HSM2 possible write cycles

i have an application where I’ll need to juggle many more RSA keys than the HSM2 can handle, s the idea was to store the wrapped keys seperately and load the key before signing and delete it afterwards.

I couldn’t find any info on possible write cycles, would doing this (unwrap key, sign something, delete key) 30 times per day be detrimental to the Nitrokeys lifetime?

The SmartCard-HSM uses EEPROM cells for persistence. Any key management operation (in contrast to using a key in a crypto operation) puts stress on the memory cells.

NXP guarantees at least 500.000 cycles per cell. However, when removing and re-importing, keys objects are allocated at different locations in memory. Only if the device is short on memory, then garbage collection will reclaim space. So changes are that you can perform a lot more operations that 500.000 with the device.

We’ve tested this behavior with the PIN retry counter, which is always on the same memory cell. The device failed at about 1.500.000 operations, which means 3.000.000 write operations on a single the cell.

We have an application where a lot of keys are generated and destroyed and so far we have not managed to block a single device.

1 Like