Design and Implementation of a Cryptography Key Management System API Using SoftHSM and PKCS#11
Abstract
This paper presents the design and implementation of a Cryptography Key Management System (KMS) API that leverages SoftHSM as secure key storage and the PKCS#11 (Cryptoki) standard as the cryptographic interface. Motivated by the need to protect sensitive organizational data and to comply with regulations, the system centralizes key lifecycle operations—generation, storage, use for AES-based encryption/decryption, and key destruction—so that key materials never leave the HSM. The study follows a waterfall-style development process comprising requirements analysis, system design, implementation, testing, and evaluation. Results show the API correctly performs cryptographic operations with keys resident in the HSM and supports basic auditing of operations. The approach demonstrates a practical, low-cost alternative to physical HSMs for small-to-medium environments while aligning with information security management practices.
Downloads
References
A. V. Chandra Christian, “Implementation of a Web-based Car Wash Queue Application Using Php, Javascript, Html, Css, and Uml,” Jati (Journal of Information Technology Students), Apr. 2024.
S. Dewi, S. P. Adithama, and A. T. Suhardi, “Testing the Doctor to Doctor Application Using the Black Box Testing Method,” Konstelasi: Convergence of Technology and Information Systems, vol. 3, no. 1, Jun. 2023.
Siska Narulita, Ahmad Nugroho, and M. Zakki Abdillah, “Unified Modeling Language (Uml) Diagram for the Design of a Research and Community Service Management Information System,” Bridge :Journal of Information Systems and Telecommunications, vol. 2, no. 3, pp. 244–256, Aug. 2024, doi: 10.62951/bridge.v2i3.174.
U. Patkar, P. Singh, H. Panse, S. Bhavsar, and C. Pandey, “Python for Web Development,” International Journal of Computer Science and Mobile Computing, vol. 11, no. 4, pp. 36–48, Apr. 2022, doi: 10.47760/ijcsmc.2022.v11i04.006.
G. Skoglund, “Use of the Kmip Protocol for Pki Applications,” Aug. 2024.
J. T. Amael, J. E. Istiyanto, and O. Natan, “Enhancing Industrial Cybersecurity: Softhsm Implementation on Sbcs for Mitigating Mitm Attacks,” Sep. 2024, [Online]. Available: http://arxiv.org/abs/2409.09948
K. Khairani and M. Z. Siambaton, “Securing Text Data Using Elgamal and Xor Cryptographic Algorithms From Hacker Attacks,” Sudo Journal of Information Technology, vol. 2, no. 4, pp. 176–187, Dec. 2023, doi: 10.56211/sudo.v2i4.401.
V. Jain, “A Review on Different Types of Cryptography Techniques,” Academicia: An International Multidisciplinary Research Journal, vol. 11, no. 11, pp. 1087–1094, Nov. 2021, doi: 10.5958/2249-7137.2021.02568.4.
D. Widyawan and Imelda, “File Security Using Cryptography With the Web-based Aes-128 Method at the National Transportation Safety Committee,” 2021.
J. Soebagyo and I. Kurniawan, “Implementation of Key Matrix Algorithms for Academic Data Security,” 2020.
H. D. Novianti and Ahmad Tri Hidayat, “IMPLEMENTASI KRIPTOGRAFI ADVANCED ENCRYPTION STANDARD 128 BIT DALAM PENGAMANAN DATA KEUANGAN KAS,” Jurnal Komputer dan Teknologi, pp. 27–34, Jan. 2023, doi: 10.58290/jukomtek.v1i2.51.
B. Olivia Putri Irine Irawan et al., “Cryptographic Implementation in Data Security Using Advanced Encryption Standard (Aes) Algorithm,” vol. 11, no. 2, 2023.
R. Pramitasari and I. Rofiki, “Elgamal Public Key Cryptanalysis Using Ridge Neural Networks Polynomial,” Amik Bsi Computer Engineering Journal, vol. 8, no. 2, Jul. 2022, doi: 10.31294/jtk.v4i2.
Rahmaniah, M. Firman Aditya, W. Arfanda, and V. Ndika purnama, “Study of Symmetric Key Cryptography Algorithms in Data Security Using the Comparison Method,” Siteba Journal, vol. 2, no. 1, p. 2023, 2023, [Online]. Available: https://journal.iteba.ac.id/index.php/jurnalsiteba/index
V. Pongsitammu, A. Renta Yani Simatupang, D. Annura, Y. Sari Dachi, and D. Rollando Harries, “Security of Modern Crypto Systems Based on Public Key Cryptography Algorithms,” 2023. [Online]. Available: https://journal.iteba.ac.id/index.php/jurnalsiteba/indexSITEBA
Copyright (c) 2026 Rivaldo Hardiansyah, Nurhasanah
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
