Key storage refers to how an IoT device or central key management system securely stores keys (frequently encrypted using key encryption keys, or KEKs). Secure storage may be achieved by encrypting a database (with excellent protection of the database encryption key) or other type of key stores using one or more KEKs. In enterprise key escrow/storage systems, any sensitive cryptographic keys (absolutely the KEKs!) should be encrypted or stored using a HSM. HSMs, themselves cryptographic modules, are specifically designed to be very difficult to hack, by providing extensive physical and logical security protections. For example, most HSMs possess a tamper-responsive enclosure. If tampered with, the HSM will automatically wipe all ...