Marvell unveiled its LiquidSecurity 2 (LS2) hardware security module (HSM) adapter, the industry’s most advanced solution for enabling encryption, key management, authentication, and other HSM services in the cloud. LS2 is a converged security platform for payment, privacy compliance, and general purpose applications, and is powered by a cloud-optimized Marvell OCTEON data processing unit (DPU), proven at scale across the world’s largest hyperscale clouds. The new Marvell HSM adapter offers the industry’s highest performing cryptographic acceleration and processing, including hardware-secured storage of up to one million keys for AES, RSA, and ECC encryption algorithms, and 45 partitions for robust multi-tenant use cases.
As enterprises migrate from on-premises to private- or multi-cloud environments, the industry-leading Marvell LiquidSecurity platform empowers cloud service providers and large enterprises to create HSM-as-a-service clouds. Marvell’s HSM adapters have the latest FIPS-certified security boundary, designed for the most demanding applications deployed at cloud scale while offering best-in-class cost, performance, and energy efficiency for both public and private clouds.
Marvell has been leading the effort to transform HSMs into cloud-based devices since 2015. HSMs are the backbone for performing key management, cryptographic functions, and authentication for banks, ATM networks, media companies, and other service providers. In the U.S. alone, the value of credit and debit card transactions is expected to rise from $8 trillion to $12.9 trillion by 2025. Virtually all of the 468 billion-plus credit card transactions that occur annually around the world rely on HSMs. Most HSMs, however, are on-premises devices managed by an in-house team of experts or third-party support organizations. Training, deployment, and ongoing management of encryption systems also remain critical barriers to the broader adoption of on-premise HSM-based encryption across enterprises.
Marvell’s LiquidSecurity product line leverages the performance of the company’s cloud-optimized OCTEON® DPU family. Combining leading technologies with Marvell’s expertise in software and systems development, the company delivers HSM functionality in a PCIe card, helping users to reduce the cost, rack space, and overhead inherent in traditional HSMs, while simultaneously increasing performance to maximize the flexibility and use cases. This enables cloud and SaaS providers to deploy HSMs to deliver new services or enhance existing ones at a lower total cost of ownership (TCO) than any other alternative. Instead of buying and managing private, on-prem HSMs, more retailers, banks and other organizations can move up to the highest level of security by procuring HSM services on a pay-as-you-go basis.
Today, LS2 hardware can be certified and updated in the field to support new algorithms and variants, such as post-quantum cryptography, providing cryptographic agility and future-proofing the HSM against new vulnerabilities. Key capabilities of the Marvell LS2 HSM include: Up to 100,000 ECC operations per second; Up to 1 million keys and 45 partitions; Lowest cost per key stored, per partition (performance per dollar and performance per watt); API-first design for greater flexibility and rapid deployment; Supports a wide range of use cases across market verticals and multi-cloud deployments; FIPS 140-31, CC, eIDAS, PCI PTS HSM 4.0; High availability, load balancing, and fault tolerance;