Max number of slots supported by NitroKey HSM


I cannot find it in the documentation

What is the max number of slots that can be created on a NitroKey HSM 2 device?

In my use case, each slot will contain 2 objects (ECC certificate, ECC private key, ECC public key).


One slot. But you can further separate the slot into key domains, however authentication by PIN or Public Key Authentication always affects all keys.

1 Like

Do you mean XKEK Key Domains:


If yes, do I understand it correctly that they are not supported by NitroKey HSM 1?

Both, XKEK and DKEK key domains.

The HSM1 supports only a single DKEK key domain, while the HSM2 allows multiple key domains, even in combination of DKEK and XKEK.

Perhaps you mean the amount of keys possible? See Nitrokey HSM factsheet:

Storage capacity: 76 KB EEPROM total, max. 150 xECC-521 keys, max. 300 x ECC/AES-256 keys, max. 19 xRSA-4096 keys, max. 38 x RSA-2048 keys, max. 65536data objects

1 Like

No, I meant the number of slots. In other words, I meant the number of possible User PIN’s that can be used to protect various certificates.

I understood the previous response:
1 slot -> 1 User PIN
at the same time

There is only one User-PIN.