VS NFD

VS-NfD

Enables CryptoServer General Purpose HSM for the use in classified environments

  • Overview
  • Key Features
  • Description
  • Specifications
  • Resources
  • Platform Overview

About VS-NfD

With CryptoServer General Purpose HSM running VS-NfD, it can be applied in classified environments according to VS-NfD, RESTREINT UE/ EU RESTRICTED, and NATO RESTRICTED. It is approved by the German Federal Office for Information Security (BSI).

Supported Platform: Cryptoserver General Purpose HSM

5G Protect

  • Key Features

  • Description

  • Specifications

Approved by the German Federal Office for Information Security (BSI)

Approved by the German Federal Office for Information Security (BSI)

VS-NfD for CryptoServer General Purpose HSM is the only BSI-approved HSM on the market and a secure solution for key processing and storage in accordance with VS-NfD requirements.

Approved for the use in classified environments

Approved for the use in classified environments

Approved for key storage and processing up to classification levels VS-NfD, RESTREINT UE/EU RESTRICTED, and NATO RESTRICTED.

Secure key processing and storage within the HSM

Secure key processing and storage within the HSM

Meets regulatory data security standards by storing and processing the cryptographic keys within the VS-NfD approved HSM.

Easy integration

Easy integration

The HSM offers standardized interfaces such as PKCS #11 and Microsoft Cryptography Next Generation (CNG) and can therefore be easily integrated with existing applications.

Free, fully functional simulator

Free, fully functional simulator

Test before deployment: The fully functional simulator enables integration tests by simulating the HSM including all functions, administration, and configuration management.

As the only BSI-approved VS-NfD HSM on the market, the CryptoServer General Purpose HSM platform with the VS-NfD compliance version offers the ideal solution for various classified applications such as certificate creation for authentication and access control or secure key generation and management.

It is the central trust anchor for the backup and processing of classified data according to VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED.

image
Cryptographic Interfaces (APIs)

  • Easy integration

  • Comprehensive key management with key authorization

  • Configurable role-based access control and segregation of duties

  • Cryptographic algorithms

  • Compliance

Easy integration

  • Support for Windows and Linux operating systems.
  • Wide range of integration options
  • Supports standardized interfaces, e.g. PKCS #11 and Microsoft Cryptography Next Generation (CNG)
  • UTIMACO Cryptographic eXtended services Interface (CXI) for easy integration into your own applications
background-image
image

Comprehensive key management with key authorization

  • Multi-client capability
  • Remote Management
  • Secure firmware update
  • Reliable access control
background-image
image

Configurable role-based access control and segregation of duties

  • “m out of n” quorum authentication (e.g. 3 out of 5)
  • 2-factor authentication using smart cards
background-image
image

Cryptographic algorithms

  • RSA, ECDSA with NIST and Brainpool curves
  • ECDH with NIST and Brainpool curves
  • AES
  • CMAC, HMAC
  • SHA2 family, SHA3
  • Hash-based deterministic random number generator (DRG.4 according to AIS 31)
  • True random number generator (PTG.2 according to AIS 31)
  • Up to 3,000 RSA or 2,500 ECDSA signature operations when processing in bulk mode
background-image
image

Compliance

  • Common Criteria EAL4+ certified
  • You can view the listing as a VS-NfD-approved HSM here
  • The listing as RESTREINT UE/EU RESTRICTED HSM is available here
  • The listing as NATO RESTRICTED HSM can be found here
background-image
image
image

Resources

Brochure VS NFD

Governments and government-like organizations like NATO declare as “classified information” such information that they consider particularly sensitive.

Download
VS-NfD

Governments and government-like organizations like NATO declare as “classified information” such information that they consider particularly sensitive.

Download
Brochure NSC und Vs Arbeitsplatz

Entwicklung einer souveränen und sicheren Cloud in Deutschland von führenden Cybersecurity-Experten

Download
National Secure Cloud

Entwicklung einer souveränen und sicheren Cloud in Deutschland von führenden Cybersecurity-Experten

Download

Platform Overview

U Trust App

CryptoServer General Purpose HSM

The CryptoServer General Purpose HSM is specifically designed for eIDAS-compliant and classified use cases. This makes it the perfect HSM for the public sector and entities requiring strict compliance, such as Trust Service Providers or critical infrastructure operators.

Know More

Ready to Secure Your Digital Future?

Contact Sales

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.