Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Yubico Introduces Open Source YubiHSM SDK for Securing Infrastructures and Crypt ...


PALO ALTO, Calif. & STOCKHOLM (BUSINESS WIRE) #HSM Yubico, the leading provider of hardware authentication security keys,

today announced a new open source YubiHSM 2 (hardware security module)

software development kit (SDK) available for developers and engineers to

easily implement the YubiHSM 2 for an unlimited amount of use cases. The

YubiHSM 2 delivers the highest levels of security for cryptographic

digital key generation, storage, and management, supporting an extensive

range of enterprise environments and applications, in a cost effective

and minimalistic form factor.

Yubico Introduces Open Source YubiHSM SDK for Securing Infrastructures and Crypt ...
Yubico Introduces Open Source YubiHSM SDK for Securing Infrastructures and Crypt ...

With the introduction of the open source YubiHSM 2 SDK, developers can

rapidly build apps, across a wide variety of architectures and

platforms, to easily integrate with the YubiHSM 2. For apps that

communicate using PKCS#11, they can now use the SDK to integrate to the

YubiHSM 2 and enable all of its security capabilities for greater

protection of cryptographic keys and to conduct a range of other high

security functions.

“Open sourcing the SDK will help developers build more secure solutions

in a rapid fashion,” said Jerrod Chong, SVP of Product, Yubico. “We are

always looking at ways to increase usability of our products, while

maintaining a high level of trust between Yubico and our user community

of developers and security specialists.”

The YubiHSM 2 can be used for protecting cryptographic keys stored on

servers used in data centers, cloud server infrastructures,

manufacturing and industrial services. While the protection of root keys

for Microsoft AD Certificate services is a common use case, YubiHSM 2

can be used as a comprehensive cryptographic toolbox for a wide range of

open source and commercial applications, spanning many different

products and services.

“Two of the main drawbacks to traditional HSMs are cost and complexity,”

said Garrett Bekker, Principal Analyst, 451 Research. “By offering the

YubiHSM 2 in an ultra-slim nano form factor and at a $650 price point

that is much lower than standard HSMs, Yubico could help bring the

benefits of HSMs to a wider range of organizations and new potential use


Highlighted YubiHSM 2 Use Cases

Since the product’s launch last year, Yubico has seen many unique

implementations of the YubiHSM 2. Below are two deployments that have

explored the multi-functionality of YubiHSM 2 for improving security

within IoT hardware and gateways.

HashiCorp Extends Vault Enterprise PKCS#11 HSM Seal

HashiCorp is a cloud infrastructure automation company that enables

organizations to adopt consistent workflows to provision, secure,

connect, and run any infrastructure for any application. HashiCorp Vault

is a tool for managing secrets and protecting sensitive data. Vault is

designed to help security teams secure, store, and tightly control

access to tokens, passwords, certificates, encryption keys for

protecting secrets, and other sensitive data using a UI, CLI, or HTTP


Working with HashiCorp, Yubico has introduced an integration between the

YubiHSM 2 and the Vault Enterprise PKCS#11 HSM seal/unseal feature.

Utilizing the YubiHSM 2 SDK, HashiCorp enables organizations using

YubiHSM 2 to seal wrap Certificate Authority root keys using PKCS#11 for

an added layer of security. This integration also enables features such

as key generation and key rolling.

For more information about Vault Enterprise’s PKCS#11 seal function,

please visit HashiCorp’s website

for documentation.

Integrating YubiHSM with the Curity Identity Server

Curity is a supplier of API-driven identity management, providing

unified security for digital services. Customers include some of the

largest financial service providers, banks, governments, and gaming

companies around the world. Curity enables their customers to solve

several challenges by using the YubiHSM 2, such as key management,

hygiene, and security, the ability to sign JSON Web Tokens (JWT) using

keys stored in hardware, and the ability to terminate SSL using keys

they trust.

Curity Identity Server supports the use of the YubiHSM 2 for key storage

using PKCS#11. Because YubiHSM 2 supports PKCS#11, it can be used with

Curity to sign tokens, encrypt SSL communication and perform other

sensitive operations.

To read more on this integration, please visit Curity’s website

for a tutorial.

YubiHSM Open Source SDK and the Yubico Developers Program

Earlier this year, the company introduced the Yubico Developer Program

to enable rapid integration of Yubico products. Initially focused on the

YubiKey for strong authentication within web and mobile applications,

the Developer Program is expanding its hardware track to now include the

YubiHSM. Those who


will have access to developer resources including workshops,

webinars, implementation guides, reference code, and SDKs.

For more information on the YubiHSM SDK and implementation guides,

please visit the


. For more information on Yubico products and

technology, please visit yubico.com.

About Yubico

Yubico sets new global standards for simple and secure access to

computers, mobile devices, servers, and internet accounts.

The company’s core invention, the YubiKey, delivers strong hardware

protection, with a simple touch, across any number of IT systems and

online services. The YubiHSM, Yubico’s ultra-portable hardware security

module, protects sensitive data stored in servers.

Yubico is a leading contributor to both the FIDO2 and FIDO Universal 2nd

Factor open authentication standards, and the company’s technology is

deployed and loved by 9 of the top 10 internet brands and by millions of

users in 160 countries.

Founded in 2007, Yubico is privately held, with offices in Sweden, UK,

Germany, USA, Australia, and Singapore. For more information: www.yubico.com


Yubico Media Contact:

Ronnie Manning

Vice President,

Communications, Yubico


Yubico Introduces Open Source YubiHSM SDK for Securing Infrastructures and Crypt ...
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images