Unbound Tech, a provider of software-defined cryptography, today announced an industry first with the news that Unbound Key Control, a virtual HSM and key management solution, received FIPS 140-2 Level 1 and Level 2 certification from the U.S. National Institute for Standards and Technology (NIST).
A landmark achievement, Unbound is the first and only vendor to obtain FIPS 140-2 certification for a cryptographic module that spans multiple separate machines and uses secure multiparty computation (MPC) rather than relying on physical security measures to protect keys. Organizations now have the assurance that Unbound’s platform meets NIST’s strict security standard that was previously only issued to modules in which keys are stored and key operations are performed in a single machine, hence the keys stand as a single point of compromise.
“Several Fortune 500 enterprises with some of the industry’s strictest security and privacy requirements have already deployed Unbound’s transformational software-only solution, illustrating consistent market confidence alongside this ground-breaking FIPS 140-2 certification,” said Prof. Yehuda Lindell, CEO at Unbound Tech. “Additionally, the company was recently named in five Gartner Hype Cycle Reports, further reinforcing the promise of our MPC-based solution. Unbound is proud to be leading this major innovation in applied cryptography.”
Unbound Key Control enables a new model of trust built upon multiple entities rather than entrusting key protection to a single machine. Keys are split into random shares placed on separate, highly segregated machines and never exist in complete form throughout the key lifecycle – not even when generated or while in use. It is guaranteed mathematically that unless all machines are breached essentially simultaneously, the keys cannot be compromised.
By removing the inherent vulnerability of keys as a single point of compromise, Unbound helps organizations:
- Adopt an agile, elastic and automated software-defined cryptography approach with a pure-software solution that provides proven key protection from both physical and software-based attacks, while running on any existing physical or virtual infrastructure.
- Achieve new levels of security and control by splitting keys among multiple entities, for example, a CYOK (Control Your Own Key) model for cloud cryptographic keys – splitting keys between the cloud service provider and an enterprise-controlled server.
- Unleash innovation opportunities by addressing both security and practical implementation requirements for modern advanced cryptographic applications, such as code signing, and cryptocurrency and blockchain key management.