CryptoScript - The Most Efficient Development Kit for HSM Customization

- Highly efficient implementation of HSM extensions
- Enables easy script programming
- For SecurityServer HSMs built on CryptoServer Se Gen2- and CryptoServer CSe-series
Key Benefits
Details
CryptoScript - The Most Efficient Development Kit for HSM Customization

CryptoScript SDK from UTIMACO is a development kit that enables script extensions for SecurityServer HSMs built on CryptoServer Se Gen2- and CryptoServer CSe-series extremely easy and secure.
Commonly used cryptographic APIs such as PKCS #11 or JCE support numerous cryptographic algorithms and mechanisms although they are often not suited for utilization in certain use cases. Customized script extensions are required when specific data processing operations are not supported by these standard APIs, or when multiple API calls are needed but would return sensitive intermediate results to the host computer..
Custom HSM extensions, such as key derivation functions or complex protocols, can be created as scripts that are interpreted and executed within the tamper-proof environment of SecurityServer HSM using CryptoScript SDK . The scripts are written in a Lua-derived managed language, and benefits from the security of firewalled execution and managed memory with automatic garbage collection.
It has never been easier and more efficient to extend HSM functionality.
A comprehensive set of methods providing access to the cryptographic algorithms, long-number arithmetic, random number generation and other underlying HSM functions limits the need for custom code to a bare minimum. This makes development cycles for implementation, testing and fixing HSM extensions substantially shorter than for traditional firmware development. The SecurityServer firmware includes an HSM simulator that allows the testing and debugging of new scripts in a preferred development environment.
Full control over the functionality and interface of scripts can always be maintained. All developments are independent from review, approval or code signing by Utimaco.
Secure
- Supports managed programming language with security monitor, derived from Lua scripting
- CryptoScript compiler runs inside the tamper protected HSM
- Secure managed memory
- Support for multiple scripts with private databases and firewalling
Full Control
- Provides full control over script functionality with manufacturer-independent development
- No review or approval required by Utimaco
- Optimal application integration with custom HSM interface
Easy to use
- Script programming
- Comprehensive set of methods for use of cryptographic library, long number arithmetic, etc. from HSM firmware
- Automatic garbage collection
- Sample scripts and host-side applications
- Provides an HSM simulator for testing and debugging of scripts in Windows or Linux development environments
Full Support of CryptoServer HSM Models
- CryptoServer Se-Series Gen 2
- CryptoServer CSe-Series
- Support of hardware acceleration
Supports Various Cryptographic Algorithms
- RSA, DSA, ECDSA with NIST and Brainpool curves
- DH, ECDH with NIST, Brainpool
- AES, Triple-DES, DES
- MAC, CMAC, HMAC
- SHA-1, SHA-2, SHA-3, RIPEMD
- Hash-based deterministic random number generator
- True random number generator
Attractive Price
- Reduced price for HSMs in development environments
- No additional license fees for runtime environments
- No additional costs per script
- All supported cryptographic algorithms are included