Marvell on Wednesday announced its next-generation hardware security module (HSM) designed to speed up cryptographic workloads by orders of magnitude compared to traditional processors. LiquidSecurity 2 HSMs are primarily targeted at cloud data centers, so they offer significantly better performance than their 2015 predecessors.
Marvell’s LiquidSecurity is a hardware security module (HSM) adapter in your server that encrypts and decrypts all data hosted on your machine and stores hardware-protected keys onboard To do. HSMs are widely used by companies where secure transactions are mission critical (banks, processing companies, etc.), but they are usually difficult and expensive to manage, which is why they are not always used in modern hyperscale cloud data centers. That’s why we prefer to depend on it rather than on it. General-purpose hardware such as CPUs, hardware disk encryption, and software.
However, HSMs have advantages over traditional security and encryption methods. Lower power consumption, better performance, store keys in hardware-protected enclaves, encrypt data separately in isolated partitions, and allow virtual machines to have dedicated resources in a FIPS-certified perimeter It’s for
Marvell’s LiquidSecurity 2 is a PCIe 4.0 x8 HHHL card that leverages the company’s Octeon Data Processing Unit (DPU) hardware and supports up to 1 million keys for AES, RSA, and ECC encryption algorithms, as well as common Stores 45 partitions for multi-tenant use cases. Hyperscale data center environment. The HSM can handle up to 42,000 RSA-2K operations per second, up to 100,000 ECC P-256 operations/second, and up to 1,000,000 GCM operations/second while consuming only 35W to 50W.
To provide this kind of performance and functionality at low power, Marvell’s LiquidSecurity 2 has dozens of dedicated cores optimized for cryptographic operations. As of now, Marvell has not revealed the complexity of his LS2, nor the production node he will use to build the chip (although given the low power consumption, this isn’t a very complicated IC. understand).
LiquidSecurity 2 is targeted for business-critical and mission-critical applications, so it perfectly meets various fault-tolerance and high-availability requirements. Additionally, HSMs can be updated in the field to support new algorithms such as post-quantum cryptography. Marvell provides a comprehensive Software Development Kit (SDK) with the LS2 part. This naturally provides additional flexibility if the hyperscaler needs to run his own stuff on his HSM. Ultimately, Marvell plans to certify the LS2 HSMs as FIPS 140-31, CC, eIDAS, and PCI PTS HSM 4.0 compliant.
The improved performance and increased flexibility of the LiquidSecurity 2 HSM compared to the original part is what doctors ordered for their hyperscale cloud data centers serving hundreds of customers. Many of which may require enhanced security for their business.
Marvell plans to start shipping the LiquidSecurity 2 hardware security module this fall. Pricing depends on multiple factors such as volume and configuration.
image 1 of twenty four