of Hardware Security Module HSM
• Encoding with base64, base64url, rfc-4648
• Encryption with Blowfish (Anonymization)
• Encryption with AES/CBC, AES/EBC (Encryption of files)
• Encryption with PBEWithMD5AndDES (Encryption of files)
• Encryption with RSA (asymmetric keys private and public)
• KeyStore, JCEKS, SecretKey, PrivateKey, PublicKey, Certificate
• Example, Use of SecretKey, PrivateKey, PublicKey, CSV file (CryptoTools, GenericObfuscationFile)

The principles of Hardware Security Module HSM
 
A Hardware Security Module (HSM) is a tamper-resistant device offering cryptographic functions. It is an electronic equipment providing a security service which consists in generating, storing and protecting cryptographic keys. This hardware may be a PCI plug-in card on a computer or an external SCSI / IP case, for example. (See https://en.wikipedia.org/wiki/Hardware_Security_Module).
 
A HSM is reputed to be inviolable because the physical access to the box requires authentication based on a system of partial password and sets of USB keys.

 
HSM is composed of partitioned partitions allowing:

• Keys storage:
  • The storage of secret keys (symmetric encryption) and private keys (asymmetric encryption) in a tamper-proof HSM chest without the possibility of reading the stored key,
  • The storage of public keys (asymmetric encryption) with the possibility of reading and retrieving the stored key,
  • Updating the stored keys is possible via programming codes (like JAVA interface).

  Note: Using HSM only for storing keys would corrupt the primary purpose of HSM: on-the-fly data encryption / decryption.

• The encryption / decryption of data streams by a given key without access to this key (but with authentication and authorization).
• Ensure the integrity of an electronic document and authenticate the author via electronic signature management.
• The use of an HSM partition requires prior registration of the HSM client, ie the application server. This registration is necessary because there is an IP filtering of HSM clients and is done when configuring the partition via an administrative account.
• The use of the stored keys is also protected by an HSM application account and requires the installation / configuration of a client box on the HSM client application server.
• Access to a partition is via an MTLS tunnel between the HSM client and the HSM server.
• There are 2 main user profiles in HSM (by partition):
  • User with limited rights to read and use the HSM box,
  • User with HSM administration rights: updating keys … etc.

Best regards,

Huseyin OZVEREN