ProtectServer HSMs

Varied Performance and BUS Interface

SafeNet ProtectServer Gold is a PCI-X compliant expansion card, while SafeNet ProtectServer Internal-Express is a PCI Express x4 compliant card. Both HSMs offer different performance levels to meet varied system requirements.

Wide Range of Cryptographic Processing

ProtectServer Gold offers 4MB secure storage while ProtectServer Intenal-Express offers double this amount. Both offer a wide range of cryptographic services, including

• Encryption
• User and data authentication
• Message integrity
• Secure key storage and key management for eCommerce
• PKI
• Document managment
• Electronic Bill Presentation and Payment
• Database encryption
• Financial EFT transactions, and more.
  

Extensive APIs

Users and developers can facilitate seamless integration of cryptography and HSMs into a large array of pre-integrated third-party solutions or custom applications. The Customization Software Development Kit (ProtectProcessing) enables the development, download, and storage of custom-specific functionality modules (FMs) inside the secure boundary of the HSM.

Reduced Deployment Cost

Convenient administration reduces integration costs and time to deployment.  Management is secure and easy to perform. Smart cards provide the highest security and administrative convenience for secure backup, recovery, and transfer of cryptographic keys and upgrades, which can be cost-efficiently performed at the in-field location, avoiding the need to return the product to the service location.

 Operating Systems Supported

• Windows 2003, 2008 (32 & 64-bit)
• Solaris 9, 10 SPARC (32 & 64-bit)
• Solaris 10 x 86 (32 & 64-bit )
• Linux E4K 2.6 (32 & 64-bit)
• Linux E5K 2.6 (32 & 64-bit)
• Linux SuSE 9,10 (32 & 64-bit)
• AIX 5.3 (32 & 64-bit) (ProtectServer Gold)
• HP-UX 11i (32 & 64-bit) (ProtectServer Gold)  

Cryptographic Processing

• Asymmetric Key Encryption
• RSA (up to 4096 bit) , DSA, ECDSA (up to 512 bits) Diffie  Hellman (DH), plus others

Symmetric Algorithms

• AES, DES, 3DES, CAST-128, RC2, RC4, SEED, ARIA plus others
• Modes supported include ECB, CBC, OFB64, CFB-8 (BCF) plus others

Hashing Algorithms

• MD5, SHA-1, SHA-256, SHA-384, SHA-512, MD2, RIPEMD128, RIPEMD160, DES MDC-2 PAD1

Message Authentication Codes

• SHA-1, SHA-256, SHA-384, SHA-512, MD2, RIPEMD128, RIPEMD160, DES MDC-2 PAD1, SSL3 MD5 MAC, AES MAC, CAST-128 MAC, DES MAC, DES3 MAC, DES3 Retail CFB MAC, DES30x9.19 MAC, IDEA MAC, RC-2 MAC, SEED MAC, ARIA MAC, VISA CVV
• ECC Brainpool Curves (named and user-defined)

Random Number Generation

• Digital Signing
• DSA (512-1024), ECDSA, RSA, PKCS#11v1.5, 9796, X509, Time stamp

Regulatory Standards Certification

• FCC Part 15 - Class B
• RoHS-compliant
• BAC and EAC ePassport certification
• ProtectServer Gold: FIPS 140-2 Level 3 Certificate #739 & #1137
• ProtectServer Internal-Express: FIPS validation in progress
• FCC Part 15 Class B Unintentional Radiators ANSI C63.4-2003
• EN 55022:1998 Amendment 1:2000, Amendment 2:2003
• EN 55024:1998 Amendment 1:2001

 Features:

• Tamper-resistant casing
• Fast transaction speeds for Electronic Funds Transfer (EFT) transactions
• Strong security for ePassports, PKI, e-commerce, and digital document management
• Extensive API capabilities for development of custom applications

Benefits:

• High-performance data processing
• Easy management and convenient remote administration
• Complies to regulatory standards
• Highly secure