Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:07 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Introduction
PostPosted: Wed Apr 06, 2011 3:23 pm 
Everyone - meet YubiHSM.

YubiHSM is the latest innovation from Yubico. It is Yubico's take
on what an HSM should be like. Easy to use and affordable.

Want to validate Yubico OTPs?

YubiHSM is a one-stop solution for validation of up to 1024
YubiKeys with an internal database.

YubiHSM can decrypt indefinite numbers of YubiKey's OTP's (if you
have access to the token unique AES key that is) with secure
storage of the AES keys on the host computer. The AES keys are
only readable to the YubiHSM through the use of
Authenticated Encryption with Associated Data (AEAD).

Want to securely validate OATH tokens?

The YubiHSM makes for an excellent security device in an OATH
validation service by providing HMAC-SHA1 capabilities with the
secret key secured inside AEADs.

Want to securely validate plain text passwords?

The YubiHSM can compare the decrypted contents of a previously
generated AEAD and internally compare it with provided plain text.
This makes it possible to generate an AEAD from a password (or
better, from a PBKDF2 hash of a password) and then later on
securely verify that the same password is presented by a user.

Want random number seed?

The YubiHSM includes a random number generator. Technical details
in the YubiHSM manual.

Want generic cryptography primitives?

The YubiHSM provides AES ECB encrypt/decrypt/decrypt-compare,
as well as HMAC-SHA1 with key stored in the YubiHSM (64 slots
available for such keys). Keys can have associated permissions
through an extensive set of flags, so a poor-mans asymmetric
cryptography can be achieved with two or more YubiHSM's sharing
the same key but possibly with different associated permissions
(YubiHSM 1 can only encrypt, YubiHSM 2 can only decrypt).

Want generic cryptography primitives with a twist?

The YubiHSM provides AES ECB encrypt/decrypt/decrypt-compare,
as well as HMAC-SHA1 - all leveraged with powerful key
indirection where the secret key is stored in an AEAD and only
ever decrypted inside the YubiHSM.

For product information, see http://www.yubico.com/yubihsm/.

For technical documentation, see http://static.yubico.com/var/uploads/YubiHSM%20Manual%202011-04-02.pdf.

On behalf of the Yubico Team,

Fredrik Thulin - YubiHSM product manager


Top
  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group