U.Trust GP HSM

u.trust General Purpose HSM
Se-Series

The secure HSM delivers scalable multi-tenancy functionality, superior performance, and customization for various applications.

Download Datasheet
  • Overview
  • Key Features
  • Description
  • Specifications
  • Add Ons
  • Models
  • Use Cases
  • Applications
  • Resources

Next-generation HSM with multi-tenancy design

Next-generation HSM with multi-tenancy design
Next-generation HSM with multi-tenancy design

The u.trust General Purpose HSM Se-Series combines scalable multi-tenancy functionality with superior performance. Its container-based architecture supports up to 31 containers and enables flexibility across use cases including PQC, 5G, blockchain, and custom applications.

  • Key Features

  • Description

  • Specifications

  • Add Ons

Scalable Multi-Tenancy

Scalable Multi-Tenancy

Manage fully isolated, standalone processes in one HSM with the containerization option. Choose between 1, 4, 8, 12, 16, or 31 containers.

SDK for Custom Implementations

SDK for Custom Implementations

Develop custom firmware, implement proprietary algorithms, or establish custom key derivation functions with the SDK.

Designed Crypto-Agile

Designed Crypto-Agile

Designed with crypto-agility in mind, the HSMs are in-field upgradable with PQC algorithms.

Superior Performance

Superior Performance

u.trust General Purpose HSM Se-Series are available in various models from entry-level to high-performance use cases with up to 40,000 RSA 2K signatures / s.

Transparent Licensing

Transparent Licensing

Utimaco has a straightforward licensing model without hidden costs and unexpected fees – what you see is what you get.

The u.trust General Purpose HSM Se-Series is built on a modern, container-based design inspired by cloud technology. With support for up to 31 containers and multiple PKCS #11 partitions per cHSM, it ensures seamless application separation and key partitioning, making it an ideal choice for all types of cryptographic applications. It’s also upgradeable for specific use cases like blockchain and 5G, and offers flexibility for custom solutions, including proprietary algorithms and customer key derivations via the Software Development Kit.

image
Cryptographic Interfaces (APIs)

  • Cryptographic Interfaces (APIs)

  • Included Cryptographic algorithms

  • Mobile network related functions and algorithms

  • Blockchain-specific algorithms

  • Post Quantum Cryptography algorithms

Cryptographic Interfaces (APIs)

  • PKCS #11
  • Java Cryptography Extension (JCE)
  • Microsoft Crypto API (CAPI), and Cryptography Next Generation (CNG)
  • Extensible Key Management (SQLEKM)
  • OpenSSL
  • Utimaco‘s native Cryptographic eXtended services Interface (CXI)
  • Utimaco’s REST Cryptography API (in progress)
background image
image

Included Cryptographic algorithms

  • RSA, DSA, ECDSA with NIST and Brainpool curves, EdDSA
  • DH, ECDH with NIST, Brainpool and Montgomery curves
  • Edwards curves Ed25519 and Ed448
  • AES, Triple-DES, DES
  • MAC, CMAC, HMAC
  • SHA-1, SHA-2, SHA-3, RIPEMD
  • Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
  • True random number generator (PTG.2 acc. AIS 31)
  • Chinese Algorithms
background-image
image

Mobile network related functions and algorithms

  • Subscriber Identifier De-concealing Function, SIDF Profiles A and B
  • Authentication Vector Generation functions 5G-AKA, 5G-EAP-AKA, 4G-EAP-AKA, EPS-AKA, EAP-AKA, UMTS-AKA, IMS-AKA, GBA-AKA, GSM-AKA
  • Bulk Authentication Vector Generation for 3G and 4G AKA protocols
  • Re-Synchronization function XMAC-S
  • Milenage, TUAK, COMP
background-image
image

Blockchain-specific algorithms

  • BIP32/44
  • SLIP-010
  • MultiSig & Boneh–Lynn–Shacham (BLS) signing algorithm
background-image
image

Post Quantum Cryptography algorithms

  • ML-DSA
  • ML-KEM
  • XMSS and XMSS-MT
  • LMS and HSS
background-image
image
image

Application Packages

5G Protect Blockchain Protect Quantum Protect
image

SDKs

Software Development Kit
image

Simulator / Trial

SecurityServer Simulator
image

Others

360 HSM Monitoring Double Key Encryption
image

Models

The u.trust General Purpose HSM Se-Series is crypto-agile and validated to FIPS 140-2 Level 3. All models support external and internal storage and feature a Key Partitioning System with multiple PKCS #11 partitions – regardless of container count. They can be upgraded for PQC, blockchain, or 5G use cases, or fully customized with the Software Development Kit. All models are available as LAN appliance or PCIe card.

Contact Sales
Se100
Up to 101 RSA 2K operations / second

The HSM model for entry-level use cases with up to 101 RSA 2k signatures per second and 1 container.

The HSM model for entry-level use cases with up to 101 RSA 2k signatures per second and 1 container.

Se2k
Up to 2,050 RSA 2K operations / second

The HSM model for entry to mid-level use cases with up to 2,050 RSA 2k signatures per second and 4 containers.

The HSM model for entry to mid-level use cases with up to 2,050 RSA 2k signatures per second and 4 containers.

Se5k
Up to 5,100 RSA 2K operations / second

The HSM model for mid-level use cases with up to 5,100 RSA 2k signatures per second and 8 containers.

The HSM model for mid-level use cases with up to 5,100 RSA 2k signatures per second and 8 containers.

Se15k
Top Choice
Up to 15,000 RSA 2K operations / second

The HSM model for mid to advanced-level use cases with up to 15,000 RSA 2k signatures per second and 4 containers.

The HSM model for mid to advanced-level use cases with up to 15,000 RSA 2k signatures per second and 4 containers.

Se40k
Up to 40,000 RSA 2K operations / second

The HSM model for advanced-level use cases with up to 40,000 RSA 2k signatures per second and 12,16, or 31 containers.

The HSM model for advanced-level use cases with up to 40,000 RSA 2k signatures per second and 12,16, or 31 containers.

Use Cases

Document Signing
Document Signing
Fortify Your Signatures: Elevate Security with HSM-Powered Document Signing
Learn More
Public Key Infrastructure
Public Key Infrastructure
Generate and protect cryptographic keys used for certificates in a Public Key Infrastructure.
Learn More
Key Injection
Key Injection
Key injection is the starting point for securely managing an IoT device. To make sure that device identities are not hacked, keys need to be generated by an HSM
Learn More
Code Signing
Code Signing
With code signing, organizations can prove that their software is trustworthy and end users can, in turn, verify the authenticity of files and program code.
Learn More

Certifications and Compliance

All u.trust General Purpose HSM Se-Series models are certified to:

Complaint and Secure

FIPS 140-2 Level 3

All u.trust General Purpose HSM Se-Series models are certified according to FIPS 140-2 Level 3, which is the dominant certification for cryptographic modules, issued by NIST. The operation in FIPS mode is possible.

Complaint and Secure

FIPS 140-3 Level 3 and 4 in Progress

FIPS 140-3 is the new NIST standard for cryptographic modules. It will succeed the FIPS 140-2 standard in 2026. The certification for u.trust General Purpose HSM Se-Series in progress.

Complaint and Secure

CC / NITES

All models are certified according to NITES, which is the certification of IT products that meet high assurance requirements for Singapore government agencies.

Complaint and Secure

PCI PTS HSM v3

All models are certified according to PCI PTS HSM v3 enfolds operational and technical security requirements for HSMs to ensure secure payments.

image

Application Packages

5G Protect

5G Protect

The solution for subscriber authentication and key agreement in mobile networks.

Blockchain Protect

Blockchain Protect

The solution to create, verify, and protect blockchain transactions and assets.

Double Key Encryption

Double Key Encryption

The Double Key Encryption Solution for data stored in Microsoft Azure Cloud.

Quantum Protect

Quantum Protect

The Post Quantum Cryptography firmware extension to add quantum resistance to your infrastructure.

GP HSMs: Also Available as a Service

Learn More

Webinar

Migrating to PQC – How NXP applied quantum security with Utimaco

Discover how NXP, a global semiconductor leader, leverages the u.trust General Purpose HSM Se-Series with PQC firmware extension to enable secure firmware updates using the ML-DSA algorithm.

Watch Now

Resources

Datasheet u.trust GP HSM

The u.trust General Purpose HSM Se-Series combines superior performance with multi-tenancy. From entry-level to high-performance use cases, all models are future-proof with post quantum cryptography readiness and are FIPS 140-2 Level 3 certified.

Download
u.trust GP HSM Se-Series

The u.trust General Purpose HSM Se-Series combines superior performance with multi-tenancy. From entry-level to high-performance use cases, all models are future-proof with post quantum cryptography readiness and are FIPS 140-2 Level 3 certified.

Download
Technology Brief Brochure Block Safe

Secure Blockchain processes with Utimaco Blockchain Protect

Download
Blockchain Protect leaflet

Secure Blockchain processes with Utimaco Blockchain Protect

Download
Technology Brief Mobile Network Trustserver

The solution for mobile subscriber authentication and key agreement in mobile networks

Download
5G Protect Leaflet

The solution for mobile subscriber authentication and key agreement in mobile networks

Download
Technology Brief Quantum Resistance

With Utimaco, you are already prepared today for the quantum challenges of tomorrow

Download
Achieve Quantum Resistance with Utimaco

With Utimaco, you are already prepared today for the quantum challenges of tomorrow

Download
Brochure Double Key Encryption

Two-Tier Security for the Most Sensitive Data in Azure Cloud

Download
Double Key Encryption

Two-Tier Security for the Most Sensitive Data in Azure Cloud

Download

Ready to Secure Your Digital Future?

Contact Sales

Related Products

Enterprise Secure Key Manager

Enterprise Secure Key Manager

The most interoperable and integrated Key Management System in the market, providing a single pane of glass for all cryptographic keys.

Learn More
Timestamp as a Service

Timestamp as a Service

The first eIDAS-certified Timestamping Service creating Qualified Electronic Timestamps for document and data authenticity.

Learn More

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.