Back

The Backbone of Cybersecurity: Hardware Security Modules

35 points1 dayjoin.tech
throw0101d4 hours ago

If anyone wants their own HSM, Nitrokey and Yubikey sell them:

* https://shop.nitrokey.com/shop/nkhs2-nitrokey-hsm-2-7

* https://www.yubico.com/product/yubihsm-2-series/yubihsm-2/

Consider buying two to have backups ((encrypted) export/import-backup/restore is supported).

Creating your own CA:

* https://docs.nitrokey.com/hsm/mac/certificate-authority

Considering using 'helper software' for running a CA:

* https://github.com/smallstep / https://smallstep.com/docs/step-ca/

* https://github.com/OpenVPN/easy-rsa

* https://hohnstaedt.de/xca/

* https://github.com/FiloSottile/mkcert (good for on-one-host dev stuff)

horeszko3 hours ago

I built my own key-vault/HSM since I wanted to use various cryptographic algorithms (argon2 and signing JWTs) not supported by typical HSMs.

repo for the software: https://codeberg.org/ChristopherChmielewski/cns

BerthaDouglas343 hours ago

[dead]

5n00py1 day ago

HSMs are the unsung heores of data protection. They are the ultimative defense for critical assets. This article explores how HSMs function as temper-resistant devices and why they are indispensable in cybersecurity. It explores their history, definition, utility, security, market trends and various other aspects.