How It All Started: A Crypto Recap
In This Chapter
1 Why HSMs were developed
What initial devices looked like and which techniques they used
What initial forms of standardization and certification existed
It probably comes as no surprise to you that HSMs were initially invented and
developed for military deployment. Security modules were developed at a
time when running cryptographic operations required special hardware. This is
because the performance of computer systems back then wasn’t exactly up to
mathematical functions. So the obvious approach was to build a coprocessor to
run the cryptography mathematics.
With the Data Encryption Standard (DES), in the late ’70s and early ’80s IBM
then introduced an algorithm to the market that developers could implement efficiently
in hardware. This led to efficient implementations in software and hardware,
but evidently a solution for the protection of cryptographic keys used was
still lacking. So the industry developed the first HSMs. Some of the initial devices
were fitted with self-destructive technology.
Here’s a link to a few examples of historical equipment: ’NSA devices
with explosive tamper resistance’; www.nsa.gov/about/crypto
logic_heritage/museum/.
The combination of effective encryption methods (as they were at the time) and
the goal of protecting the computer system on which the algorithm is used drove
forward the development of HSMs. However, HSM technology wasn’t opened up
to the commercial, industrial world until the blanket introduction of Automated
Teller Machines (ATMs).
11
/
