Content of this appendix

Appendix 09 · HSM: Hardware Security Module

This appendix introduces hardware security modules as dedicated devices for cryptographic processing and key protection. It explains how HSMs support secure key storage, signing, encryption, random-number generation, access control, tamper response, and controlled key operations in conventional high-security environments.

The appendix also discusses certification, physical protection, zeroization, interfaces, and operational integration. These aspects matter because an HSM's security claim depends on both its internal design and the procedures around administration, backup, maintenance, and auditability.

In the context of MKD, the appendix distinguishes traditional HSM key custody from scenarios where one-time-pad key material may be consumed and deleted quickly. It helps readers decide when an HSM is needed, what role it can play, and where secure storage media or smart cards may take over some functions.

  • Explains HSM functions in cryptographic systems
  • Covers key protection, access control, and zeroization
  • Discusses certification and tamper response
  • Relates HSM use to MKD architectures
  • Clarifies when HSMs are operationally useful

Suggested citation

Reference in IEEE style

E. Piller and H. Schölnast, “Appendix 09: HSM: Hardware Security Module,” author-maintained supplementary material for Data Encryption at the Intersection of Mathematics and Physics: Comparing Physical Methods of Cryptography, 2026. [Online]. Available: https://cryptography.study/phys/HSM/.

Reference in ACM style

Ernst Piller and Hubert Schölnast. 2026. Appendix 09: HSM: Hardware Security Module. Author-maintained supplementary material for Data Encryption at the Intersection of Mathematics and Physics: Comparing Physical Methods of Cryptography. https://cryptography.study/phys/HSM/

BibTeX entry
@misc{piller_schoelnast_2026_appendix_09_hsm,
  title        = {HSM: Hardware Security Module},
  author       = {Ernst Piller and Hubert Schölnast},
  year         = {2026},
  howpublished = {Author-maintained supplementary material for Data Encryption at the Intersection of Mathematics and Physics},
  url          = {https://cryptography.study/phys/HSM/},
  note         = {Related book DOI: 10.1007/978-3-032-24764-3},
  language     = {en}
}
RIS entry
TY  - GEN
TI  - HSM: Hardware Security Module
T2  - Author-maintained supplementary material for Data Encryption at the Intersection of Mathematics and Physics
AU  - Piller, Ernst
AU  - Schölnast, Hubert
PY  - 2026
UR  - https://cryptography.study/phys/HSM/
N1  - Related book DOI: 10.1007/978-3-032-24764-3
LA  - en
ER  - 
CSL JSON entry
{
  "type": "webpage",
  "id": "piller-schoelnast-2026-appendix-09-hsm",
  "title": "Appendix 09: HSM: Hardware Security Module",
  "author": [
    {
      "family": "Piller",
      "given": "Ernst"
    },
    {
      "family": "Schölnast",
      "given": "Hubert"
    }
  ],
  "issued": {
    "date-parts": [
      [
        2026,
        6,
        19
      ]
    ]
  },
  "URL": "https://cryptography.study/phys/HSM/",
  "note": "Author-maintained supplementary material for Data Encryption at the Intersection of Mathematics and Physics. Related book DOI: 10.1007/978-3-032-24764-3",
  "language": "en"
}