<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
90-Day CloudHSM Free Trial – Experience Securosys CloudHSM without commitment.
Start your Free Trial
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM X Cyber Vault Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings HashiCorp Vault S365 DKE - add-in for Microsoft 365 Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Docker Image Security
Partners
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
Contact us
  • There are no suggestions because the search field is empty.

Challenge

Companies requiring digital identity applications with qualified certificates and signatures often struggle withensuring the trusted issuance of certificate keys. Currently, this involves undergoing costly and complex key ceremony procedures that must be audited and approved by a certification authority. Additionally, securely managing these identity keys is both expensive and unscalable. This process requires trust that the audited procedures are consistently applied to all newly generated keys, adding complexity to the process.

3D-lockets-platforms-colourful

Solution

With the Securosys Key Attestation feature, you achieve cryptographic verification of your keys and their attributes through a chain of trust originating from our root certificate. This allows you to automate the key ceremony audit process, enabling trusted issuance of digital identity keys on a virtually limitless scale.

By leveraging Key Attestation, you significantly reduce the costs and complexity associated with public certificate key ceremonies and key distribution. This solution not only saves money but also greatly enhances the scalability and efficiency of your digital identity applications, providing you with a seamless and reliable experience.

3D-lockets-platforms-colourful

How does it work?

Each Primus HSM is CC EAL4+ certified. The device autonomously generates an intermediary (device) key, which is then signed by the root key. This intermediary key is subsequently used to sign the attestation and timestamp keys created for each partition.

  • Attestation Key: Validates the origin and attributes of newly generated keys, affirming they were created on the specific HSM.
  • Timestamp Key: Generates certified signatures and supports applications incorporating time-based key attributes.

This system allows digital identity applications to autonomously generate and validate user or device identities and certified signatures without the need for additional procedures or external authorities. It ensures the origin of keys and secures hardware with minimal additional costs, effortlessly scaling for IoT and personal identity applications.

Download the Root Certificate

 

Key Benefits

shield-tools-locket-b&w
Simple Integration
Easily verify the origin of root keys and certificates without additional overhead.
shield-b&w
Highest Security Standard
Identity and signature keys remain securely within the HSM, and are never exposed externally.

Use Cases

colourful-background-patterns-13 Issuing Root PKI Keys With Securosys Key Attestation, your keys and their attributes are securely verified through a chain of trust linked to our root certificate. This process ensures reliable issuance of digital identity keys, allowing for scalability without limits.
colourful-background-patterns-11 Simplifying Key Ceremonies Securosys Key Attestation streamlines the process of public certificate key ceremonies and key distribution, cutting costs and reducing complexity.
colourful-background-patterns-14 Certifying Keys for Code Signing Ensuring keys used for code signing are securely stored in an HSM is now a requirement. Securosys Key Attestation provides the necessary proof and assurance.

Resources

Key Attestation Solution Brief Download Root Certificate