Click for homepage
Utimaco
  
← CryptWare
LAN
  
CryptoServer CSe
Hardware Security Module · PCIe

CryptoServer CSe is a Hardware Security Module (HSM) for Personal Computers (PC) and IP-based Local Area Network (LAN) equipment with PCIe expansion slots, developed around 2012 by the German company Utimaco. Depending on the implementation, it can be used for a variety of applications, including secure networking, harddisc encryption and key management systems.

The actual HSM is an in-house development of Utimaco and is the 4th generation of a family of HSMs that started life in 1990. Amoung other things, it contains a cryptographic processor, also known as a crypto engine or crypto heart, that contains the building blocks for a variety of public and proprietary encryption algorithms.

For security reasons, the HSM is cast in a strong two-component epoxy and covered by a metal shield. It is connected to the PCIe carrier board by means of a 30-wire flex strip. The PCIe card holds additional parts such as a backup battery.
  
PCIe card with Hardware Security Module (HSM)

The HSM is responsible for real-time encryption and decryption of the data that is offered by the external application software, but also has an on-board random number generator (RNG) that can be used for the generation of unique keys and signatures. Furthermore, it holds battery-backed memory (CMOS SRAM) in which cryptographic keys and passwords can be stored. The contents of the RAM are retained either by an on-board Lithium battery, or by an external one that is fitted elsewhere in the computer. In case of a security compromise, the contents of the SRAM can be purged by cutting the power from the battery to the SRAM. This is also known as ZEROIZING.

The cryptographic processor inside the HSM supports a wide variety of algorithms, including AES, Triple-DES, RSA, ECDSA and DSA, each of which can be used with various key lengths and in various modes. For further information please refer to the document listed under [A]. A good example of the use of this HSM, is the Utimaco CryptoServer LAN, which can be used for securing multi-site Local Area Networks (LAN) and is approved by several governments for sensitive data.

 More about CryptoServer LAN

PCIe card with Hardware Security Module (HSM)
HSM - bottom side
Connections and backup battery fitting at the rear panel, seen from the top
Connections at the rear end of the HSM card
A
×
A
1 / 4
PCIe card with Hardware Security Module (HSM)
A
2 / 4
HSM - bottom side
A
3 / 4
Connections and backup battery fitting at the rear panel, seen from the top
A
4 / 4
Connections at the rear end of the HSM card

Documentation
  1. CryptoServer CSe-Series, non-proprietary security policy
    2012-0009. Utimaco, 31 March 2021. Version 2.1.3.
References
  1. Anonymous, Utimaco CryptoServer CSe - THANKS !
    Crypto Museum, February 2023.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Saturday 18 March 2023. Last changed: Tuesday, 06 June 2023 - 18:34 CET.
Click for homepage