The FIPS (Federal Information Processing Standard) Publication 140-2 developed by NIST is a U.S. government computer security standard used to prove the secure credentials of cryptographic modules. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. “For many organizations requiring certification, the NIST certification FIPS 140 level 3 has established itself as the standard in our industry and is required by multiple regulations,” states Christian Willemin, Head of Sales at Securosys. This achievement for Securosys has come at the right time as the company is celebrating its 5 year anniversary this April.
Special care has been taken in the Securosys Primus X-Series and E-Series HSMs to detect and prevent tampering as well as protect against side-channel attacks. The HSM is enclosed in a heavy aluminum casing with the critical portion additionally shielded. This results in exceptionally low electro-magnetic (EM) radiation with no detectable side-channel information present. Multiple tamper sensors ensure proper operation and handling of the Primus HSM. If triggered, they will erase all key material. Moreover, these tamper sensors are also in operation when the HSM is unpowered. So, even during transport and storage, the HSM is protecting itself against any attempt to manipulate it and will notify its owner when powered up again.
The Securosys Primus X-Series and E-Series HSMs are high performance tamper-proof network security appliances. They store cryptographic keys and provision encryption, decryption, authentication and digital signing services. They are essential to manage and provide protection for transactions, identities and applications. They are ideally suited for high and highest availability systems. Multiple systems can be grouped together even across different location to provide load balancing, fail-over, and geo-redundancy. Typical applications among many include public key infrastructure (PKI) and certificate authority (CA) systems, SSL-Security, IOT, DNS-Security, database encryption, email security, financial messaging and fintech systems, blockchain systems, and crypto currency custody.
The official certificate can be found on the NIST website under the following link: https://csrc.nist.gov/Projects/cryptographic-module-validation-program/Certificate/3430