SPKI - A simple application level PKI framework

Private keys leakage or theft

Private keys can often be stolen or lost in ordinary device memory or file systems. HSMs ensure keys never leave the secure boundary.

Private keys exposure

Operating systems expose keys via storage, backups, or imports/exports. HSMs prevent this by handling cryptographic operations internally.

Side-channel or cryptographic attacks

Algorithms like AES or RSA can be vulnerable to timing and power analysis. HSMs use hardened chips with protections against such attacks.

Tamper resistance

HSMs are designed to detect and respond to physical tampering attempts, often zeroizing keys to prevent compromise.

Compliance and trust

Industries such as finance and government require certified hardware (FIPS 140, Common Criteria) to store and manage cryptographic keys.

Performance and scalability

HSMs accelerate cryptographic operations at scale, enabling secure transaction signing, SSL/TLS offload, and certificate issuance.

What problems do SHSMs (Software-Emulated HSMs) intend to solve?

Private key distribution risks

Private keys are often mishandled or shared insecurely across parties. SHSM ensures keys are never transmitted to third parties — only the endpoint and secure SHSM server retain access, reducing leakage risks.

Device and OS exposure

Keys stored in file systems, backups, or imports/exports are easily exposed. SHSM prevents this on the server side by using public key authentication, ephemeral TLS, and secure memory operations instead of persistent storage.

Side-channel avoidance

RSA and AES can be susceptible to side-channel attacks (timing/power analysis). SHSM reduces this risk by adopting EdDSA (Ed25519/Ed448) and stream ciphers, ensuring strong security without specialized hardware.

Group signing & encryption

Organizations often lack secure workflows for multi-user authorization. SHSM enables policy-based group signing and encryption, supporting collective trust models without relying on physical HSMs.

Fixed algorithms

Most hardware HSMs only support RSA, ECDSA, and AES. SHSM allows flexibility to adopt modern or post-quantum algorithms without waiting for vendor updates.

Hard disks exposure

Most servers share resources, and when a machine only has a small amount of RAM (for example, 512 MB), the operating system will start using the hard disk as “backup memory” through something called a swap partition. This swap space is a reserved part of the disk where data from memory is temporarily stored when RAM runs out.

The problem: sensitive information from applications can accidentally end up written to the hard disk this way, leaving it exposed.

SHSM prevents this risk by using a hybrid approach:

Wherever possible, it ensures that private or sensitive data stays in memory only and never gets written to the disk.
In cases where this can’t be applied safely, SHSM disables the use of swap partitions entirely.

HSM vs SHSM

Traditional HSM

Security: Certified (FIPS/Common Criteria) tamper-resistant hardware.
Use Cases: Banks, governments, TLS/SSL, payment processing.
Strengths: Resistant to physical, side-channel, and OS-level attacks.
Limitations: Expensive, hard to scale, vendor lock-in.
Pricing: Typically USD $20K–$100K per unit, plus maintenance.

Software HSM (SHSM)

Security: Relies on software controls, sandboxing, mutable memory, and zero-trust enforcement.
Use Cases: SMEs, decentralized CA/PKI, developers needing flexible cryptographic enforcement. With the use of oracles, smartweave or smart contracts can reference to SHSM HTTP API.
Strengths: Low-cost, customizable, runs anywhere (VM, cloud, edge).
Limitations: Weaker physical attack resistance, requires careful hardening.
Pricing: Price will be starting from 500 USD. This is a one time customization fee.

What problems do HSMs intend to solve?