Utimaco’s Hardware Security Module as a Service - hosted in a Secure, Certified Datacenter
- No implementation Efforts
- FIPS-certified
- No CSP Vendor Lock-In
Product Type:
As-a-serviceDelivery Time:
Key Benefits
Details
Our General Purpose HSM as a Service provides access to a FIPS 140-2 Level 3 HSM that is fully hosted by Utimaco and under your sole remote control. This enables secure key generation, storage, and management without the need for setup, maintenance, or implementation efforts.
Utilizing our General Purpose HSM as a Service solution reduces your total cost of ownership by eliminating hardware and staff costs, provides flexible deployment and scalability and enables most robust security for your digital infrastructure.
Supported Use Cases
- Data Encryption
- Document Signing
- Code Signing
- Certificate Issuing
- Public Key Infrastructure
- Chip and Device Personalization
- User and Device Authentication
- Blockchain Processes
- Subscriber Authentication in Mobile Networks
- Key Agreement in Mobile Networks
- Timestamp Creation
- PQC applications
- And many more
No Implementation Effort
By combining GP HSM service, maintenance, and hosting, we eliminate the requirement for hardware deployment or software management on your end, eliminating hardware and staff cost
FIPS-certified
Provides the highest security with a FIPS 140-2 Level 3 validated HSM hosted in a secure, certified data center within dedicated racks. The HSM can be remotely managed from any location.
No CSP Vendor Lock-in
Ideal for multi-cloud strategies: works with all major cloud service providers (including Amazon AWS, Microsoft Azure, Google Cloud, and more) without vendor lock-in.
High Availability
99% guaranteed availability with one HSM at a single site, optionally up to 99,999% availability with redundant datacenters and two HSMs per site.
24/7 Support
Leverage a team of crypto experts with knowledge directly from the HSM vendor – available 24/7.
Supported cryptographic algorithms
- RSA, DSA, ECDSA with NIST and Brainpool curves, EdDSA
- DH, ECDH with NIST, Brainpool and Montgomery curves
- Edwards curves Ed25519 and Ed448
- AES, Triple-DES, DES
- MAC, CMAC, HMAC
- SHA-1, SHA-2, SHA-3, RIPEMD
- Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
- True random number generator (PTG.2 acc. AIS 31)
- Chinese Algorithms
- Can be upgraded with blockchain-specific algorithms such as BIP32/44 and SLIP-010 on request
Cryptographic Interfaces (APIs)
- PKCS #11
- Java Cryptography Extension (JCE)
- Microsoft Crypto API (CSP), Cryptography Next Generation (CNG), and SQL
- Extensible Key Management (SQLEKM)
- OpenSSL
- Utimaco‘s comprehensive Cryptographic eXtended services Interface (CXI)
Firmware Support
Quantum Protect | Applying Quantum-resistance to applications and use cases |
Blockchain Protect | Securing sensitive assets in blockchain processes |
Double Key Encryption | Two-tier security for the most sensitive data in Azure |
Software Development Kit | Enables custom firmware development based on algorithms and functions of choice |
Hosted in a secure, certified data center
- Hosted in an ISO/IEC 27001, HIPAA, PCI, and GSMA SAS-SM compliant data center
- Provision of all hardware and software in the data center
- Maintenance of equipment in the data center and replacing failed units
- Setup and additional hardware included
- Secure server room with dedicated HSM per customer
- All relevant security and regulatory certifications
- Current regions: Europe & Americas