Crypto Server GP HSM

CryptoServer General Purpose HSM

The Hardware Security Module specialized for eIDAS-compliance and VS-NfD classified use cases.

Download Datasheet
  • Overview
  • Key Features
  • Description
  • Specifications
  • Add Ons
  • Models
  • Use Cases
  • Applications
  • Resources

Cryptographic Processes for eIDAS Compliance and Classified Environments

Cryptographic Processes for eIDAS Compliance and Classified Environments
Cryptographic Processes for eIDAS Compliance and Classified Environments

The CryptoServer General Purpose HSM is specifically designed for eIDAS-compliant and classified use cases. This makes it the perfect HSM for public sector and entities requiring strict compliance, such as Trust Service Providers or critical infrastructure operators.

  • Key Features

  • Description

  • Specifications

  • Add Ons

Qualified Signature and Seal Creation Device (QSCD)

Qualified Signature and Seal Creation Device (QSCD)

CC eIDAS on CryptoServer General Purpose HSM can be used as an eIDAS certified Qualified Signature and Seal Creation Device.

CC-Certified

CC-Certified

Common Criteria-certified according to the eIDAS Protection Profile (PP) EN 419 221-5 “Cryptographic Module for Trust Services”

Trust Anchor for classified data

Trust Anchor for classified data

CryptoServer General Purpose HSM with the VS-NfD compliance version is the only BSI-approved VS-NfD HSM on the market, allowing the backup and processing of classified data according to VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED.

Simulator included

Simulator included

Test CryptoServer firmware with our free fully functional simulator for evaluation and integration testing before deployment.

The CryptoServer General Purpose HSM comes in two compliance versions:

The CC eIDAS version is designed for the creation of eIDAS-compliant qualified signatures and seals, remote signing and issuing of qualified certificates. It is Common Criteria-certified according to eIDAS Protection Profile (PP) EN 419 221-5 “Cryptographic Module for Trust Services”.

The VS-NfD version is approved by the German Federal Office for Information Security (BSI) for classified environments according to VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED.

image
Cryptographic Interfaces (APIs)

  • Cryptographic algorithms

  • Cryptographic Interfaces (APIs)

Cryptographic algorithms

  • RSA, ECDSA with NIST and Brainpool curves
  • ECDH with NIST and Brainpool curves
  • AES
  • CMAC, HMAC
  • SHA-2, SHA-3
  • Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
  • True random number generator (PTG.2 acc. AIS 31)
background image
image

Cryptographic Interfaces (APIs)

  • PKCS #11
  • Cryptography Next Generation (CNG)
  • Key authorization API and tool
  • Utimaco‘s native Cryptographic eXtended services Interface (CXI)
background image
image
image

SDKs

CryptoServer SDK
image

Simulator / Trial

CC eIDAS Simulator VS-NfD Simulator
image

Others

360 HSM Monitoring Double Key Encryption
image

Models

All models are available as LAN appliance or PCIe card and can be delivered with either the CC eIDAS or VS-NfD compliance version.

Contact Sales
Se12

The entry-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

The entry-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

Se52

The mid-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

The mid-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

Se500

The advanced-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

The advanced-level HSM model, GP HSM firmware with all necessary features and cryptographic algorithms included.

Se1500

The high-performance HSM, GP HSM firmware with all necessary features and cryptographic algorithms included.

The high-performance HSM, GP HSM firmware with all necessary features and cryptographic algorithms included.

Use Cases

Classified Data protection
Classified Data Protection
Certified cybersecurity solutions that protect classified information according to VS-NfD, EU-restricted, and NATO-restricted.
Learn More
Document signing
Qualified Electronic Signatures & Seals
Utimaco offers industry-proven eIDAS compliant solutions fulfilling policy and security requirements. Read more about our solution here.
Learn More
Public Key Infrastructure
Public Key Infrastructure
Generate and protect cryptographic keys used for certificates in a Public Key Infrastructure.
Learn More

Certifications and Compliance

All CryptoServer General Purpose HSM models are certified to:

Complaint and Secure

FIPS 140-2 Level 3

All CryptoServer General Purpose HSM models are certified according to FIPS 140-2 Level 3, which is the dominant certification for cryptographic modules, issued by NIST. The operation in FIPS mode is possible.

Complaint and Secure

Common Criteria EAL4+

CryptoServer General Purpose HSM models equipped with the CC eIDAS version are certified according to Protection Profile EN 419 221-5 as well as to point 23 and 32 of Article 2 of Regulation 910/2014 (eIDAS). It also enables Server Signing acc. EN 419 241-2 and fulfills ETSI Policy and Security Requirements (e.g. EN 319 401, EN 319 411, EN 319 421, C-ITS).

Complaint and Secure

VS-NfD / EU-RESTRICTED / NATO-RESTRICTED

CryptoServer General Purpose HSM models equipped with the VS-NfD version are the only HSMs in the market approved by the German Federal Office for Information Security (BSI) for VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED use cases.

image

Application Packages

CC eIDAS

CC Eidas

Certified for the creation of eIDAS-compliant qualified signatures and seals, remote signing and the issuing of qualified certificates.

VS-NfD

VS-NFD

Approved for classified environments according to VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED.

GP HSMs: Also Available as a Service

Learn More

Joint Solution Brief

Sealing of up to 11 million documents per hour with Utimaco’s HSM as a QSCD

In this document, you'll learn how SIGNIUS uses Utimaco's CryptoServer General Purpose HSM CC eIDAS to enable Qualified Local Mass Sealing to digitally sign up to 11 million documents per hour.

Read More

Resources

Datasheet CC eIDAS

The CC eIDAS compliance version for CryptoServer General Purpose HSM supports Trust Service Providers (TSPs) in fulfilling policy and security requirements defined in various ETSI technical standards (ETSI EN 319 401, EN 319 411, EN 319 421).

Download
CC eIDAS

The CC eIDAS compliance version for CryptoServer General Purpose HSM supports Trust Service Providers (TSPs) in fulfilling policy and security requirements defined in various ETSI technical standards (ETSI EN 319 401, EN 319 411, EN 319 421).

Download
Datasheet VS NFD

Governments and government-like organizations like NATO declare as “classified information” such information that they consider particularly sensitive.

Download
VS-NfD

Governments and government-like organizations like NATO declare as “classified information” such information that they consider particularly sensitive.

Download
Joint Solution Brief Cryptomathic

Cryptomathic provides secure server solutions to industries such as banking, government, technology, and cloud services.

Download
Cryptomathic

Cryptomathic provides secure server solutions to industries such as banking, government, technology, and cloud services.

Download
Joint Solution Brief Signius

SIGNIUS offers a turnkey solution built on the Utimaco QSCD, featuring a Qualified Electronic Seal (QSeal) and sealing server. The comprehensive package includes expert training, along with long-term maintenance and support services to ensure seamless operation.

Download
Signius

SIGNIUS offers a turnkey solution built on the Utimaco QSCD, featuring a Qualified Electronic Seal (QSeal) and sealing server. The comprehensive package includes expert training, along with long-term maintenance and support services to ensure seamless operation.

Download

Ready to Secure Your Digital Future?

Contact Sales

Related Products

Full Disk Encryption

Full Disk Encryption

Full Disk Encryption delivers reliable hard drive encryption for laptops with classified data processing.

Learn More
Enterprise Secure Key Manager

Enterprise Secure Key Manager

The most interoperable and integrated Key Management System in the market, providing a single pane of glass for all cryptographic keys.

Learn More
Timestamp as a Service

Timestamp as a Service

The first eIDAS-certified Timestamping Service creating Qualified Electronic Timestamps for document and data authenticity.

Learn More
Try Our Simulator

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.