Secure your organization’s most valuable assets

- Plug and play integration with numerous business applications
- Supports all common cryptographic APIs
- Includes a software simulator for evaluation and integration testing
- Designed with crypto agility in mind, and is field-upgradeable with PQC algorithms recommended by NIST and BSI
Key Benefits
Details
SecurityServer - The root of trust for business applications

SecurityServer bundles 30 years of experience in cryptography and Hardware Security Module (HSM) technology into a unique offering that constitutes the root of trust for security and compliance of business applications. It adds the extra layer of security to an organization’s most valuable assets. Supporting a wide range of hardware platforms, it meets performance and security requirements of small enterprises all the way up to large crypto infrastructures.
Due to SecurityServer’s support of various cryptographic interfaces, it enables easy plug-and-play integration with common business applications for document and data encryption; document signing and code signing; issuing of certificates for company IDs, machines, or applications in a public key infrastructure (PKI); chip personalization, from key generation to key injection into passports, eID cards, printer, and many other devices; authentication of persons and devices; and many more.
As a result, SecurityServer is the ideal solution for protecting sensitive and security-critical assets in enterprises, government and public administration as well as use cases such as Internet of Things (IoT), Automotive, Critical Infrastructures such as smart grids or telecommunication networks, as well as Service Providers (CSP) and Solution Partners.
The ease of integration, high scalability, convenient remote administration and best price-performance ratio ensure outstanding total cost of ownership for organizations of all sizes.
SecurityServer is designed with crypto agility and future use cases in mind: Therefore, the HSM can be upgraded with specific quantum-proof algorithms such as CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, and HSS via the firmware extension Q-safe.
Regardless of the specific use case, the SecurityServer simulator makes it straightforward to evaluate SecurityServer and test its integration with business applications before deploying it into production.
SecurityServer is available on CryptoServer SeGen 2 and CSe series, as well as the u.trust Anchor platforms. In addition, it is available as CryptoServer Cloud, Utimaco’s Infrastructure-as-a-Service Offering.
Features
High security for the most valuable assets of your organization
- Provide secure generation, storage, and usage of keys inside the tamper protected HSM
- Provides high-quality true random number generation to ensure uniqueness of keys
- SecurityServer features are included with no additional license fees
- Configurable role-based access control and separation of functions
- 2-factor authentication with smart cards
- “m of n” quorum authentication
Extensive remote administration and monitoring
- Efficient key management and HSM administration including firmware updates via remote access
- Automation of remote diagnosis via SNMP (Simple Network Management Protocol)
Software simulator included
- HSM Simulator with all SecurityServer functionalities
- Fully functional runtime including all administration and configuration tools
- For evaluation and integration testing of SecurityServer prior to deployment in production
Technical Spezifications:
Supported Cryptographic Algorithms
- RSA, DSA, ECDSA with NIST and Brainpool curves, EdDSA
- DH, ECDH with NIST, Brainpool and Montgomery curves
- AES, Triple-DES, DES
- MAC, CMAC, HMAC
- SHA-1, SHA-2, SHA-3, RIPEMD
- Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
- True random number generator (PTG.2 acc. AIS 31)
- Chinese Algorithms
- Can be upgraded with PQC algorithms recommended by NIST & BSI: CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, and HSS via the firmware extension Q-safe
Supported Cryptographic Interfaces (APIs)
- PKCS #11
- Java Cryptography Extension (JCE)
- Microsoft Crypto API (CSP), Cryptography Next Generation (CNG) and SQL
- Extensible Key Management (SQLEKM)
- OpenSSL
- Utimaco‘s comprehensive Cryptographic eXtended services Interface (CXI)
Fulfills various security compliance mandates
- FIPS 140-2 Level 3
- GDPR
- HIPAA
- ETSI C-ITS
Safety and environmental compliance
- CE, FCC Class B
- RoHS III, WEEE
- UL, IEC/EN 60950-1, IEC/EN 62368-1
- CB certificate
- BIS, KC
Add-ons | |
---|---|
u.trust 360u.trust 360 is a hardware and software based management platform enabling centralized administration, monitoring and provisioning for Atalla AT1000 and CryptoServer LAN V5 HSMs. | Utimaco DKE AnchorTwo-tier security for the most sensitive data in Azure. |
Extensions | |
---|---|
u.trust Anchor SDKUtimaco’s professional development kit allows for implementing custom firmware extensions for SecurityServer Se15k, SecurityServer Se40k and u.trust Anchor CSAR. | Cryptoserver SDKUtimaco’s professional development kit allows for implementing firmware extensions for SecurityServer and PaymentServer built on CryptoServer Se Gen2- and |
Cryptoscript SDKIt provides a unique capability to script extensions for SecurityServer HSMs built on CryptoServer Se Gen2- and CryptoServer CSe-series in a secure, easy and | Q-safeApplying Quantum-Resistance to Applications and Use Cases. Supports PQC algorithms recommended by NIST & BSI: CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, |
Bundle | |
---|---|
u.trust Anchor CSARThe world’s first converged crypto platform for payment and general purpose HSM use case enabling to offer HSM-as-a-Service and providing true multi-tenancy. |