This article will examine Hardware Security Modules (HSMs) according to ISO 13491 and how their relationship to ANSI x9.24-1-2017.
A hardware security module (HSM) is a type of computer hardware that can be augmented inside a computer or used over the network as a standalone device. As an external network device it is connected via a network cable. When augmented inside a computer or server, it is a PCIe card that is attached directly to the motherboard of the computer or server.
An HSM is designed to protect and manage digital keys that are used for strong authentication purposes with specialized functions that are needed to process transactions and perform general-purpose functions. HSMs provide logical and physical protection, such as cryptographic protection and tamper-proof enclosures to protect critical data from being disclosed or being accessed by those who are not authorized to do so.
HSMs can be used in any application that utilizes digital keys to protect said keys. These keys are usually of high value and require confidentiality because if compromised, there could be a significant negative impact on the key’s owner.
HSMs perform the following functions:
Both symmetric and asymmetric cryptography are supported by HSMs. Applications like digital signing and certificate authorities usually use asymmetric key pairs and certificates that are used in public-key cryptography. Applications like financial payment systems and data encryption also rely on the use of symmetric keys.
HSMs can be used by certification authorities and registration authorities in PKI environments to generate, store, and handle asymmetric key pairs. These devices must have features such as:
The payment card industry uses specialized HSMs. These devices support common functions and specialized functions that are used for processing transactions in compliance with industry standards. Authorization of transactions and payment card personalization are typical applications used in the payment card industry. Cryptography is used for
For the banking and retail financial services market, HSMs are required to abide by standards set by the Payment Card Industry Security Standards Council, ISO, and ANSI X9.
The security of these devices is critical to securing retail electronic payment systems that are constantly at risk of cyber-attack. However, HSMs are also always at risk of being attacked.
There are numerous attack scenarios that target HSMs used for electronic payments. The most concerning are:
HSMs need to have three factors working together to defend against attacks:
HSMs possess logical and physical security protections that work to deter the attack scenarios above. Their physical security characteristics include:
The ANSI x9.24-1-2017 standard was published by the Standards Committee X9 of the American National Standards Institute. Version – 2017 was approved on June 8, 2017.
It addresses and standardizes symmetric key management related to Secure Cryptographic Devices (SCD) for Retail Financial Services.
Secure Cryptographic Devices are devices providing “physically and logically protected cryptographic services and storage“. It hence applies to Hardware Security Modules.
The ANSI standard states in chapter 3 that it shall be applied in conjunction with the ISO 13491 – 2016 – all parts, Financial services – Secure cryptographic devices.
ISO 13491 requires that HSMs must have a combination of all three physical security characteristics to ensure the required security. When needed, additional physical characteristics may be required to prevent passive attacks from attacking sensitive data.
The purpose of secure cryptographic device management is to prevent the unauthorized alteration of the HSM’s characteristics throughout its life cycle. This is accomplished by placing external controls on the device during its life cycle.
These controls include:
The security of the HSM’s environment can range between minimal and highly controlled. Controls should be in place to prevent or detect access based on the device’s physical risks and the type of data it is protecting.