Hardware Security Module
AEP Keyper Plus
UTIMACO SECURITYSERVER SE GEN2
UTIMACO SECURITYSERVER CSE
UTIMACO CRYPTOSERVER SOFTWARE DEVELOPMENT KIT (CRYPTOSDK)
UTIMACO TIMESTAMP SERVER
Cryptography Customisation Solution
Public Key Infrastructure Solution
Turnkey PKI Solution
EJBCA Enterprise
SecureTMS Ra
Hardware Security Module

Other Products And Services

Two Factor Authentication
Multi Factor Authentication
FIDO Token
Software Protection Dongle
Digital Signature Solutions
Mobile Application Security
Certification Authority System
Password Security Assessment
Cryptography Customization
Cryto As A Services
Smart Card Reader

AEP Keyper Plus

keyperplus_2017
Ultra Electronics AEP has designed the Keyper Plus range of HSMs to provide the ultimate level of protection for the most sensitive data and information systems. At the heart of KeyperPlus is AEP’s revolutionary ACCE technology.

ACCE is the next generation flexible crypto platform that provides the highest level of assurance FIPS 140- 2, Level 4. Based on this core technology, AEP has built a product range to cater to the PKI, VPN and Internet security markets.

The Keyper Plus HSM is ideally suited to businesses deploying a cryptographic system where the protection of cryptographic keys is a priority, for example, in organizations requiring certificate signing, code or document signing, bulk generation or ciphering of keys or data.

The Keyper Plus HSM is available in three models offering various levels of scale and performance.

Keyper Plus (with or without ECC) Features:

  • Architecture – Built using ACCE giving tamper protection to FIPS 140-2 Level 4
  • Design – Integrated smart card reader, PIN entry and cryptographic processing
  • Fault Tolerance – Supports resilient configurations
  • Scalability – Load balancing of multiple HSMs across multiple hosts
  • Choice of Interfaces – PKCS#11, Microsoft CAPI, Java JCE/JCA
  • Connectivity – Ethernet connectivity offering greater scalability and flexibility
  • Manageability – Small footprint allows desktop use or rack mounting
  • Field Upgradable – Upgrade firmware and algorithms in the field
  • Authenticated Use of Keys – Optionally PIN activated
  • Operating Systems – Linux, Free BSD
ModelKeyperPlus
Product Dimensions 223 x 51 x 244 mm
Power Requirements100 – 240VAC, 47-63 Hz (65VA)
Optional Redundant Power Module
Cryptographic Functions and
Services (firmware v3.0)
  • ECDSA curves:
    • P192 – P521
    • brainpoolP224r1 – P512r1
    • brainpoolP224t1- P512t1
    • secp256k1
  • ECDH curves:
    • P192 – P521
    • brainpoolP224r1 – P512r1
    • brainpoolP224t1- P512t1
  • RSA: 1024 – 4096 bit key length
  • DSA: 1024 bit key modulus
  • AES: 128 – 256 bit key length
  • 3DES: 168 bit key length
  • SEED: 128 bit key length
  • Hash: SHA-2, RIPEMD-160
Performance (key signing,
using up to 8 connections)
  • >3,500 tps (RSA 1024)
  • >2,000 tps (RSA 2048)
  • >950 tps (ECDSA 256)
Random Number GenerationHardware random number generator with full entropy (FIPS 186-2 compliant)
Administrator Roles
  • Security Officer
  • Crypto Officer
  • Operator
Key Management
  • Storage Master Key (SMK) import/export via smart cards in M of N components
  • Application Key import/export via smart card or USB protected with an internal Master Key
Key Protection
  • Red Key Store: keys actively erased when a tamper is detected
  • Black Key Store: large key store encrypted under the SMK
Key Storage15,000 keys (any size)
Connectivity
  • TCP/IPv4 and IPv6 over Ethernet at 10/100/1000 Mbps full/half duplex with auto-negotiation
  • Up to 256 concurrent connections
Device ManagementLocal or remote using Keyper Management Centre (remote management requires firmware v3.0 or later)
Crypto Module CertificationFIPS 140-2 Level 4 (cert. #2298) firmware v2.3
Operating Environment
  • Operating temp: 5 to 40 °C (25 to 90% humidity, non-condensing)
  • Storage temp: -15 to 65 °C
Host Software
  • PKCS#11 Provider
  • MS-CAPI Provider
  • MS-CNG Provider
  • Keyper Load Balancer (optional)

Other Hardware Security Module Products

Utimaco SecurityServer Se Gen2

Utimaco SecurityServer Se Gen2

The SecurityServer Se Gen2, a FIPS 140-2 Level 3 certified HSM from Utimaco secures cryptographic key material for servers and applications. It includes integration software that supports the industry standards (e.g. PKCS#11, Microsoft CSP/CNG, JCE, and more) which are used in most application scenarios, e.g. Enterprise PKI applications, database encryption, etc. The SecurityServer Se Gen2 is available as PCIe embedded card or as network attached appliance.

LEARN MORE

Utimaco SecurityServer CSe

Utimaco SecurityServer CSe

The SecurityServer CSe, a physical security FIPS 140-2 Level 4 certified HSM from Utimaco implements tamper-responding technology for securing cryptographic key material for servers and applications. It is conceived for applications and market segments with high physical security requirements, e.g. Government Authorities, Banking environment, etc. The SecurityServer CSe is available as PCIe embedded card or as network attached appliance.

LEARN MORE

Utimaco CryptoServer Software Development Kit (CryptoSDK)

Utimaco CryptoServer Software Development Kit (CryptoSDK)

The Utimaco CryptoSDK is the professional development environment for all Utimaco HSMs. It enables integrators and end-users to create specific applications, e.g. proprietary algorithms, custom key derivation procedures or complex protocols that run in the tamper-proof environment of the Utimaco HSMs. As the SDK provides full access to the Utimaco based firmware, highly skill CryptoSDK expertise will be required to do this.

LEARN MORE

Utimaco Timestamp Server

Utimaco Timestamp Server

The Utimaco TimestampServer is the ideal HSM for business applications that require proving the existence of a document or data at a specific point in time. This product ensures the tamper-proof creation and authenticity of timestamps, which can be verified at all times whether the timestamped data existed in the exact same form at the point of time logged by the timestamp. Its periodical re-creation of current timestamp supports long term archiving for future audit.

LEARN MORE

Related PKI Solution Products And Services

PKI Solution

SecureMetric is well known with its strong PKI domain expertise in Southeast Asia region. PKI has been recognized in ICT as the most secured security architecture and so far the only option that can achieve Non-Repudiation (i.e. one cannot denied). PKI in fact have been implemented to many of our day-to-day utilization and perhaps without us knowing about it.

LEARN MORE

turnkey_240x153-1

Turnkey PKI Solution

Securemetric offers end-to-end turnkey PKI solution for government and/or enterprises to setup rigidly regulated license CA. Our professional consultancy usually covers from understanding of the local regulatory requirements to the extend of establish business models with industrial best practice operational procedures. Securemetric offers comprehensive PKI software solution from backend (CA + HSM) to front-end (TMS, RA , VA, TSA, Signing, PKI devices, and more).

LEARN MORE

EJBCA Enterprise

EJBCA Enterprise

Securemetric is the only highly skilled certified partner appointed for EJBCA Enterprise in Asia. EJBCA Enterprise, Common Criteria EAL4+ certified core CA software, has been deployed to hundreds of mission critical PKI implementation around the world. Securemetric is also part of the joint development team where our SecureTMS RA is specially tailored to best fitted into this platform to extend to achieve distributed RA business model on EJBCA Enterprise.

LEARN MORE

SecureTMS RA

SecureTMS RA, an enterprise class PKI end devices and digital certificate lifecycle management system that can extend to offer distributed RA business model (i.e. let enterprise customer take charge of their own user verification process). This tested and certified system has been deployed to many mission critical PKI projects with options to support various different types of PKI end devices. SecureTMS RA is already integrated and tested into EJBCA Enterprise platform.

LEARN MORE

PKI Tokens

PKI Token

Securemetric carry series of PC and/or mobile based PKI security devices which are commonly in demand for PKI project which require to meet qualified digital certificate policy (i.e. client hardware to store private key and perform PKI cryptography functionalities). SecureToken ST3 Ace is our FIPS Level 3 certified USB based PKI tokens built in with capability to automate many PKI operations behind the user scene. There are also various devices to support iOS and Android platforms.

LEARN MORE

PKI Tokens

Securetoken ST3

SecureToken ST3 is the latest state of the art Auto-Install model which combines both high speed and high security 32-bit microprocessor with 128K (64K usable) memory smart card based authentication device together with 2MB flash memory for Auto Installer facility for needed middleware and token manager tool. This model eliminates common hassle on implementing USB token where external media such as CD-ROM is still needed for token’s middleware and tool installation manually.SecureToken ST3 is a truly Auto Install model.

LEARN MORE

PKI Tokens

Securetoken ST3 ACE

ST3 ACE is aimed to be bundled with Securemetric’s patterned advanced SecurTMS client components in order to simplify PKI token deployment so as to achieve excellent user experiences.

LEARN MORE

PKI Tokens

Securetoken ST3 ACE AUDIO

With the prevalence of smart phones mobile banking and payment is becoming increasingly popular. A user friendly interface, a convenient self-service banking platform, access anytime and anywhere, these are the factors that distinguish ST3 ACE AUDIO and position it a cut above the rest of this competitive application market.

LEARN MORE

PKIinabox_240x153

PKI in a box

PKI in a box is an ideal appliance based all-in-one PKI solution that can achieve fast to market objective, reduce from months to weeks for implementation can significantly minimize the total ownership cost of a PKI project. PKI in a box consist of well designed security platform in an industrial grade made in Germany hardware together with Common Criteria EAL 4+ certified EJBCA Enterprise + SecureTMS RA + FIPS Level 3 certified PCI HSM.

LEARN MORE

Hardware Security Module (HSM)

Hardware Security Module

HSM is the dedicated cryptography server that will be used to generate key pairs, safeguard keys and also to perform all needed cryptography functionalities within a tempered proof environment. HSM is usually deployed in most of the security implementation which require higher level of security. Securemetric distribute AEP Networks and Utimaco HSMs to compliment our security project implementation.

LEARN MORE

Get in touch with us

For more information regarding our services and solutions contact one of SecureMetric’s sales representatives. We have agents worldwide that are available to help with your digital security needs. Fill out our contact form and one of our representatives will be in touch to discuss how SecureMetric can assist you.