Software developers dealing with keys and other secrets often rely on basic protection of these values through simplistic mechanisms such as folder permissions. This leaves these credentials open to an easy hack. In some cases, secrets may have enough value (such as an RSA or ECC private key for e-commerce) that an expensive hardware security module (HSM) needs to be employed. For many applications however, a well-constructed software system designed to hide keys and secrets can be a cost-effective solution. Elliptic offers this capability through the ESS-07: Virtual Security Module (VSM).
Ellipsys-VSM is part of the Ellipsys Trust Framework which is Elliptic’s solution to help device manufactures and system providers protect their product from tampering, cloning, and other threats.
Ellipsys-VSM is a Virtual Security Module (VSM) that offers software based cryptographic services, similar to a Hardware Security Module (HSM), to support a range of solutions for digital identity and transactional security applications. It is a “software smart card” used to secure embedded secrets in software systems and has the capability to manage and protect sensitive information such as keys and credentials for system applications executing on embedded platforms.
Ellipsys-VSM supports a wide range of protected key management services such as secure key generation, storage, archiving, cloning, and secure migration of key material. The solution optionally provides acceleration for public-key operations via Elliptic (CLP-300: Public Key Accelerator) or third party hardware offload engines.
|Public Key Accelerator|