Hardware security module drops in to protect

Module provides OEMs with a simple and secure drop-in solution for data encryption, digital signing and strong authentication.
New from nCipher, the miniHSM is billed as the world's first embedded hardware security module (HSM) to provide OEMs with a simple and secure drop-in solution for data encryption, digital signing and strong authentication. About the size of a pack of chewing gum, the miniHSM allows nCipher customers to integrate prevalidated cryptographic security into a diverse range of product areas, including digital cinema projectors, electronic voting terminals, retail point-of-sale infrastructure, immigration border control and document processing machinery. 'HSMs are already the standard for securing cryptographic keys in servers, where nCipher has been the market leader for many years', says Richard Moulds, Vice President of Marketing at nCipher.

'With the increasingly widespread use of cryptography, dedicated hardware security technology is now required in a far greater range of devices'.

'Laptops and desktop PCs now arrive from the factory with trusted platform modules (TPMs) installed for key protection and to support the security requirements of desktop software such as Microsoft's Vista operating system'.

'nCipher has worked with several semiconductor vendors to provide hardware security functionality for devices that fall outside the world of PCs and servers, particularly those in highly cost sensitive markets'.

'The miniHSM fills the remaining gap in the market to offer FIPS-validated (Federal Information Processing Standard) security to developers that require greater flexibility and functionality as they seek to secure a wide range of nonPC based devices that nevertheless handle very sensitive information'.

Within its small form factor, the miniHSM provides embedded HSM functionality to enable a simplified and highly cost effective means to enable tamper-resistant hardware protection of encryption keys pre-validated to the FIPS 140-2 level 3 industry security standard.

The small footprint and ease of integration of miniHSM allows manufacturers to embed HSM functionality into devices where space and power are at a premium.

nCipher's miniHSM supports a wide range of cryptographic algorithms, including all common symmetric- and asymmetric-key cryptographic algorithms including 3DES, AES, RSA and DH, as well as more specialist algorithms such as Elliptic Curve Cryptography (ECC).

Incorporating a true random number generator, miniHSM offers secure cryptographic key provisioning and storage, and a built-in real-time clock enables value-added functionality such as time-stamping in addition to the standard cryptographic functions of encryption, digital signing and authentication.

miniHSM also supports nCipher's suite of developer toolkits including CodeSafe, its unique Secure Execution Engine (SEE) capability for executing high assurance trusted custom applications within the device's security boundary.

'It takes specialist skills to develop secure cryptographic systems and often years to achieve validation to externally imposed standards such as FIPS', says Moulds.

'With miniHSM, OEMs can significantly reduce time to market and immediately address the need for security validation without the need to build up internal resources and climb the security learning curve'.