Hardware Security Modules (HSMs) are the backbone of enterprise cryptographic key management. This guide explains what HSMs do, how major vendors differ, and the key concepts you need to understand when working with HSM key formats.
What is an HSM?
A Hardware Security Module is a tamper-resistant hardware device that:
- Generates cryptographic keys using a certified random number generator
- Stores keys in secure, tamper-evident memory
- Performs cryptographic operations (encrypt, decrypt, sign) inside the hardware
- Destroys keys if physical tampering is detected
- Enforces access controls and audit logging
Keys generated inside an HSM never exist in plaintext outside the device — this is the fundamental security guarantee.
Why Use an HSM?
| Requirement | Software Solution | HSM Solution |
|---|---|---|
| Key storage | File system / database | Tamper-resistant hardware |
| Key generation | OS random number generator | FIPS 140-2 certified TRNG |
| Compliance | Difficult | PCI HSM, FIPS 140-2/3 certified |
| Key export | Plaintext possible | Encrypted under LMK/ZMK only |
| Audit | Application logs | Hardware audit trail |
HSMs are required by PCI DSS, PCI PIN, and many banking regulations for protecting PIN encryption keys, card verification keys, and master keys.
HSM Key Hierarchy
Most HSMs use a hierarchical key structure:
Local Master Key (LMK) — stored in HSM hardware
└── Zone Master Key (ZMK) — exchanged between HSMs
└── Zone Encryption Key (ZEK) / Zone PIN Key (ZPK)
└── Working Keys (PIN keys, MAC keys, etc.)
Local Master Key (LMK)
- The root key, never leaves the HSM
- Used to encrypt all other keys for storage
- Loaded during HSM initialization via key ceremony
- Split into components (see our Key Splitting guide)
Zone Master Key (ZMK)
- Exchanged between two HSMs to establish a secure channel
- Used to transport working keys between sites
- Also called Key Exchange Key (KEK)
Working Keys
- PIN Encryption Key (PEK/ZPK): Encrypts PINs at ATMs/POS
- MAC Key: Generates message authentication codes
- Data Encryption Key (DEK): Encrypts cardholder data
Major HSM Vendors
Thales (formerly nCipher + SafeNet)
Thales is the market leader, formed from the merger of nCipher and SafeNet.
Thales payShield (payment HSMs):
- Industry-standard for payment processing
- Supports Thales LMK key format
- Keys stored as "Thales Key Blocks" (proprietary format)
- Use our Thales Keys tool to work with Thales-encrypted keys
- Use our Thales Key Block tool for Thales key block format
Key format: Keys are encrypted under LMK variants (different XOR masks applied to LMK for different key types)
Futurex
Futurex HSMs are widely used in US banking and payment processing.
Key characteristics:
- Uses "Futurex key format" for key storage
- Supports TR-31 key blocks (see our TR-31 guide)
- Strong presence in ATM and POS networks
Use our Futurex Keys tool to work with Futurex-formatted keys.
Atalla (HP/Utimaco)
Originally HP Atalla, now owned by Utimaco.
Key characteristics:
- Uses AKB (Atalla Key Block) format
- Common in older banking infrastructure
- Strong presence in PIN processing
Use our Atalla Keys tool to decode and work with AKB-format keys.
SafeNet (Thales)
SafeNet HSMs (now part of Thales) are used for general-purpose PKI and encryption.
Use our SafeNet Keys tool for SafeNet key format operations.
Key Transport Standards
When moving keys between HSMs or systems, standardized formats are used:
TR-31 (ANSI X9.143)
The modern standard for key transport. Binds key attributes (usage, algorithm, exportability) cryptographically to the key material.
→ See our complete TR-31 Key Block guide and TR-31 Tool
Key Components (Manual Exchange)
For initial key loading, keys are split into components and entered manually by multiple custodians.
→ See our Key Splitting & KCV guide and Keyshare Generator
DUKPT — HSM-Based Per-Transaction Keys
For high-volume transaction environments (ATMs, POS terminals), DUKPT provides unique keys per transaction without requiring the HSM to be involved in every transaction.
→ See our DUKPT guide and DUKPT Tool
Key Ceremony
A key ceremony is the formal process of generating and loading master keys into an HSM:
- Multiple custodians present (dual control)
- Each custodian holds one key component
- Components entered sequentially — no single person sees complete key
- KCV verified after loading
- Process documented and audited
This satisfies PCI DSS requirements for split knowledge and dual control.
HSM Compliance Certifications
| Certification | Meaning |
|---|---|
| FIPS 140-2 Level 3 | US government standard, physical tamper protection |
| FIPS 140-2 Level 4 | Highest FIPS level, full environmental protection |
| FIPS 140-3 | Newer standard (replacing 140-2) |
| PCI HSM | Payment Card Industry HSM standard |
| Common Criteria EAL4+ | International security evaluation |
Most payment HSMs are certified to FIPS 140-2 Level 3 and PCI HSM.
Try It Yourself
Explore HSM key formats with our tools:
- Key Generator — Generate AES/DES/3DES keys with KCV
- Keyshare Generator — Split keys into components
- TR-31 Key Block Tool — Encode/decode TR-31 key blocks
- Thales Keys — Work with Thales LMK-encrypted keys
- Futurex Keys — Work with Futurex key format
- Atalla Keys — Work with Atalla AKB format
All tools run entirely in your browser for safe, offline use.