How It All Started: A Crypto Recap In This Chapter 1 Why HSMs were developed What initial devices looked like and which techniques they used What initial forms of standardization and certification existed It probably comes as no surprise to you that HSMs were initially invented and developed for military deployment. Security modules were developed at a time when running cryptographic operations required special hardware. This is because the performance of computer systems back then wasn’t exactly up to mathematical functions. So the obvious approach was to build a coprocessor to run the cryptography mathematics. With the Data Encryption Standard (DES), in the late ’70s and early ’80s IBM then introduced an algorithm to the market that developers could implement efficiently in hardware. This led to efficient implementations in software and hardware, but evidently a solution for the protection of cryptographic keys used was still lacking. So the industry developed the first HSMs. Some of the initial devices were fitted with self-destructive technology. Here’s a link to a few examples of historical equipment: ’NSA devices with explosive tamper resistance’; www.nsa.gov/about/crypto logic_heritage/museum/. The combination of effective encryption methods (as they were at the time) and the goal of protecting the computer system on which the algorithm is used drove forward the development of HSMs. However, HSM technology wasn’t opened up to the commercial, industrial world until the blanket introduction of Automated Teller Machines (ATMs). 11
HSM_for_Dummies
To see the actual publication please follow the link above