MULTI-PARTY CRYPTO SOLUTION
LONG STORY SHORT
about MPCM HSM
The Multi-party Crypto Module HSM system can generate signing and encryption RSA key pairs in a truly revolutionary and distributed manner. When configured for the most secure mode, no appliance will ever see a secret key as a whole, as they generate, store and use merely parts of the secret. When configured for using the faster (called the trusted dealer) method, one of the appliances generates the secrets, splits them and securely distributes the parts to the other appliances before securely erasing the generated key.
The signature or decryption functions are executed on all or – if configured that way – on n-out-of-k appliances separately, as the appliances taking part in the process use only the parts of the secrets they store and protect. The result of this unique procedure will always be a standard RSA signing or decrypting operation.
WANT TO KNOW MORE?
- PKCS#11, JCA/JCE, CSP/KSP
- CMAPI (proprietary)
- Triple gigabit Ethernet port
- Dual USB port
- Display port
- CC EAL4+ (due in Q2 2019)
- eIDAS listing (due in Q3 2019)
- Multi-party asymmetric: RSA, ECC (due in Q1 2019)
- Non-distributed asymmetric: RSA, ECC
- Multi-party symmetric: AES (due in Q1 2019)
- Non-distributed symmetric (AES, TDES), hash (SHA1, SHA256, SHA384, SHA512), message authentication (HMAC, AES-GMC)
- Encryption/decryption scheme: PKCS#1 (RSAES-PKCS1- v1_5)
- Random Number Generation: hybrid deterministic seeded with TRNG Physical Characteristics (per appliance)
- Format: Standard 1.5U 19” rack mount chassis
- Dimensions: 19” x 21” x 2.58” (482.6mm x 533.4mm x 65.7mm)
- Weight: 19lb (8.5kg)
- Input Voltage: 24V DC (PSU 100–240V, 50–60Hz)
- Power Consumption: 120W maximum, 50W typical