Product Features and Benefits
Compatible with existing software
Because it fully implements the PKCS#11 standard, it works out of the box with existing software like EJBCA (to protect Certificate Authority keys), Adobe Reader DC (for document signing and encryption), VPN servers and clients (ie. OpenVPN), Webservers (Apache), Database servers (Oracle), OpenSSH, Thunderbird (signing and encrypting emails), Firefox, Disk volume encryption (VeraCrypt), etc.
Multiple standards and API’s
Secure key storage
With eHSM you can import, create and store cryptographic keys safely. Keys are stored encrypted with master keys in tamper proof silicon that can only be unlocked with the user password. Its hardware and operating system free nature safeguards your keys from being stolen or copied without your knowledge.
This protects your keys from ransomware as well as malware and viruses.
eHSM supports RSA, ECDSA (with a wide range of elliptic curves), multiple symmetric algorithms (AES, DES3 etc.), HMACs as well as hashing and key wrapping.
This offers flexibility and support for a wide range of operational requirements as well as legislative compliance.
Secure key handling
Cryptographic operations are performed on the eHSM itself (when unlocked with a user PIN/password) - the keys never leave the secure module.
This prevents access to the keys even when a server is compromised either by external attacks or even employees with inside knowledge.
Our device logs all events and will stop certain functions if it finds that it has been tampered with and eventually destroy the keys it contains.
This provides an additional layer of security.
Our solution creates a secure tunnel between your applications and eHSM to protect data communicated while the HSM is in use.
To enhance its reach, eHSM can be securely shared on your network and thus provides access to applications across multiple physical and virtual servers.