Hardware security module Eracom
(http://www.eracom-tech.com/protectserver_ext.0.html)
HSM (Hardware Security Module) Eracom protects server orange (CSA8000) Eracom with the Hardware Crypto Accelerator.
They are produced as a separate module or as a PCI-board:
There are three types of modules, which differ in number of operations on digital signing:
- PL50 ~ 50 RSA signatures (1024-bit) operations/sec.;
- PL220 ~ 220 RSA signatures (1024-bit) operations/sec.;
- PL450 ~ 450 RSA signatures (1024-bit) operations/sec.;
The modules have a certificate FIPS 140-1 Level 3 (Common Criteria EAL4+), and they also have the compatibility
certificates Valicert, Identrus, Entrust. Module PL220 has a certificate DSTSZI of SBU.
Functional characteristics:
- Algorithms that meet FIPS and modes without FIPS;
- Public key certificates - X.509 v3, certificate inquiry PKCS#10;
- API (application program interface), standards compatibility - PKCS#11, DSS, SHS, ANSI X.9, SSL/TLS/WTLS, IPSec, SET, S/MIME;
- High level of physical protection when storing keys;
- Skew keys support up to 4096 bits;
- Built-in timer and Random Number Generator;
- Secure export/import of the keys for the smart cards;
- Memory volume 1 Mb;
- Platforms - Windows NT/2000, Sun Solaris, Linux, SCO OpenServer, UnixWare.
They can be used as the component of CA (Certification Authorities), RA (Registration Authorities), Time Stamping
Servers, OCSP Responders and systems of eCommerce (Payment Gateways, Merchant Systems, ATM (Automatic Teller Machine)
etc.) and other security tasks (SSL Crypto Accelerator, Secure Web Servers, Virtual Private Networks (VPN) etc).
|