The specialized HSM for Securing Sensitive Assets in Blockchain Processes


Available as: Hardware on-premise

Securing Sensitive Identities, Keys and Data in Distributed Ledger Technology (DLT) Computing Platforms

  • Designed for blockchain-based solutions
  • FIPS 140-2 Level 3 certified HSM
  • Provides certified blockchain-related algorithms
  • Integrated DLT support
  • Includes a software simulator for evaluation and integration testing
Key Benefits

Key Benefits


Certified Blockchain Algorithms

Block-safe comes with built-in blockchain-related algorithms for reliable security of sensitive assets used in blockchain processes.


Built in Support for Distributed Ledger Technology (DLT)

The integrated DLT-Support enables the reliable execution of Bitcoin and Ethereum (ETH) use cases.


Highly Flexible Integration

Block-safe comes with integration software supporting various industry standards and can be easily integrated with third party applications.



Block-safe - The specialized HSM for Securing Sensitive Assets in Blockchain Processes

UTIMACO Block-safe was designed to meet the unique requirements for blockchain-based solutions.

The strong protection requirements of blockchain-specific elliptic curves are based on its capability to securely store and manage the encryption keys for key derivation - the public key generation in blockchain processes - inside the secure boundaries of the HSM.

Block-safe effectively secures sensitive identities, keys and data used in distributed ledger technology (DLT) computing platforms with the aim to reduce time to completion, even in complex ecosystems.

Block-safe provides unrivaled physical and logical security for your blockchain processes and sensitive assets used on the blockchain-based computing platforms on unrivaled key generation and key derivation executed within the tamper-resistant and FIPS 140-2 Level 3 compliant HSM.

The included support for Distributed Ledger Technology (DLT) platforms enables reliable transaction validation and storing.

Block-safe complies with the latest regulations being enforced in Play like FINRA, ATS, 5AMLD and FSB and therefore can be utilized for various use cases in different industries like cross-border or interbanking transactions, KYC, or registry as well as for cryptocurrency and other digital assets.

As it comes with integration software supporting various industry standards it is highly flexible. Therefore, it can be easily integrated into an existing cryptographic environment as well as with third party applications like Public Key Infrastructures (PKIs) or Ethereum. In addition, Block-safe comes with the dedicated simulator for flexible customization.

Block-safe is available as SeGen 2 and CSe series.


High Speed

  • Provides a speed of up to 10,000 RSA per second
  • Allows up to 6,000 ECDSA signing operations in bulk processing mode

Extensive Management Functionalities

  • Role based access control (RBAC) with multi-factor authentication
  • Extensive key management
  • 2-factor authentication with smartcards
  • “m of n” authentication
  • Remote management

Software simulator included

  • HSM Simulator with all Block-safe functionalities
  • Fully functional runtime including all administration and configura-tion tools
  • For evaluation, development, and integration testing of functionali-ties before their integration in the firmware of your Block-safe HSM

Highly Flexible Integration Options

  • Integration software included
  • Third party integrable

Built-in Support

  • Provides support for several models for HA redundancy and per-formance scalability
  • Provides DLT platform support

Easy Customization

  • Possibility to develop own sensitive codes and IPs by utilizing Uti-maco Software Development Kit (SDK)

Technical Specifications

Certified built-in Blockchain related algorithms, e.g.

  • BIP32/44
  • SLIP-010
  • Necessary fingerprint requirement for public key address generation
  • Provides consensus signing and verification using MultiSign & BLS

Highest physical and logical security

  • FIPS 140-2 Level 3 compliant HSM
  • Post-Quantum safe Dual TRNG + PRNG entropy source
  • NIST SP800-90 compliant RNG
  • Asymmetric Key derivations including BIP-32, BIP-44, SLIP-010, NIST SP800-108, ECDSA (NIST SP800-56A), DSA (ANSI X9.42)  
  • MultiSig & Boneh–Lynn–Shacham (BLS) signing algorithm

Supported Cryptographic Algorithms

  • RSA, DSA, ECDSA with NIST and Brainpool curves
  • DH, ECDH with NIST and Brainpool curves
  • AES, Triple-DES, DES
  • SHA-1, SHA2-Family, SHA3, RIPEMD

Supported Cryptographic Interfaces (APIs)

  • PKCS #11
  • Microsoft Crypto API (CSP)
  • Microsoft Cryptography Next Generation (CNG)
  • Microsoft SQL Extensible Key Management (SQLEKM)
  • JCE interface
  • eXtended services Interface (CXI) - Utimaco‘s high performance cryptographic interface


Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • LAN Appliance
  • PCIe Card

As a service

Our as-a-service options are hosted by Utimaco in certified datacenters and include everything from set-up to deployment to maintenance.

Related to this product

Add-ons 360 360 is a hardware and software-based management platform enabling centralized administration, monitoring and provisioning for Atalla AT1000 and CryptoServer LAN V5 HSMs.

Find more details

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more.