PALO ALTO, Calif. & STOCKHOLM (BUSINESS WIRE) #HSM Yubico, the leading provider of hardware authentication security keys,
today announced a new open source YubiHSM 2 (hardware security module)
software development kit (SDK) available for developers and engineers to
easily implement the YubiHSM 2 for an unlimited amount of use cases. The
YubiHSM 2 delivers the highest levels of security for cryptographic
digital key generation, storage, and management, supporting an extensive
range of enterprise environments and applications, in a cost effective
and minimalistic form factor.
With the introduction of the open source YubiHSM 2 SDK, developers can
rapidly build apps, across a wide variety of architectures and
platforms, to easily integrate with the YubiHSM 2. For apps that
communicate using PKCS#11, they can now use the SDK to integrate to the
YubiHSM 2 and enable all of its security capabilities for greater
protection of cryptographic keys and to conduct a range of other high
security functions.
“Open sourcing the SDK will help developers build more secure solutions
in a rapid fashion,” said Jerrod Chong, SVP of Product, Yubico. “We are
always looking at ways to increase usability of our products, while
maintaining a high level of trust between Yubico and our user community
of developers and security specialists.”
The YubiHSM 2 can be used for protecting cryptographic keys stored on
servers used in data centers, cloud server infrastructures,
manufacturing and industrial services. While the protection of root keys
for Microsoft AD Certificate services is a common use case, YubiHSM 2
can be used as a comprehensive cryptographic toolbox for a wide range of
open source and commercial applications, spanning many different
products and services.
“Two of the main drawbacks to traditional HSMs are cost and complexity,”
said Garrett Bekker, Principal Analyst, 451 Research. “By offering the
YubiHSM 2 in an ultra-slim nano form factor and at a $650 price point
that is much lower than standard HSMs, Yubico could help bring the
benefits of HSMs to a wider range of organizations and new potential use
cases.”
Highlighted YubiHSM 2 Use Cases
Since the product’s launch last year, Yubico has seen many unique
implementations of the YubiHSM 2. Below are two deployments that have
explored the multi-functionality of YubiHSM 2 for improving security
within IoT hardware and gateways.
HashiCorp Extends Vault Enterprise PKCS#11 HSM Seal
HashiCorp is a cloud infrastructure automation company that enables
organizations to adopt consistent workflows to provision, secure,
connect, and run any infrastructure for any application. HashiCorp Vault
is a tool for managing secrets and protecting sensitive data. Vault is
designed to help security teams secure, store, and tightly control
access to tokens, passwords, certificates, encryption keys for
protecting secrets, and other sensitive data using a UI, CLI, or HTTP
API.
Working with HashiCorp, Yubico has introduced an integration between the
YubiHSM 2 and the Vault Enterprise PKCS#11 HSM seal/unseal feature.
Utilizing the YubiHSM 2 SDK, HashiCorp enables organizations using
YubiHSM 2 to seal wrap Certificate Authority root keys using PKCS#11 for
an added layer of security. This integration also enables features such
as key generation and key rolling.
For more information about Vault Enterprise’s PKCS#11 seal function,
please visit HashiCorp’s website
for documentation.
Integrating YubiHSM with the Curity Identity Server
Curity is a supplier of API-driven identity management, providing
unified security for digital services. Customers include some of the
largest financial service providers, banks, governments, and gaming
companies around the world. Curity enables their customers to solve
several challenges by using the YubiHSM 2, such as key management,
hygiene, and security, the ability to sign JSON Web Tokens (JWT) using
keys stored in hardware, and the ability to terminate SSL using keys
they trust.
Curity Identity Server supports the use of the YubiHSM 2 for key storage
using PKCS#11. Because YubiHSM 2 supports PKCS#11, it can be used with
Curity to sign tokens, encrypt SSL communication and perform other
sensitive operations.
To read more on this integration, please visit Curity’s website
for a tutorial.
YubiHSM Open Source SDK and the Yubico Developers Program
Earlier this year, the company introduced the Yubico Developer Program
to enable rapid integration of Yubico products. Initially focused on the
YubiKey for strong authentication within web and mobile applications,
the Developer Program is expanding its hardware track to now include the
YubiHSM. Those whosign
will have access to developer resources including workshops,webinars, implementation guides, reference code, and SDKs.
For more information on the YubiHSM SDK and implementation guides,
please visit theYubico
. For more information on Yubico products andtechnology, please visit yubico.com.
About Yubico
Yubico sets new global standards for simple and secure access to
computers, mobile devices, servers, and internet accounts.
The company’s core invention, the YubiKey, delivers strong hardware
protection, with a simple touch, across any number of IT systems and
online services. The YubiHSM, Yubico’s ultra-portable hardware security
module, protects sensitive data stored in servers.
Yubico is a leading contributor to both the FIDO2 and FIDO Universal 2nd
Factor open authentication standards, and the company’s technology is
deployed and loved by 9 of the top 10 internet brands and by millions of
users in 160 countries.
Founded in 2007, Yubico is privately held, with offices in Sweden, UK,
Germany, USA, Australia, and Singapore. For more information: www.yubico.com
Contacts
Yubico Media Contact:
Ronnie Manning
Vice President,
Communications, Yubico
619.822.2239
ronnie@yubico.comDo you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.