Все решения

nShield 5c

nShield 5c is a security appliance that deliver cryptographic services to applications across the network, in the cloud, and in hybrid environments.


The hardened, tamper-resistant, FIPS 140−3 level 3 certified platforms perform such functions as encryption, digital signing, and key generation and protection. With their comprehensive capabilities, flexible hybrid deployments, quantum crypto-agility, and 100% compatibility with existing nShield HSM deployments and APIs, these HSMs can support an extensive range of applications, including certificate authorities, code signing, and more.
Advantages
Tech Specifications

Advantages

  • Powerful architecture
Build and grow your HSM estate using Security World, Entrust's unified ecosystem that delivers scalability, load balancing, seamless failover, and disaster recovery.

  • Faster Dara Processing
Get some of the highest cryptographic transaction rates in the industry. Ideal for environments where throughput is critical.

  • Protection of sensitive business and application logic
Execute code within nShield boundaries, protecting your applications and the data they process.

Tech Specifications

Features include
  • Centralized, remote visualization and management console supporting HSM administration and Security World management
  • A serial console supporting provider/tenant deployment models through strong role separation, delineating tasks such as changing network settings from controlling cryptographic actions
  • Remote presentation of physical tokens to authorize administration tasks and cryptographic key usage
  • Seamless interoperation with all other variants and versions of the nShield HSM family

Security Compliance
  • FIPS 140-3 Level 3
  • eIDAS and Common Criteria EAL4 + AVA_VAN.5 and ALC_FLR.2 certification against EN 419 221-5 Protection Profile, under the Dutch NSCIB scheme
  • Can form the basis of an EN 419 241-2 certified remote signing system for eIDAS
  • Compliant with BSI AIS 31 for true and deterministic random number generation

Safety and Environmental Standards Compliance
  • UL, CE, FCC, UKCA, RCM, Canada ICES, RoHS, WEEE, REACH

High Transaction Rates
  • nShield HSMs boast high elliptic curve cryptography (ECC) and RSA transaction rates.

Supported Cryptographic Algorithms
  • Full NIST Suite B implementation
  • Asymmetric algorithms: RSA, Diffie-Hellman, ECMQV, DSA, El- Gamal, KCDSA, ECDSA (including NIST, Brainpool & secp256k1 curves), ECDH, Edwards (Ed25519, Ed25519ph)
  • Symmetric algorithms: AES, AES-GCM, Arcfour, ARIA, Camellia, MD5 HMAC, RIPEMD160 HMAC, SEED, SHA-1 HMAC, SHA-224 HMAC, SHA-256 HMAC, SHA-384 HMAC, SHA-512 HMAC, Tiger HMAC, 3DES
  • Hash/message digest: MD5, SHA-1, SHA-2 (224, 256, 384, 512 bit), HAS-160, RIPEMD160, SHA-3 (224, 256, 384, 512 bit)
  • Elliptic Curve Key Agreement (ECKA) available via Java API and nCore APIs
  • Elliptic Curve Integrated Encryption Scheme (ECIES) available via Java API, PKCS#11, and nCore APIs
  • TUAK & MILENAGE algorithm support for mutual authentication and key generation (3GPP)
  • NIST short-listed post-quantum cryptographic algorithms supported using the nShield Post Quantum SDK with CodeSafe

nShield HSMs offer support for the majority of these cryptographic algorithms as part of the standard feature set. For organizations wishing to use South Korean algorithms, optional activation licenses are needed.

Supported Platforms
Windows and Linux operating systems including distributions from Red Hat, SUSE, and major cloud service providers running as virtual machines or in containers.

Reliability
Calculated at 25°C operating temperature using Telcordia SR-332 “Reliability Prediction Procedure for Electronic Equipment" MTBF Standard
  • nShield 5c HSM: 107,845 hours
Made on
Tilda