Friendly Intro to Hardware Security Modules (HSMs)

I am literally on this page after typing HSM into youtube search and getting High School Musical.

ctustison

I wish you have more and more videos. I found your encryption video today and then watched all of your videos in a single sitting.

MdMainuddinJU

Thank you for the concise explanation! Some of the explanations that I found prior to this made it sound like one would retrieve the key from the HSM, not the encrypted or decrypted values.

/edit typos

zefarmer

this was such an amazing explanation, thanks a ton

I'm doing research on how web3 authentication providers and password-less auth providers manage keys securely and naturally HSMs came up

appreciate the illustrations and simple before/after diagrams!

thatguyintech

This channel is underrated. I never found a better explanation before I watched this video. Keep up the good work!

ChimckyNuggy

Well, definitely HSM has its benefits in many many ways. But if the service is compromised, then the hacker can not only read the key (without HSM), but also read the returned output from the HSM (with HSM), no?

So this is just a part of a security implementation but other things should be taken care of too.

Great video by the way. Really liked your way of explaining the complex mechanism. Kudos 👏

rupokify

plain and simple explanation, great job

anadia

what stops the hacker from simply calling the HSM from the server running the service and letting the HSM do all the work for them?

philtaylor

Excellent, simple and to the point...

KapilThakar

Really well explained !!. Thank you so much

wasimibrahim

This was the best, and simplest HSM explanation ever!

rajdonald

don't stop keep posting (y) well done!!

rashedbarat

great explanation! Exactly what I was looking for!

vinylastronaut

Here's the question I have Alex, that I've yet to see anyone break down and explain it succinctly. We're talking about protecting the Service Key that is on say, a Windows Server running Microsoft SQL Server. The question I have is, what are the precise steps whereby the Key, that is created on the HSM, what is it called? i.e. KEK, Public/Private Key Pair, etc.? And does it encrypt/decrypt the key on the SQL Server via this "mystery HSM Key", and what is that process? I've yet to find anyone who can break down how this process works in finer detail. You're steps are great but I think they need a further breakdown in the process. Thank you again for your great videos!

googlewalle

Thanks you very much for your clear explanation

goksnarasi

Hi, thank you for the explanation..it was good and very clear. I hope hope you can enlighten me on the following:
if the service get compromised, can the malicious actor obtain the decrypted text from the HMS?

christianalessi

Thanks for this, really great video! 😊

jaiyden

Such an amazing video!!! Thanks you :)

evaninadgn

You explained this so effortlessly but have a question, You mentioned that Service is calling HSM to decrypt the encrypted text and HSM decrypts and sends back the row text, but how service calling to HSM, service must need to pass some sort of info (I mean some kind of key again) so HSM can validate that this is the legit request and let me decrypt it now. I f you answer this then i have follow-up question

tejit

great video, can you do something on code signing ...

ccJoeMurphy