Apply Cryptographic Processes for Qualified Signatures and Seals and classified environments
The CryptoServer General Purpose HSM is designed for eIDAS-compliant and classified use cases. This makes it the ideal Hardware Security Module for governments, public sector, and organizations that need to fulfill certain compliance regulations, such as Trust Service Providers or critical infrastructure providers.
The CryptoServer General Purpose HSM offers different compliance versions:
- The CC eIDAS compliance version is specifically designed and certified for the creation of eIDAS-compliant qualified signatures and seals, remote signing and the issuing of qualified certificates. It is Common Criteria-certified according to the eIDAS Protection Profile (PP) EN 419 221-5 “Cryptographic Module for Trust Services”.
- The VS-NfD compliance version is approved by the German Federal Office for Information Security (BSI) and can be applied in classified environments according to VS-NfD, RESTREINT UE/EU RESTRICTED and NATO RESTRICTED.
Details
Cryptographic algorithms
- RSA, ECDSA with NIST and Brainpool curves
- ECDH with NIST and Brainpool curves
- AES
- CMAC, HMAC
- SHA-2, SHA-3
- Hash-based deterministic random number generator (DRG.4 acc. AIS 31)
- True random number generator (PTG.2 acc. AIS 31
Cryptographic Interfaces (APIs)
- PKCS #11
- Cryptography Next Generation (CNG)
- Key authorization API and tool
- Utimaco‘s comprehensive Cryptographic eXtended services Interface (CXI)