Software-defined cryptography provider Unbound Tech, announced today a partnership with Cryptosense, a supplier of security analysis software for cryptography. In order to further verify the security of its virtual HSM. Unbound Tech will leverage the Cryptosense Analyzer Platform (CAP).
The Cryptosense Analyzer Platform (CAP) will perform automated, systematic penetration tests of its Unbound Key Control (UKC), a virtual HSM and key management solution, and Crypto-of-Things (COT) virtual crypto key management and security solution.
Through this partnership, Unbound Tech will utilize the Cryptosense Fuzzer, a mutation-based fuzzing engine, to test the Unbound Key Control (UKC) and Crypto-of-Things (COT) PKCS#11 implementations.
By sending commands to a device’s PKCS#11 interface and logging the responses, the Cryptosense Fuzzer will test traces of exchanges between an application and a cryptographic library to ensure these virtual appliances are properly secured in the event of a PCKS#11 API attack (one of the most common attacks on HSM and Virtual HSM devices).
“Our software enables our customers to move securely to cloud cryptography services. CAP is the only tool on the market that provides everything you need for a secure and simple migration from start to finish. Our software looks inside a running application to see what cryptography is really being used, tests the use of the cloud crypto service to check for vulnerabilities and monitors the security of the migrated application in the cloud. By partnering with Unbound, we’re able to reassure our customers of the continued security of their Virtual HSM and the applications that use it.”
– Graham Steel, CEO of Cryptosense
Testing with the Cryptosense Analyzer is the latest step in a series of third-party security validations in support of Unbound’s virtual HSM. In early 2019, UKC also received FIPS 140-2 Level 1 and Level 2 certification from the U.S. National Institute for Standards and Technology (NIST).
They are the first and only vendor to obtain FIPS 140-2 certification for a cryptographic module that spans multiple separate machines and uses secure multiparty computation (MPC) rather than relying on physical security measures to protect keys.
“There are often misconceptions around the level of security provided and benefits of protecting encryption keys with virtual appliances versus traditional HSMs. The security provided by Unbound Key Control has now been industry-tested and proven to be equal to, if not better, than that provided by a physical HSM. UKC is an operational and cost-friendly alternative to hardware that provides scalable key management and secure encryption from both physical and software-based attacks, while running on any existing physical or cloud infrastructure. With Cryptosense’s stamp of approval, our clients can now feel more confident in adopting this approach to securing their sensitive information.”
– Guy Peer, Co-founder at Unbound Tech
As a software-only solution, UKC offers unique benefits not common with physical HSMs – requiring minimal effort to set up, use and maintain in a variety of environments and application delivery models. All key management and user management operations are fully automated using the CLI or REST API, giving companies the ability to scale up or down, create partitions and users, register clients and revoke keys immediately across their entire global infrastructure from a single pane of glass.
