Product details
YubiHSM 2 v2.4 enables secure data backups with asymmetric encryption, ensuring that sensitive information remains protected even during transfers over the Internet. The Bring Your Own Key (BYOK) feature in YubiHSM 2 v2.4 allows businesses to securely manage and store their own encryption keys in a multi-cloud environment. This offers greater security, control, portability, and compliance with regulations at a lower cost than traditional on-premises HSMs. YubiHSM 2 v2.4 includes a proprietary cryptographic library for performing RSA and ECC operations such as decryption and signing, the same library used in YubiKey 5.7. Create, import, and store keys, and then perform all crypto operations within the YubiHSM 2 hardware to prevent key theft at rest or in use. This protects against logical attacks on the server, such as zero-day exploits or malware, as well as physical theft of a server or its hard drive. YubiHSM 2 supports hashing, key wrapping, asymmetric signing, and decryption, including advanced signing with ed25519. Attestation is also supported for asymmetric key pairs generated on the device. The integrity and confidentiality of commands and data during transmission between the YubiHSM 2 and applications are protected by a mutually authenticated, integrity- and confidentiality-protected tunnel.