2024-08-14
In this episode of KEYMASTERs, Jörgen Jansson, Principal Solution Engineer Nordics, and Sven Rajala, International PKI Man of Mystery, discuss the implications of putting an HSM (Hardware Security Module) into FIPS (Federal Information Processing Standards) mode. Our aim is to share our knowledge of what FIPS mode entails and its benefits and limitations.
Sven begins by highlighting the common questions we receive about HSMs in FIPS mode- "Is my HSM less secure or more secure when put in FIPS mode?". Jörgen explains that FIPS certification means the HSM has undergone rigorous testing for both software and hardware, ensuring its reliability and security.
See the KEYMASTER episode here:
The discussion then shifts to whether one should enable FIPS mode on an HSM. Jörgen advises against enabling FIPS mode unless necessary, as it limits the supported algorithms to those recommended by NIST (National Institute of Standards and Technology). Enabling FIPS mode restricts users to specific RSA key sizes and hashing algorithms, which can impact the functionality of applications and PKI systems, especially when older algorithms like SHA-1 and RSA with key sizes less than 2048 are no longer approved in FIPS mode, for example.
Sven adds that enabling FIPS mode can also affect key usage policies, which may hinder certain PKI functionalities. Jörgen concurs, noting that while FIPS mode ensures compliance with stringent security standards, it also requires regular updates to align with the latest FIPS guidelines and HSM firmware.
They both agree that using an FIPS-validated HSM provides a significant level of security assurance even without enabling FIPS mode. Products labeled as "FIPS compliant" without certification are deemed less reliable, as true FIPS certification involves extensive testing.
Jörgen concludes that compliance does not solely depend on whether the HSM is in FIPS mode in most cases. Auditors also typically evaluate how the HSM is used, including PKI practices, audit logging, and overall security management. If an auditor only checks for FIPS mode, this may not provide comprehensive value.
While FIPS mode offers a higher security standard, it is not always necessary unless required by policy or for compliance. Using a FIPS-validated HSM provides a significant level of security assurance even without enabling FIPS mode. Organizations should weigh the benefits and limitations, considering their specific use cases and security needs.
Blog - The Role of HSMs in PKI and Signing Solutions