"You have to think about how the online world really operates and how we make sure that data is secure. How can we trust each other in the digital world?" Robert Rogenmoser, the CEO of Securosys, asks. The answer is "encryption and digital signature."

According to Robert Rogenmoser, the CEO of Securosys, storing keys insecurely creates immediate risk. This makes it crucial to maintain strong key security. "If it's just in a software system, you can easily get hacked. If I have your encryption key, I can read your data. If I have your Bitcoin keys, I can spend your money,” says Rogenmoser.

In the recent episode of The Security Strategist podcast, host Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Robert Rogenmoser, the CEO of Securosys, about safeguarding the digital world with cryptographic keys. Rogenmoser puts up a case to rally Hardware Security Modules (HSMs) as the best solution for this critical challenge.

In addition to discussing how hardware security modules (HSMs) protect encryption keys, they also talk about the evolution of HSMs, their applications in financial services, the implications of post-quantum cryptography, and the integration of AI in security practices.

Are Hardware Security Modules (HSMs) the Ultimate Solution?

The conversation stresses the importance of key management and the need for organisations to adapt to emerging technologies while ensuring data security.

In order to mitigate the cybersecurity risks, the priority is to securely store the keys, control access, and generate impenetrable keys that cannot be easily guessed by cyber criminals. HSMs are the ultimate solution to the key issue, believes Rogenmoser.

Firms tend to shift their data to the cloud, making it even more essential to secure keys. The main challenge arises when both the data and the keys are managed by the same cloud provider, as this setup can compromise the integrity of key control and raise concerns about data sovereignty.

However, Securosys approaches this challenge differently. Rogenmoser explains that organisations can keep their data encrypted in the cloud. At the same time, they keep the key somewhere else, where only they have control over it.

Multi-Authorisation System for High-Stakes Transactions

Rogenmoser pointed out the company's patented system for multi-authorisation of Bitcoin keys. This system is essential because blockchain transactions are high-stakes and irreversible.

"Crypto custody for bitcoins or any cryptocurrency is a major business for our HSM," he said. Banks that hold large amounts of customer crypto cannot afford a single point of failure. "A blockchain operation is a one-way thing. You sign a transaction, and the money is gone."

The multi-authorisation system addresses this issue by requiring a "quorum" of people to approve each transaction. Rogenmoser explained, "You can say this transaction can only be signed and sent to the blockchain if one out of three compliance officers signs this, plus two out of five traders."

This approach creates a "more secure system" because "the HSM then checks, do we have a quorum? Did everyone actually sign the same transaction?" Only after verification is "the actual key for the blockchain […] used to sign a transaction and send it to the blockchain."

Looking to the future, Rogenmoser believes HSMs will be vital for securing the growth of artificial intelligence (AI). With "AI and AI agents doing tasks for us, they might modify things or purchase items on our behalf," which requires both authorisation and attestation.

Takeaways

  • HSMs are essential for protecting encryption keys.
  • The Swiss National Bank was a key client for Securosys.
  • Securosys HSMs are used to secure financial transactions worth trillions.
  • Cloud-based HSMs offer convenience but require careful key management.
  • Post-quantum cryptography is a significant industry transition.
  • NIST is developing algorithms resistant to quantum attacks.
  • Multi-authorisation systems enhance security in cryptocurrency transactions.
  • AI will require new security measures and audit trails.
  • Organisations must assess their key management practices.
  • Transitioning to post-quantum systems will take time and planning.

Chapters

  • 00:00 Introduction to HSMs and Their Importance
  • 03:55 The Role of HSMs in Financial Services
  • 08:44 Post-Quantum Cryptography: Preparing for the Future
  • 13:30 Multi-Authorisation Systems in Cryptocurrency
  • 16:48 AI and the Future of HSMs
  • 19:19 Key Takeaways for IT Decision Makers

About Securosys

Securosys SA, based in Zurich, is a global leader in cybersecurity, encryption and digital identity protection, prioritising data sovereignty. Their Swiss-built Hardware Security Modules (HSM) secure financial markets, serving over half of the Tier 1 banks worldwide. Certified to the highest standards, their on-premises and cloud HSM solutions offer secure key generation, encryption, digital signing, and post-quantum readiness for finance, healthcare, government, and other industries.