Your reliable partner for network and information security.
HSM(Hardware Security Module)
Product introduction >>
Sansec's server HSM is an independently developed high performance cryptographic device capable of using different types of applications to perform high speed, parallel cryptographic processing. It can satisfy the application system’s signature/verification and encryption/decryption requests, guaranteeing the confidentiality, integrity, and validity of transferred information while also providing security along with a comprehensive key management mechanism.
Product advantages >>
- Complete algorithm support: Supports RSA, SM2, ECDSA, DSA types of asymmetric algorithms. Also supports the DES, 3DES, AES, SM4 symmetric algorithms and the SHA-1, SHA-2, and SM3 hash algorithms.
- Secure key protection mechanism: Uses a 3 layered system consisting of a system protection key, user key, and session key. Keys are stored within a hardware chip in the device, ensuring important keys will never appear in plaintext outside of the device. Hence, both the user key and application system are securely protected.
- High performance and quality reliability in random number generation: Uses dual WNG physical noise chip to create random numbers. The random number quality is reliable and this performance can reach speeds of 14Mbps.
Cryptographic algorithms >>
·Use two OSCCA-approved true random number generation chips to generate random numbers independently.
·Support 1024~4096-bit length RSA key generation, storage, signature, and verification operations.
·Support 256-bit length SM2 key generation, storage, signature, verification, encryption, and decryption operations.
·Support NIST and other types of elliptic curves and ECC keys with key lengths of 256, 384, and 512 bits. Support ECDSA signature and verification operations for the above keys.
·Support key generation, storage, signature, and verification operations of DSA keys of lengths of up to 2048 bits.
·Support SM4, DES, 3DES, AES data encryption and decryption operations with ECB, CBC, OFB, CFB, CTR, GCM operation modes.
·Support SHA-1, SHA-2, SHA-3, SM3, MD5 hash algorithms.
- HSM API adheres to《Cryptographic device API specifications》standard interface specifications.
- Simultaneously supports the PKCS#11、JCE international standard interfaces.
Supported OS >>
- The application server connects to the HSM via TCP/IP and supports multiple traditional OS such as MS Windows, Linux, Solaris, AIX, HP-UX operating systems.
High availability >>
- Uses dual physical noise chip to create random numbers with high quality.
- Secure key backup and recovery capabilities, ensuring secure application system security and reliability.
- Equipped with redundant power supplies, ensuring that servers can run stably.
- Features dual Gigabit NICs that support dual-NIC binding modes to ensure business sustainability.
- Multi parallelism can provide fault tolerance, improving processing performance.
Security & Safety certificates >>
- FIPS 140-2 Level 3
- CE, FCC
Physical characteristics >>
- Standard 2U rack server
- Dimensions（length x width x height）440x520x89mm，mass 14 Kg
- Working power 220V，50Hz，350W，redundant power supply（Optional）
- Power 280W
- Working temperature 0℃-50℃
- Storage temperature 0℃-60℃
- Operating humidity 5%-85%
7*24 hours support
Research and develop