Network HSM / Network Hardware Security Module

-A +A

BİLGEM Network HSM is primarily developed to perform critical cryptographic operations such as signature, verification, encryption etc. over a network in a secure and fast way. The communication between the device and the client takes place on a secure channel which is established after mutual authentcation. The keys which are involved in these cryptographic operations are kept in the physically secured and tamper resistant cryptographic boundary of the device. This provides the utmost security for these critical objects. Tha national smartcard operating system AKIS is used for operator and role authentication during critical processes such as initialization, backup, firmware update, user authentication etc. The module also provides a national solution to key generation problem, with a national random number generator which resides in the module.

CRYPTOGRAHIC SPECIFICATIONS
▪ RSA, ECDSA, DSA
▪ AES, TripleDES, DES
▪ SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD160
▪ SHA-1 HMAC, SHA-224 HMAC, SHA-256 HMAC, SHA-384 HMAC,
▪ SHA-512 HMAC
▪ RSA, ECDSA, DSA asymetric key generation, AES, DES, TripleDES symmetric key generation
▪ Operation capability with secp prime and custom curves
▪ National random number generator

APPLICAITON PROGRAMMING INTERFACES (APIS)
▪ PKCS#11 v2.20

SECURITY
▪ ISO 19790 Level-3 (FIPS 140-2 equivalent)
▪ CC EAL4+ certificate
▪ Tamper resistant hard metal enclosure
▪ Temprature and voltage change monitoring

MANAGEMENT
▪ Remote device management
▪ GUI and command prompt managment applicaitons
▪ 4.3 inch LCD touch panel for local management
▪ M-of-N administrator authentication in critical functions
▪ Operation logging
▪ Upto 256 PKCS#11 slots
▪ Upto 32 client connections
▪ Backup and restore functionality

PERFORMANCE
▪ RSA 2048-bit sign 520 ops/sec
▪ RSA 4096-bit sign 110 ops/sec
▪ ECDSA 256-bit prime sign 1600 ops/sec

PHYSICAL INTERFACE
▪ Gigabit ethernet

SUPPORTED OPERATING SYSTEMS
▪ Linux, Windows