cryptoserver-cp5-stage
The VS-NfD-compliant solution for key processing and storage

CryptoServer CP5 VS-NfD

Highest security for the complete protection of sensitive data

cryptoserver-cp5-stage
  • Das einzige vom BSI zugelassene VS-NfD HSM im Markt
  • Zugelassen für Verarbeitung von Daten mit Einstufung RESTREINT UE/EU RESTRICTED und NATO RESTRICTED
  • Sichere Schlüsselverarbeitung und -speicherung innerhalb des HSM
Key Benefits

Key Benefits

Icon

Approved by the BSI

CryptoServer CP5 VS-NfD is the only BSI-approved HSM on the market and is therefore the alternative secure solution for key processing and storage in accordance with VS-NfD requirements.

Icon

RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED approved

Approved for key storage and processing up to classification RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED.

Icon

Secure key processing and storage within the HSM

Meets regulatory data security standards by storing and processing the cryptographic keys within the VS-NfD approved HSM.

Details

Details

CryptoServer CP5 VS-NfD – The hardware security module for the processing of classified data*

As the only BSI-approved VS-NfD HSM on the market, CryptoServer CP5 VS-NfD offers the ideal solution for various VS-NfD-compliant applications such as certificate creation for authentication and access control or secure key generation and management. CryptoServer CP5 VS-NfD is the central trust anchor for the backup and processing of your classified* data.

In addition to meeting the strict criteria for the protection of data classified in Germany, CryptoServer CP5 VS-NfD is also RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED. The listings for the various approvals can be viewed at the following links.

You can view the listing as a VS-NfD-approved HSM here.
The listing as RESTRICTED UE/EU RESTRICTED HSM is available here.
The listing as NATO RESTRICTED HSM can be found here.

* Until classification classified – For official use only

cryptoserver-cp5-products

 

Easy integration

  • Support for Windows and Linux operating systems
  • Wide range of integration options
  • Supports standardized interfaces, e.g. PKCS #11 and Microsoft Cryptography Next Generation (CNG)
  • UTIMACO Cryptographic eXtended services Interface (CXI) for easy integration into your own applications

Simple and secure management

  • Comprehensive key management with key authorization
  • Multi-client capability
  • Remote Management
  • Secure firmware update 

Reliable access control

  • Configurable role-based access control and segregation of duties
  • “m out of n” quorum authentication (e.g. 3 out of 5)
  • 2-factor authentication using smart cards

Meets the highest safety requirements

  • VS-NfD approval
  • RESTRICTED UE/EU RESTRICTED and NATO RESTRICTED approval
  • Common Criteria EAL4+ certified
  • Protection against attacks by passive and active tamper protection mechanisms 

Support of numerous cryptographic algorithms

  • RSA, ECDSA with NIST and Brainpool curves
  • ECDH with NIST and Brainpool curves
  • AES
  • CMAC, HMAC
  • SHA2 family, SHA3
  • Hash-based deterministic random number generator (DRG.4 according to AIS 31)
  • True random number generator (PTG.2 according to AIS 31)
  • Up to 3000 RSA or 2500 ECDSA signature operations when processing in bulk mode

Available as a simulator 

  • Dedicated software simulator for evaluation and integration tests 

On-premise

Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • LAN Appliance
  • PCIe Card

 

u.trust 360

The centralized solution for remote management and monitoring of CryptoServer LAN V5 and Atalla HSM.

Find out more

DiskEncrypt

Reliable hard drive encryption for laptops with VS-NfD computing.

Find out more

Contact us

We look forward to answering your questions.

Our Partners

Look for the best implementation or distribution partner for your project.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.