for DL KMS
To enhance the security of online web services for the issuances of DL/RC Cards, it is proposed to use the Hardware Security Module (HSM) to secure the key storage. It also provides cryptographic operation within a tamper-resistant hardware device. HSM has dedicated and powerful crypto processors which can simultaneously carry out thousands of crypto operations thereby making the KMS work fast and helping in bulk issuance. Earlier SCTD, NIC had developed a smartcard application using HSM for National Population Register (NPR), Fisheries etc. HSM shall be used for secure storage and fast access of master keys for various projects. HSM provides enhanced security and flexibility in KMS operations. Every KMS system will act as a client and will be connected to HSM through a secure network. KMS of personalized DL and RC cards will be done on KMS client systems by invoking the centralized Vahan/Sarthi KMS application. The application will use authority keys from HSM. The smaller states can share a single HSM.