<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
90-Day CloudHSM Free Trial – Experience Securosys CloudHSM without commitment.
Start your Free Trial
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM X Cyber Vault Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings HashiCorp Vault S365 DKE - add-in for Microsoft 365 Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Docker Image Security
Partners
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
Contact us
  • There are no suggestions because the search field is empty.

Challenge

Acquiring an HSM solution that maintains stringent security standards while staying within budget can be challenging. HSMs are crucial for safeguarding sensitive cryptographic keys and performing critical security functions, but they often come with a significantly high price tag. Finding the right balance between the need for robust security and cost-efficiency is key.

 

 

Solution

Solution

Primus E-Series HSMs offer an optimal solution for moderate scale HSM requirements where cost sensitivity is paramount. Primus E-Series HSMs do not compromise in regards of performance capabilities, functionality or usability. The Primus E-Series HSM is built as network appliance level and can serve as a cost-effective alternative to traditional PCI-e card HSMs, without the need and headache of additional surrounding hardware and software operation causing additional points of failure and costs.

Primus E-Series HSMS are available in three performance classes and are capable of in-field upgrades to the next performance level without the need to acquire a higher performance level device.

Solution

Key Benefits

lock-cyberweb-b&w-2
Seamless Integration and Multi-Tenancy
E-Series HSMs offer integration via different, fully documented API’s (PKCS#11, CNG, Java, REST) and offer multi-tenant configurations for up to 50 partitions. Primus HSMs integrate effortlessly into any network environment, ensuring secure access for diverse applications in parallel.
Locket-shields-b&w
Comprehensive Cryptographic Support
Primus HSMs support a wide range of cryptographic algorithms, including symmetric (like AES and 3DES), asymmetric (like RSA), cryptographic hash algorithms (like SHA-2, SHA-3), or PQC, ensuring robust security for diverse encryption needs.
locket-circle-blocks-b&w
Network-Attached Versatility
Functioning as network-attached devices, it eliminates compatibility issues commonly associated with PCIe card HSMs. This versatility enables effortless integration into various operating systems and environments without any hassle.
blocks-b&w-3
Scalable Access
There's no limit to the number of users and clients that can securely access the Primus E-Series HSM, ensuring effortless expansion for your organization.
shield-locket-b&w
Robust Tamper Protection
Maintain data integrity during transport, storage, and operation with advanced tamper protection measures that exceed FIPS and Common Criteria certification requirements.
shield-tools-locket-b&w
Rapid Deployment and Low Maintenance
With a user-friendly setup wizard, the Primus E-Series HSM offers quick setup, easy configuration and operation, reducing setup time and lowering operational and maintenance costs.
map-circles-b&w
Scalability on Demand
Easily upgradable from E20 to E60 and E150 with a simple license update, Primus HSMs provide scalability for evolving performance needs.
shield-b&w
Continuous Transport Protection
Tamper sensors remain active even when the HSM is unpowered, ensuring ongoing protection during transit or storage. Any attempt at manipulation triggers alerts upon power-up.
Key Differentiators
Primus HSM E-SEries

Unbeatable Price/ Performance ratio

The Primus E-Series HSM delivers the functionality of full network appliances at a price comparable to PCIe card HSMs, but without their limitations or drawbacks.

In-built Security

High availability, clustering, automatic failovers, and load balancing at local or in a worldwide set-up is in-built in the HSM and does NOT require the installation of any additional software outside the HSM.

Swiss Made

Crafted entirely in Switzerland, Securosys Primus HSMs embody unmatched quality and reliability. Free from external influences, our Swiss-made HSMs guarantee the highest standards from development to production, ensuring unparalleled security solutions.

Use Cases

colourful-background-patterns-6 Certification Authority (CA) Operations The Primus E-Series HSM is an ideal solution for Certification Authority (CA) operations where high performance is not the primary concern, but ample storage space is crucial. With up to 6GB of storage, the E-Series HSM securely manages large volumes of cryptographic keys and certificates, ensuring the integrity and confidentiality of CA processes.
colourful-background-patterns-4 Public Key Infrastructure (PKI) and Key Management System (KMS) Environments The Primus E-Series HSM provides secure key generation, storage, and management, ensuring the integrity and confidentiality of cryptographic keys essential for PKI and KMS environments.
colourful-background-patterns-9 Certificate Management Safeguard the entire certificate lifecycle, from issuance to revocation, with the Primus E-Series HSM, ensuring trust and authenticity in digital communications.
colourful-background-patterns Protection of the Blockchain Secure blockchain operations by leveraging the Primus E-Series HSM to protect private keys and ensure the authenticity of blockchain transactions. Learn more colourful-background-patterns-8 Smart Metering Enhance the security of smart metering systems by using the Primus E-Series HSM to securely store and manage cryptographic keys, ensuring the accuracy and integrity of metered data. Learn more colourful-background-patterns-6 Crypto Operations (cold and hot wallets) The Primus E-Series HSM offers secure key storage and management, critical for safeguarding crypto assets in both cold and hot wallet environments. Learn more
colourful-background-patterns-4 Identity Access Management (IAM) and Privileged Access Management (PAM) Ensure secure identity verification and access control by using the Primus E-Series HSM to manage cryptographic keys that protect sensitive user credentials and privileged access.
colourful-background-patterns-9 Cloud Access Protection (Microsoft BYOK, AWS XKS, Salesforce, CASB, etc.) The Primus E-Series HSM enables secure cloud operations by managing keys used in Bring Your Own Key (BYOK) scenarios, external key stores, and other cloud-based encryption services.
colourful-background-patterns Docker Signing, Code Signing, Document Signing Maintain the integrity and authenticity of software and documents with the Primus E-Series HSM, which securely manages the cryptographic keys used in signing processes.
colourful-background-patterns-8 eIDAS, ZertES, or QSCD Operations Comply with European and Swiss digital signature regulations by using the Primus E-Series HSM to securely manage Qualified Signature Creation Devices (QSCD) for eIDAS and ZertES operations.
colourful-background-patterns-6 Database Security Protect sensitive data within databases by using the Primus E-Series HSM to manage encryption keys, ensuring data remains secure both at rest and in transit.

Technical Specifications

01
Security Features
02
Networking Features
03
Technical Data
01
Security Features
Security Architecture
  • Multilevel security architecture
  • Internal hardware supervision for error-free operations
Encryption /
Authentication (extract)
  • 128/192/256-Bit AES
    with GCM-, CTR-, ECB-, CBC-, MAC-mode
  • Camellia, 3DES (legacy), ChaCha20-Poly1305, ECIES
  • RSA 1024-8192, DSA 1024-8192
  • ECDSA 224-521, GF(P) arbitrary curves (NIST, Brainpool,...)
  • ED25519, Curve25519
  • Diffie-Hellman 1024-4096, ECDH
  • SHA-2/SHA-3 (224-512), SHA-1, RIPEMD-160, Keccak
  • HMAC, CMAC, GMAC, Poly1305
  • Post-Quantum Cryptographic (PQC) algorithms option CRYSTALS-Dilithium, CRYSTALS-Kyber, SPINCS+
Key Generation
  • Two hardware true random number generators (TNRG)
  • NIST SP800-90 compatible random number generator
Key Management
  • Key capacity: up to 6 GB
  • E150 up to 50 partitions @ 120 MB capacity
  • E60/E20 up to 10 partitions @ 120 MB capacity
Operation
  • Number of client connections not restricted
  • Unlimited number of backups
Anti-Tampering Mechanisms
  • Several sensors to detect unauthorized access
  • Active destruction of key material and sensitive data on tamper
  • Transport and multi-year storage tamper protection by digital seal
Attestation and Audit Features
  • Cryptographic evidence of audit relevant parameters (keys, configuration, hardware, states, logs, time-stamping)
Identity based authentication
  • Multiple security officers (m out of n)
  • Identification based on smart card and PIN using Decanus Terminal, or through virtual smart card
02
Networking Features
03
Technical Data

Resources

Primus HSM E-Series Factsheet