Regarding HSMs, a great read is the Cambridge team that broke the Luna CA3 Chrysalis HSM. A great reversing tale. "Unwrapping the Chrysalis": <a href="http://www.war-room.co.uk/~dc352/UCAM-CL-TR-592.pdf" rel="nofollow">http://www.war-room.co.uk/~dc352/UCAM-CL-TR-592.pdf</a><p>Search around for more- I remember them having a few different write-ups.
The wiki[1] says that<p>"<i>Recent revelations have called into question the integrity of some of the implementations of basic cryptographic functions and devices used to secure communications on the Internet. There are serious questions about algorithms and about implementations of those algorithms in software and particularly hardware.</i>"<p>I'm curious about that, does anybody here know about these <i>recent revelations</i>? I understand the feeling, but I don't remember seeing any news about the security of HSM recently, or ever actually.<p>[1]: <a href="http://wiki.cryptech.is" rel="nofollow">http://wiki.cryptech.is</a> -- see JoachimS' comment