Advanced
Automotive
Electronics

BlackVault HSM

BlackVault HSM


The BlackVault Hardware Security Module (HSM) is a network - attached general-purpose FIPS 140-2 Level 3 HSM with unique functionality making authentication, security, compliance, and ease of use paramount.

Public Key Cryptography for generating and protecting the public and private keys.

MAIN FUNCTIONS:
- Key management
- Key Import/Export
- Key wrap/ unwrap
- Create Certificates
- Sign/Verify Files
- Encrypt/Decrypt Files
- IoT, Smart Card Issuance (online and off-line)
- PKI

Able to utilize AES, RSA EC, and DSA key types. Sign using various hashes including but not limited to SHA256, SHA384, and SHA512. 


kup HSM.TAC Crypto

Benefits

- Secure Keys in Tamper Reactive Hardware
- Generate, Store, Backup and Decommission Keys
- Expedite Regulatory Compliance Audits
- Securely Transport Keys, Certificates, Signatures, etc.
- Single Platform has Network and USB Ports
- Compact, Fits in Safe, Server Slot, Secure Room
- Integrated Multi-factor Authentication (Trust Path)
- Multi-level Access Control
- Secure Audit Logging, Remote Management,
- Powerful, easy to use, PKCS#11 CLI tool (BV Tool)

Technical specification:

Cryptography

Full Suite B support with Elliptic Curve Cryptography (ECC)

Asymmetric: RSA (1024, 2048, 4096, 8192), Diffie-Hellman, DSA,
Elliptic Curve Cryptography (ECDSA (NIST Curves: P-192, P-224, P-256, P-384, P-521, K-163, K-233, K-283, K-409, K-571, B-163, B-233, B-283, B-409, B-571), ECDH)
Symmetric: AES 256
Hash / Message Digest: SHA-1, SHA-2 (224, 256, 384, 512)
Hardware Random Number Generator: NIST SP 800-90
Operating Systems Windows, Linux, Ubuntu, CentOS, RedHat 
Virtual: VMware, Windows 
Cryptographic APIs PCKS#11, Java (JCE), Microsoft CAPI / CNG
Host Connectivity Ethernet 10/100 z Transport Layer Security (TLS) i opcjonalnie SFP
Additional Connectivity Integrated Smart Card Reader
USB 2.0 
Management Touch Screen Graphical User Interface
Command Line Interface (CLI)
Syslog Logging
SNMPv3 Monitoring and Traps
Multi-level Access Control ("M of N")
Remote managment
Mounting Desktop (Portable)
19” rack mount (1U height)
Server Hard Drive Slot Embeddable
Physical Dimensions: 4” x 6” x 1” (102 mm x 153 mm x 26 mm)  
Weight: 1 lb. (0.454 kg)  
Power Power Consumption: 4W  
Input Range: 5 to 30 VDC 
Lockable DB9 Connector
AC adaptor included (order per country)
Redundancy Optional Dual Power, Hot Standby
Environmental Operating Temperature: 0° to 50° C (32° to 122° F)
Storage Temperature: -20° to 60° C (-4° to 140° F)
Operating Humidity: Up to 90% (Non-Condensing)
Optional Extended Temperature Range Available
Certification FIPS 140-2 Level 3  
Regulatory CE 
Safety: IEC 60950
EMC: CFR 47 Part 15 Sub Part B: 2002,
EN55022: 1994+A1&A2, EN55024, ICES-003 1997, CISPR22 Level A 


 

 Data sheet

BlackVault HSM.RAS

BlackVault HSM.RAS


The BlackVault HSM.RAS is a network-attached general-purpose FIPS 140-2 Level 3 Hardware Security Module with unique functionality making authentication, security, compliance, and ease of use paramount.
 

Public Key Cryptography for generating and protecting the public and private keys. 


Main Functions:
  • Create Keys/ Delete Keys
  • Import / Export keys
  • Key wrap/ unwrap
  • Create Certificates
  • Sign/Verify Files
  • Encrypt/Decrypt Files
  • Wydawanie inteligenych kart
  • Self-Signed Certificates
  • PKI

Able to utilize AES, RSA EC, and DSA key types. Sign using various hashes including but not limited to SHA256, SHA384, and SHA512.

kup HSM.TAC Crypto

Basic functions BlackVault HSM.RAS:

- Intrusion Tamper Reactive Hardware (Level 3+)
- Generate, Store, Backup and Decommission Keys
- Solid State Construction
- Highly Secure Silicon Die Shield Crypto Boundary
- Expedite Regulatory Compliance Audits
- Securely Transport Keys, Certificates, Signatures, etc.
- Single Platform has Network and USB Ports
- Compact, Fits in Safe, Server Slot, Secure Room
- Integrated Multi-factor Authentication (Trust Path)
- Multi-level Access Control
- Secure Audit Logging
- Remote Management

Modules supported by BlackVault HSM.RAS:

 

Cryptography

Full Suite B support with Elliptic Curve Cryptography (ECC)
Asymmetric: RSA (1024, 2048, 4096, 8192), Diffie-Hellman, DSA,
Elliptic Curve Cryptography (ECDSA (NIST Curves: P-192, P-224, P-256, P-384, P-521, K-163, K-233, K-283, K-409, K-571, B-163, B-233, B-283, B-409, B-571), ECDH)
Symmetric: AES 256
Hash / Message Digest: SHA-1, SHA-2 (224, 256, 384, 512)
Hardware Random Number Generator: NIST SP 800-90
Operating Systems Windows, Linux, Ubuntu, CentOS, RedHat 
Virtual: VMware, Windows 
Cryptographic APIs PCKS#11, Java (JCE), Microsoft CAPI / CNG
Host Connectivity 10/100 Ethernet with Transport Layer Security (TLS) and Optional SFP
Additional Connectivity Integrated Smart Card Reader
USB 2.0 
Management Graphical User Interface
Command Line Interface (CLI)
Syslog Logging
SNMPv3 Monitoring and Traps
Multi-level Access Control ("M of N")
Remote Management
Mounting Desktop (Portable)
19” rack mount (1U height)
Server Hard Drive Slot Embeddable
Physical Wymiary: 4” x 6” x 1” (102 mm x 153 mm x 26 mm)  
Waga: 1 lb. (0.454 kg)  
Power Power Consumption: 4W
Input Range: 5 to 30 VDC 
Lockable DB9 Connector
AC adaptor included(order per country)
Redundancy Optional Dual Power, Hot Standby
Environmental Operating Temperature: 0° to 50° C (32° to 122° F)
Storage Temperature: -20° to 60° C (-4° to 140° F)
Operating Humidity: Up to 90% (Non-Condensing)
Optional Extended Temperature Range Available on the BlackVault HSM.TAC
Certification FIPS 140-2 Level 3  
Regulatory CE 
Safety: IEC 60950
EMC: CFR 47 Part 15 Sub Part B: 2002,
EN55022: 1994+A1&A2, EN55024, ICES-003 1997, CISPR22 Level A 

DATA SHEET

BlackVault HSM.TAC

BlackVault HSM.TAC


The BlackVault HSM.TAC is a network - attached general-purpose FIPS 140-2 Level 3 Hardware Security Module with unique functionality making authentication, security, compliance, and ease of use paramount.

Main Functions:

  • Key management
  • Create Keys
  • Delete Keys
  • Encrypt/Decrypt Files
  • Key Import/Export
  • (PKI)
  • key wrap/ unwrap
  • Certification
  • Create Certificates
  • Self-Signed Certificates (online and off-line)

 

kup HSM.TAC Crypto
 

Benefits

- Secure Keys in Tamper Reactive Hardware
- Generate, Store, Backup and Decommission Keys
- Solid State Construction
- Highly Secure Silicon Die Shield Crypto Boundary
- Expedite Regulatory Compliance Audits
- Securely Transport Keys, Certificates, Signatures, etc.
- Single Platform has Network and USB Ports
- Compact, Fits in Safe, Server Slot, Secure Room
- Integrated Multi-factor Authentication (Trust Path)
- Multi-level Access Control
- Secure Audit Logging
- Remote Management

Technical Specification

Cryptography Full Suite B support with Elliptic Curve Cryptography (ECC)
Asymmetric: RSA (1024, 2048, 4096, 8192), Diffie-Hellman, DSA,
Elliptic Curve Cryptography (ECDSA (NIST Curves: P-192, P-224, P-256, P-384, P-521, K-163, K-233, K-283, K-409, K-571, B-163, B-233, B-283, B-409, B-571), ECDH)
Symmetric: AES 256
Hash / Message Digest: SHA-1, SHA-2 (224, 256, 384, 512)
Hardware Random Number Generator: NIST SP 800-90
Operating Systems Windows, Linux, Ubuntu, CentOS, RedHat
Virtual: VMware, Windows
Cryptographic APIs PCKS#11, Java (JCE), Microsoft CAPI / CNG
Host Connectivity 10/100 Ethernet with Transport Layer Security (TLS) and Optional SFP
Additional Connectivity Integrated Smart Card Reader
USB 2.0
Management Graphical User Interface
Command Line Interface (CLI)
Syslog Logging
SNMPv3 Monitoring and Traps
Multi-level Access Control ("M of N")
Remote Management
Mounting Desktop (Portable)
19” rack mount (1U height)
Server Hard Drive Slot Embeddable
Physical Dimensions: 4” x 6” x 1” (102 mm x 153 mm x 26 mm)
Weight: 1 lb. (0.454 kg)
Power Power Consumption: 4W
Input Range: 5 to 30 VDC
Lockable DB9 Connector
AC adaptor included(order per country)
Redundancy Optional Dual Power, Hot Standby
Environmental Operating Temperature: -20° to 60° C (-4° to 140° F)
Storage Temperature: -20° to 60° C (-4° to 140° F)
Operating Humidity: Up to 90% (Non-Condensing)
Optional Extended Temperature Range Available
Certification FIPS 140-2 Level 3
Regulatory CE
Safety: IEC 60950
EMC: CFR 47 Part 15 Sub Part B: 2002,
EN55022: 1994+A1&A2, EN55024, ICES-003 1997, CISPR22 Level A

BlackVault CA

BlackVault CA


The BlackVault CA (Certificate Authority) is a fully functional CA application. It is utilized to provide a strong assurance of identity by issuing and managing public-key certificates. Certificates are generated within secure software and trusted hardware with private keys stored in the tamper reactive cryptographic boundary of the integrated HSM.

The BlackVault CA ensures both maximum security and operational simplicity.

kup HSM.TAC Crypto









Main functions:

The BlackVault CA  is ready to deploy purpose-built FIPS level 3 CA appliance that performs: X.509 certificate generation, CSR and CRL processing, OCSP and EST servers, Key generation & management.

Benefits

  • CA Appliance - Eliminates Complex Software Installation
  • Out of Box Ultimate Level of Security - Integrated HSM with truly Private Keys
  • Overcomes Vulnerabilities of Soft Crypto
  • Integrated Multi-factor Authentication (Trust Path)
  • Protects Intellectual Property
  • Expedite Regulatory Compliance Audits
  • Compact Size Fits in Safe Deposit Box
  • Compact, Fits in Safe, Server Slot, Secure Room
  • Secure Key Management: - Generation, Storage, and Backup

Technical Specification

CA Instantiation Root CA (Self-Signed)
Subordinate CA (Chain of Trust to Root CA)
Certificate Generation Certificate Signing Request (CSR) and X.509 Generation
Certificate Types (Web, CA, Self-Signed, VPN / Email)
Certificate Extensions
Certificate Endpoint Delivery Enrollment over Secure Transport (EST)
Simple Certificate Enrollment Protocol (SCEP)
Manage Certificates NTP time stamps
Online Certificate Status Protocol (OCSP)
Certificate Revocation List (CRL)
Certificate Assignment
Export and Directory Publishing
Cryptography Asymmetric public key algorithms: - RSA (2048, 3072, 4096) - ECDH, ECDSA
Symmetric algorithm: AES 128, 192, 256 bit
Hash/message digest: SHA-2 (256, 384, 512bit)
Full Suite B implementation with Elliptic Curve Cryptography (ECC) EC curves P-256, P-384, P-521
Key Exchange With Key:
Personal Information Exchange PKCS #12,
Base-64 (PEM) with password PKCS #8
Without Key:
DER encoded (.CER),
Base-64 (PEM) encoded (.PEM),
Cryptographic Message Syntax Standard PKCS #7 (.P7B)
Protocols SSH, TLS
EST: Enrollment over Secure Transport
X.509: Certificate Revocation Lists (CRLs)
OCSP: Online Certificate Status Protocol
Connectivity 10/100 Ethernet with Transport Layer Security (TLS) and Optional SFP
USB 2.0
Mounting Desktop (Portable)
19” rack mount (1U height)
Server Hard Drive Slot Embeddable
Power DB9 Connector: Dual Hot Standby 5 to 30 VDC
Power consumption: 4W
Physical Portable (Server Hard Drive Mechanics) Wall and Din Rail Mounting
Dimensions 102 x 153 x 26 mm (4 x 6 x 1in)
Weight: 454 grams; 1 pound
Temperature: operating -20 to 60°C
Humidity: operating 10 to 90% storage 0 to 95%
Redundancy Optional Dual Power, Hot Standby
Environmental Operating Temperature: -10° to 50° C (0° to 132° F)
Operating Humidity: Up to 90% (Non-Condensing)
Optional Extended Temperature Range Available
Certification FIPS 140-2 Level 3
Regulatory CE
Safety: IEC 60950
EMC: CFR 47 Part 15 Sub Part B: 2002,
EN55022: 1994+A1&A2, EN55024, ICES-003 1997, CISPR22 Level A