Key Management and Encryption
The Primus X-Series HSM performs a wide range of operations. It generates encryption keys, stores these keys, and manages the distribution of these keys. Besides key management, it also performs authentication and encryption tasks. Multiple Primus HSMs can be grouped together in a self-synchronizing cluster to support geo-redundancy and load balancing. Each Primus can also be partitioned for multiple applications. Primus supports symmetric (AES, 3DES), asymmetric (RSA, ECC, Diffie-Hellman), cryptographic hash algorithms (SHA-2, SHA-3), as well as advanced encryption standard-cipher message authentication code (AES-CMAC) for symmetric key diversification.
True Random Numbers Generation (TRNG)
High-entropy encryption keys are paramount to provide the highest security. The Primus X-Series HSM has multiple true random number generation (TRNG) modules. They are built up with separate hardware components and get their randomness from different physical noise mechanisms.