Introduction
The YubiHSM 2 is a USB-based, multi-purpose cryptographic device for servers. Its diminutive physical size is ideal for installation directly into internal or external server ports. It is a Hardware Security Module (HSM) that is cost-effective for all organizations. It provides advanced cryptography including hashing, asymmetric, and symmetric key cryptography to protect the cryptographic keys that secure critical applications, identities, and sensitive data in an enterprise for certificate authorities, databases, code signing and more.
Operating System Requirements
The YubiHSM 2 SDK is built and provided for the following operating systems. This includes Windows, Linux distributions, and macOS. See YubiHSM2 Releases for most recent platform YubiHSM2 downloads.
| Operating System | Architecture | Latest Date | Version |
|---|---|---|---|
| Centos | amd64 | 2023-11-02 | Centos7 |
| Darwin | amd64 | 2025-08-11 | macOS 15, 14, 13 |
| Darwin | arm64 | 2025-08-11 | macOS 15, 14, 13 |
| Darwin | universal | 2025-08-11 | macOS 15, 14, 13 |
| Debian | amd64 | 2025-06-12 | Debian 12, 11 |
| Fedora | amd64 | 2025-06-12 | Fedora 42, 41 |
| Ubuntu | amd64 | 2025-06-12 | Ubuntu 25.04, 24.10, 24.04 |
| Windows | amd64 | 2025-06-12 | Windows Server 2025, 2022,
Windows 11, 10
|
Physical Characteristics
YubiHSM 2 Physical Device
- Form factor: nano designed for confined spaces such as internal USB ports in servers
- Dimensions: 12mm x 13mm x 3.1mm
- Weight: 0.5g
Temperatures
- Operational range: 0°C - 40°C (32°F - 104°F)
- Storage range: -20°C - 85°C (-4°F - 185°F)
Host Interface
Universal Serial Bus (USB-A) 1.x Full Speed (12 Mbit/s) Peripheral with bulk interface.
Storage Capacity
- All data stored as objects. 256 object slots, 126KB max total
- Stores up to 127 rsa2048 or 93 rsa3072 or 68 rsa4096 or 255 of any elliptic curve type, assuming only one authentication key is present
- Objects: Authentication keys (used to establish sessions); Asymmetric private keys; Opaque binary data objects (e.g. x509 certificates); Wrap keys; HMAC keys
YubiHSM 2 Cryptographic Specifications
Cryptographic Interfaces
- PKCS#11 API version 2.40
- Yubico Key Storage Provider (KSP) to access Microsoft CNG. The KSP is provided as 64-bit and 32-bit DLLs
- Full access to device capabilities through Yubico’s YubiHSM Core Libraries (C, Python)
Advanced Encryption Standard (AES)
- 128, 192, and 256-bit keys
- Support for Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Counter (CCM) modes
RSA
- 2048-, 3072-, and 4096-bit keys (with e=65537)
- Signing using PKCS#1v1.5 and PSS
- Decryption using PKCS#1v1.5 and OAEP
Elliptic Curve Cryptography (ECC)
- Curves: secp224r1, secp256r1, secp256k1, secp384r1, secp521r, bp256r1, bp384r1, bp512r1, Ed25519
- Signing: ECDSA (all except Ed25519), EdDSA (Ed25519 only)
- Derivation: ECDH (all except Ed25519)
Hashing Functions
SHA-1, SHA-256, SHA-384, SHA-512
Key Wrap
Import and export using NIST-approved AES-CCM Wrap with 128-, 196-, and 256-bit keys
Random Numbers
On-chip True Random Number Generator (TRNG) used to seed NIST SP 800-90A Rev.1 AES-256 CTR_DRBG
Attestation
Asymmetric key pairs generated on-device may be attested using a device-specific Yubico attestation key and certificate, or using your own keys and certificates imported into the HSM. See Attestation.
FIPS certified
Note
This section applies to YubiHSM 2 FIPS devices only.
YubiHSM 2 FIPS is FIPS 140-2 Level 3 certified device, which means it can be used in solutions that are meant to comply with FIPS 140-2 requirements. Certification by National Institute of Standards and Technology (NIST) can be found at: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3916
YubiHSM 2 FIPS devices include the text “FIPS” laser-etched onto the surface of the device and allow YubiHSM 2 FIPS to run in FIPS Approved mode.
The YubiHSM 2 is available in a FIPS-capable version called YubiHSM 2 FIPS.
The YubiHSM 2 FIPS can be configured in an approved mode and a non-approved mode of operation. In the approved mode, only FIPS-approved algorithms are supported. In the non-approved mode, additional non-approved algorithms such as rsa-pkcs1-sha1 are supported.
FIPS-approved mode can be configured only after a device reset by enabling the fips-mode option and immediately changing the default Authentication key.
For instructions on configuring the YubiHSM 2 FIPS in FIPS-approved mode, see FIPS Mode Support Guide.
A key attestation generated on a YubiHSM 2 FIPS device with firmware version 2.4.1 or newer has an X.509 extension present with OID 1.3.6.1.4.1.41482.4.12. If the key attestation was generated in FIPS-approved mode, this extension BOOLEAN value is TRUE. Otherwise, the BOOLEAN value is FALSE.
The pre-loaded certificate of a YubiHSM 2 FIPS device has an X.509 extension present with OID 1.3.6.1.4.1.41482.4.10. This extension has an INTEGER value encoding its FIPS certificate. Currently, the value 6 refers to the YubiHSM 2 FIPS certificate for firmware version 2.2.
Performance
Performance varies depending on usage. The accompanying Software Development Kit includes performance tools that can be used for additional measurements. Example metrics from an otherwise unoccupied YubiHSM 2:
- RSA-2048-PKCS1-SHA256: ~139ms
- RSA-3072-PKCS1-SHA384: ~504ms
- RSA-4096-PKCS1-SHA512: ~852ms
- ECDSA-P224-SHA1: ~64ms
- ECDSA-P256-SHA256: ~73ms
- ECDSA-P384-SHA384: ~120ms
- ECDSA-P521-SHA512: ~210ms
- EdDSA-25519-32Bytes: ~105ms
- EdDSA-25519-64Bytes: ~121ms
- EdDSA-25519-128Bytes: ~137ms
- EdDSA-25519-256Bytes: ~168ms
- EdDSA-25519-512Bytes: ~229ms
- EdDSA-25519-1024Bytes: ~353ms
- AES-(128|192|256)-CCM-Wrap: ~10ms
- HMAC-SHA-(1|256): ~4ms
- HMAC-SHA-(384|512): ~243ms
Management
- Mutual authentication and secure channel between applications and the YubiHSM 2.
M of Nunwrap key restore via YubiHSM Setup Tool