SlideShare a Scribd company logo

HSM (Hardware Security Module)

Download as PPTX, PDF
U
Umesh Kolhe

What is HSM? How to use an HSM simulator?

Software
1 of 7
HSM & HSM Simulator http://www.unpluggedmind.in
What is HSM? HSM stands for Hardware Security Module. It’s a tamper resistant and incredibly secure physical device which is used to generate/store cryptographic keys and perform cryptographic functions. It detects unauthorized access, trigger alarm and even can remove the cryptographic keys inside to protect the information. There are general purpose and specialized HSMs. Payment industry uses specialized HSM to protect cryptographic keys, sensitive data generation, and validation. Typically it undertakes following functions for payment card personalization and transaction authorization: – Sharing keys securely – Generate PVV, CVV for magnetic strip data – Generate and print PIN mailer – Encrypt/Decrypt/Re-Encrypt PIN block – Verify card security codes – Verify PIN – Verify EMV (chip) data It’s mandatory for industries like payments to use HSM which an expensive device. Hence there are many companies cropped up who offer HSM as a service. Use of HSM for cryptographic functions in payment is de facto and also endorsed by PCI council as part of PCI DSS. PCI also provides security requirement for HSM (link).
HSM (Thales) Simulator The Thales Simulator Library is an implementation of a software emulation of the Thales (formerly Zaxus, formerly Racal) RG7000 Hardware Security Module cryptographic device.
How to Install 1.Go to CodePlex, an open source project archive (https://archive.codeplex.com/?p=thalessim) and download. The source code is available on github (https://github.com/nickntg/thalessimulatorlibrary) as well, but you need to have all the tools to build the solution and then you can get your hands on the installer. 2.Extract downloaded file thalessim.zip. 3.Go to "thalessimwikidownloadWikidocs" directory. 4.Run the Thales Windows Simulator installer. 5.This will install the simulator as "Thales Simulator".
How to Use 1.Run the installed "Thales Simulator“ 2.The default configuration of the simulator is available in ThalesParameters.xml generally available in the installed directory (C:Program Files (x86)NTGThales Simulator) 3.The default port for the simulator is 9998. It can be changed in ThalesParameters.xml. 4.Open a socket and connect the simulator on port 9998. 5.Important!!! All messages need to be prefixed with a 2-byte header i.e; 0000. The purpose of this header is to be able to identify request/response pairs in a high-load scenario. If you send simultaneous requests to the simulator (or a real HSM for that matter), you need to be able to match the correct responses to original requests because they might not arrive in the original order. You can use the header to do that. Sample command for CVV verification is "CYU123456789012345678901234567890121234123456789012345;1212101", prefix it with 2-byte header before sending to the simulator i.e; "0000CYU123456789012345678901234567890121234123456789012345;1212101"
Thank You http://www.unpluggedmind.in

Recommended

Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSMNarudom Roongsiriwong, CISSP
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5Sylvain Maret
 
Cryptographie
CryptographieCryptographie
CryptographieSeifallah Jardak
 
CNIT 141 8. Authenticated Encryption
CNIT 141 8. Authenticated EncryptionCNIT 141 8. Authenticated Encryption
CNIT 141 8. Authenticated EncryptionSam Bowne
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Nmap101 Eğitim Sunumu - Nmap Kullanım Kılavuzu
Nmap101 Eğitim Sunumu - Nmap Kullanım KılavuzuNmap101 Eğitim Sunumu - Nmap Kullanım Kılavuzu
Nmap101 Eğitim Sunumu - Nmap Kullanım KılavuzuMehmet Caner Köroğlu
 

Recommended

Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSMNarudom Roongsiriwong, CISSP
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5Sylvain Maret
 
Cryptographie
CryptographieCryptographie
CryptographieSeifallah Jardak
 
CNIT 141 8. Authenticated Encryption
CNIT 141 8. Authenticated EncryptionCNIT 141 8. Authenticated Encryption
CNIT 141 8. Authenticated EncryptionSam Bowne
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Nmap101 Eğitim Sunumu - Nmap Kullanım Kılavuzu
Nmap101 Eğitim Sunumu - Nmap Kullanım KılavuzuNmap101 Eğitim Sunumu - Nmap Kullanım Kılavuzu
Nmap101 Eğitim Sunumu - Nmap Kullanım KılavuzuMehmet Caner Köroğlu
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
 
Siber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı SistemiSiber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı SistemiBGA Cyber Security
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)akruthi k
 
Introduction to Vault
Introduction to VaultIntroduction to Vault
Introduction to VaultKnoldus Inc.
 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA RulesLionel Faleiro
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASPMarco Morana
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ GuideSmithjulia33
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmVittorio Giovara
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols NetProtocol Xpert
 
Hardware Security
Hardware SecurityHardware Security
Hardware SecurityMani Rathnam
 
Le chiffrement
Le chiffrementLe chiffrement
Le chiffrementHanen Gazel
 
Hashicorp Vault ppt
Hashicorp Vault pptHashicorp Vault ppt
Hashicorp Vault pptShrey Agarwal
 
secure socket layer
secure socket layersecure socket layer
secure socket layerAmar Shah
 
SSL intro
SSL introSSL intro
SSL introThree Lee
 
Owasp top 10 inceleme
Owasp top 10 incelemeOwasp top 10 inceleme
Owasp top 10 incelemeCyber-Warrior.org
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied CryptographyMarcelo Martins
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJoe McCarthy
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Security & Cryptography In Linux
Security & Cryptography In LinuxSecurity & Cryptography In Linux
Security & Cryptography In LinuxAhmed Mekkawy
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17LennartF
 

More Related Content

What's hot

OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
 
Siber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı SistemiSiber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı SistemiBGA Cyber Security
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)akruthi k
 
Introduction to Vault
Introduction to VaultIntroduction to Vault
Introduction to VaultKnoldus Inc.
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASPMarco Morana
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ GuideSmithjulia33
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmVittorio Giovara
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols NetProtocol Xpert
 
secure socket layer
secure socket layersecure socket layer
secure socket layerAmar Shah
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJoe McCarthy
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 

What's hot (20)

OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
Siber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı SistemiSiber Saldırılar i̇çin Erken Uyarı Sistemi
Siber Saldırılar i̇çin Erken Uyarı Sistemi
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
 
Introduction to Vault
Introduction to VaultIntroduction to Vault
Introduction to Vault
 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA Rules
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ Guide
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
 
Hardware Security
Hardware SecurityHardware Security
Hardware Security
 
Le chiffrement
Le chiffrementLe chiffrement
Le chiffrement
 
Hashicorp Vault ppt
Hashicorp Vault pptHashicorp Vault ppt
Hashicorp Vault ppt
 
secure socket layer
secure socket layersecure socket layer
secure socket layer
 
SSL intro
SSL introSSL intro
SSL intro
 
Owasp top 10 inceleme
Owasp top 10 incelemeOwasp top 10 inceleme
Owasp top 10 inceleme
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied Cryptography
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:
 

Similar to HSM (Hardware Security Module)

Security & Cryptography In Linux
Security & Cryptography In LinuxSecurity & Cryptography In Linux
Security & Cryptography In LinuxAhmed Mekkawy
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17LennartF
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsAleksandr Yampolskiy
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdfMAHESHUMANATHGOPALAK
 
SOC-BlueTEam.pdf
SOC-BlueTEam.pdfSOC-BlueTEam.pdf
SOC-BlueTEam.pdfBeratAkit
 
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vandaVanda KANY
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)David Sweigert
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-daysZoltan Balazs
 
How to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ DisobeyHow to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ DisobeyZoltan Balazs
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
Security and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseSecurity and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseAmazon Web Services
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopErnest Staats
 
Cryptography 101 for Java Developers - Devoxx 2019
Cryptography 101 for Java Developers - Devoxx 2019Cryptography 101 for Java Developers - Devoxx 2019
Cryptography 101 for Java Developers - Devoxx 2019Michel Schudel
 
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera SoftwareOWASP
 
Owning computers without shell access dark
Owning computers without shell access darkOwning computers without shell access dark
Owning computers without shell access darkRoyce Davis
 

Similar to HSM (Hardware Security Module) (20)

Security & Cryptography In Linux
Security & Cryptography In LinuxSecurity & Cryptography In Linux
Security & Cryptography In Linux
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
 
Jsse
JsseJsse
Jsse
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
 
SOC-BlueTEam.pdf
SOC-BlueTEam.pdfSOC-BlueTEam.pdf
SOC-BlueTEam.pdf
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
 
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vanda
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-days
 
How to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ DisobeyHow to hide your browser 0-day @ Disobey
How to hide your browser 0-day @ Disobey
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
 
Defense at Scale
Defense at ScaleDefense at Scale
Defense at Scale
 
Messing around avs
Messing around avsMessing around avs
Messing around avs
 
Security and Advanced Automation in the Enterprise
Security and Advanced Automation in the EnterpriseSecurity and Advanced Automation in the Enterprise
Security and Advanced Automation in the Enterprise
 
FBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise WorkshopFBI & Secret Service- Business Email Compromise Workshop
FBI & Secret Service- Business Email Compromise Workshop
 
Cryptography 101 for Java Developers - Devoxx 2019
Cryptography 101 for Java Developers - Devoxx 2019Cryptography 101 for Java Developers - Devoxx 2019
Cryptography 101 for Java Developers - Devoxx 2019
 
[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software[Wroclaw #9] The purge - dealing with secrets in Opera Software
[Wroclaw #9] The purge - dealing with secrets in Opera Software
 
Owning computers without shell access dark
Owning computers without shell access darkOwning computers without shell access dark
Owning computers without shell access dark
 

Recently uploaded

Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 

Recently uploaded (20)

Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 

HSM (Hardware Security Module)

  • 1. HSM & HSM Simulator http://www.unpluggedmind.in
  • 2. What is HSM? HSM stands for Hardware Security Module. It’s a tamper resistant and incredibly secure physical device which is used to generate/store cryptographic keys and perform cryptographic functions. It detects unauthorized access, trigger alarm and even can remove the cryptographic keys inside to protect the information. There are general purpose and specialized HSMs. Payment industry uses specialized HSM to protect cryptographic keys, sensitive data generation, and validation. Typically it undertakes following functions for payment card personalization and transaction authorization: – Sharing keys securely – Generate PVV, CVV for magnetic strip data – Generate and print PIN mailer – Encrypt/Decrypt/Re-Encrypt PIN block – Verify card security codes – Verify PIN – Verify EMV (chip) data It’s mandatory for industries like payments to use HSM which an expensive device. Hence there are many companies cropped up who offer HSM as a service. Use of HSM for cryptographic functions in payment is de facto and also endorsed by PCI council as part of PCI DSS. PCI also provides security requirement for HSM (link).
  • 3. HSM (Thales) Simulator The Thales Simulator Library is an implementation of a software emulation of the Thales (formerly Zaxus, formerly Racal) RG7000 Hardware Security Module cryptographic device.
  • 4. How to Install 1.Go to CodePlex, an open source project archive (https://archive.codeplex.com/?p=thalessim) and download. The source code is available on github (https://github.com/nickntg/thalessimulatorlibrary) as well, but you need to have all the tools to build the solution and then you can get your hands on the installer. 2.Extract downloaded file thalessim.zip. 3.Go to "thalessimwikidownloadWikidocs" directory. 4.Run the Thales Windows Simulator installer. 5.This will install the simulator as "Thales Simulator".
  • 5. How to Use 1.Run the installed "Thales Simulator“ 2.The default configuration of the simulator is available in ThalesParameters.xml generally available in the installed directory (C:Program Files (x86)NTGThales Simulator) 3.The default port for the simulator is 9998. It can be changed in ThalesParameters.xml. 4.Open a socket and connect the simulator on port 9998. 5.Important!!! All messages need to be prefixed with a 2-byte header i.e; 0000. The purpose of this header is to be able to identify request/response pairs in a high-load scenario. If you send simultaneous requests to the simulator (or a real HSM for that matter), you need to be able to match the correct responses to original requests because they might not arrive in the original order. You can use the header to do that. Sample command for CVV verification is "CYU123456789012345678901234567890121234123456789012345;1212101", prefix it with 2-byte header before sending to the simulator i.e; "0000CYU123456789012345678901234567890121234123456789012345;1212101"
  • 6.