<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
x
Download Factsheet

PRIMUS HSM S500

The Primus S500 Hardware Security Module has been built exclusively for the Swiss Interbank Clearing System operated by SIX-SIC under the supervision of the Swiss National Bank. Daily transactions of over CHF 100 billion per day are protected by Primus S500 HSM.

image3

Overview

The Primus HSM S500 is an exclusive version with a restricted feature set for the Swiss Interbank Clearing operated by SIX-SIC. It generates encryption keys, stores these keys, and manages the distribution of these keys. Besides key management, it can also perform authentication and encryption tasks.

HIGH ENTROPY ENCRYPTION KEYS

Multiple Primus S500 HSMs can be grouped together for redundancy and load balancing controlled by the application program. Primus supports symmetric (AES, Camellia), asymmetric (RSA, Diffie-Hellman), and hashing (SHA-2, SHA-3) cryptographic algorithms. High entropy encryption keys are generated in separate hardware true random number generation (TRNG) modules based on different physical noise mechanisms.

Post Quantum Computer Ready

Thanks to its dynamic FPGA (field programmable gate array) based architecture, the Primus HSM is quantum computer ready. Should quantum computers make any of the supported algorithms obsolete then an algorithm that is quantum computer safe may be installed through a software/firmware upgrade.

S500_ganz_freigestellt_0

Primus HSM S500 Gallery

Business Advantage

The Primus S500 HSM is the only device approved for the Swiss Interbank Clearing (SIC4) system. It has been validated by the Cryptographic Group of the Swiss Ministry of Defence. Its dynamic architecture allows for future upgrades to new algorithms, higher performance and enables a long life time.

Technical
specification

Military Grade Security Architecture

  • Multi-barrier software and hardware architecture with supervision mechanisms

Encryption / Authentication

  • 128-bit and 256-bit AES with GCM, CTR, ECB, CBC, MAC modes
  • Camellia
  • RSA 2048, 3072, 4096, 8192
  • Diffie-Hellman
  • SHA-2 (256 - 512), SHA-3
  • Upgradeable to quantum computer safe algorithms

Key Generation

  • Two high entropy hardware true random number generators

Key Management

  • Key capacity: 250 Mbyte
  • Ultra-secure vault for long term keys and certificates

Anti Tampering Mechanismst

  • Several sensors to detect unauthorized access
  • Enabled to destroy all key material and sensitive data
  • Transport & multi-year storage tamper protection

Firmware

  • Local firmware update

Security Roles

  • Multiple security officers (2 out of m)
  • Identification based on Smartcard and PIN

Internet Protocol

  • IPv4
  • IPv6

Software Integration

  • JCE/JCA Provider

Network Management

  • Enhanced test functions
  • Event agent
  • Configuration, monitoring and logging
  • Firmware updating

Load Balancing / Fail Over

  • Multiple units may be connected to provide load balancing

Performance

  • RSA (Securosys S500)
  • 400 RSA-3072 per second
  • 200 RSA-4096 per second

Controls

  • 3 slots for Securosys Security Smartcards
  • 4 LEDs for system and interface status (multicolored)
  • 1 Liquid Crystal Display for management information
  • Panel for menu navigation and to trigger Built in Test Equipment (BiTE) and emergency erasure

Interfaces

  • 4 Ethernet RJ-45 ports 1 Gbit/s (rear)
  • 1 RS-232 management port (front)
  • 1 USB management port (front)

Power

  • Two redundant power supplies, hot pluggable, choice:
    • 100...240 V AC, 50...60 Hz
    • 36…75 V DC
  • Power consumption: 75W
  • Ultra capacitors for data retention

Safety Conformity (target)

  • IEC 60950
  • RoHS compliant

Electromagnetic Compatibility (EMC) (target)

  • Radiation measured according to EN 55022
  • Immunity: EN 55024

Environmental Test Specifications (target)

  • Temperature ranges (IEC 60068-2-1 Ad, IEC 60068-2-2 Bd): storage -25...+70 °C; operation 0...+40 °C (recommended 1..30°C)
  • Humidity (IEC 60068-2-78 Cab): 40 °C, 93% RH, non-condensing, 10 days; 8 days in operation

Reliability (target)

  • MTBF (RIAC-HDBU-217Plus) at tamb = 25 °C: 100 000 h

Dimensions (w × h × d)

  • 400 x 88 x 367 mm (fits 2U 19” EIA standard rack)

Didn't find what you were looking for?

Please find here our product overview or solutions overview page.

Contact us

Contact us if you want to know more about our products and offering.

Write us a message or request a call now
Language
Address

Max-Högger-Strasse 2
8048 Zürich
Switzerland

Phone

+41 44 552 31 00

Fax

+41 44 552 31 99

Copyright © 2023 Securosys SA. All rights reserved.