Highest security for the complete protection of sensitive data
- Das einzige vom BSI zugelassene VS-NfD HSM im Markt
- Zugelassen für Verarbeitung von Daten mit Einstufung RESTREINT UE/EU RESTRICTED und NATO RESTRICTED
- Sichere Schlüsselverarbeitung und -speicherung innerhalb des HSM
Key Benefits
Approved by the BSI
CryptoServer CP5 VS-NfD is the only BSI-approved HSM on the market and is therefore the alternative secure solution for key processing and storage in accordance with VS-NfD requirements.
RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED approved
Approved for key storage and processing up to classification RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED.
Secure key processing and storage within the HSM
Meets regulatory data security standards by storing and processing the cryptographic keys within the VS-NfD approved HSM.
Details
CryptoServer CP5 VS-NfD – The hardware security module for the processing of classified data*
As the only BSI-approved VS-NfD HSM on the market, CryptoServer CP5 VS-NfD offers the ideal solution for various VS-NfD-compliant applications such as certificate creation for authentication and access control or secure key generation and management. CryptoServer CP5 VS-NfD is the central trust anchor for the backup and processing of your classified* data.
In addition to meeting the strict criteria for the protection of data classified in Germany, CryptoServer CP5 VS-NfD is also RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED. The listings for the various approvals can be viewed at the following links.
You can view the listing as a VS-NfD-approved HSM here.
The listing as RESTRICTED UE/EU RESTRICTED HSM is available here.
The listing as NATO RESTRICTED HSM can be found here.
* Until classification classified – For official use only
Easy integration
- Support for Windows and Linux operating systems.
- Wide range of integration options
- Supports standardized interfaces, e.g. PKCS #11 and Microsoft Cryptography Next Generation (CNG)
- UTIMACO Cryptographic eXtended services Interface (CXI) for easy integration into your own applications
Simple and secure management
- Comprehensive key management with key authorization
- Multi-client capability
- Remote Management
- Secure firmware update
Reliable access control
- Configurable role-based access control and segregation of duties
- “m out of n” quorum authentication (e.g. 3 out of 5)
- 2-factor authentication using smart cards
Meets the highest safety requirements
- VS-NfD approval
- RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED approval
- Common Criteria EAL4+ certified
- Protection against attacks by passive and active tamper protection mechanisms
Support of numerous cryptographic algorithms
- RSA, ECDSA with NIST and Brainpool curves
- ECDH with NIST and Brainpool curves
- AES
- CMAC, HMAC
- SHA2 family, SHA3
- Hash-based deterministic random number generator (DRG.4 according to AIS 31)
- True random number generator (PTG.2 according to AIS 31)
- Up to 3000 RSA or 2500 ECDSA signature operations when processing in bulk mode
Available as a simulator
- Dedicated software simulator for evaluation and integration tests
