The purpose of this library is to provide an adequate TCP/IP simulation of the Thales (former Zaxus, former Racal) Hardware Security Module or HSM.

HSM devices are widely used in banking environments to provide security functions to a host application. Typically, an HSM can perform DES and Triple DES symmetric encryption. Additionally, some HSM devices (Thales amongst them) can also provide RSA asymmetric encryption facilities.

Aside from their cryptographic capabilities that can be commonly found in any software library, HSM devices implement a secure mechanism of storing master keys in tamper-resistant hardware. All other keys that an HSM device produces are encrypted under the local master keys and are communicated in an encrypted form to the host application. The vast majority of cryptographic facilities provided by an HSM is thus carried out by using cryptographic keys in an encrypted form.

The result is that even the host application does not have the clear value of keys used to encrypt/decrypt information or perform more advanced functions (like verifying a cardholder's PIN). This is a typical requirement of banking applications that control ATM/POS terminals or communicate with the VISA, MasterCard or other regional switches.

Thanks go to babtras who greatly helped with testing and implementation, to project members azus and webbr23 who implemented important commands and also to Manshtein that helped to identify and fix several bugs.

Thales Simulator activity history video

Cluster Maps

Last edited Jul 7, 2012 at 11:52 PM by nickntg, version 28