This large picture is on its own page so you can scroll it while it maintains a readable size. The general authentication model applies to both Password Authenticated and PED Authenticated Luna HSMs. Luna HSMs do not keep any objects in the clear. All objects are multiply encrypted, and are decrypted in temporary (volatile) memory only while needed.