Signature and Verification

The IBMPKCS11Impl provider makes available digital signature and verification using the RSA ,DSA and ECDSA algorithms. This implementation also moves all of the algorithm processing off of the CPU to the actual hardware device. For example as RSA is a rather computationally intensive algorithm, this implementation moves a large portion of the instructions off of the main processor and onto the hardware device. The cryptographic hardware processes this work on the device so that it is much harder to capture and compromise the sensitive material and frees up cycles from the main processor. Further, hardware gives you the choice to increase the base security of the operation by utilizing the hardware to process the algorithm and data, reduce the load on your main CPU. Also, applications have the option of using secure key pairs(SENSITIVE private keys).