MySafeID Datasheet - Global Forte
MySafeID Datasheet - Global Forte
MySafeID Datasheet - Global Forte
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>MySafeID</strong> Certification Authority<br />
Self-Contained HW-Based CA for Enterprise Communities<br />
<strong>MySafeID</strong> from SPYRUS combines the proven performance of its LYNKS Series II CA Hardware<br />
Security Module (HSM) with high-assurance X.509 certification authority software to provide a costeffective<br />
solution for small to medium size enterprises. <strong>MySafeID</strong> is simple, portable, and flexible. The<br />
software CA works on any computer running Microsoft Windows XP—no need for a dedicated server,<br />
Active Directory or LDAP, or full Microsoft CA infrastructure—yet <strong>MySafeID</strong> can generate both the elliptic<br />
curve cryptography (ECC) certificates required for high-strength encryption and RSA certificates to<br />
support legacy applications.<br />
<strong>MySafeID</strong> provides a hardware-based chain of trust to ensure the security of encryption, digital<br />
signatures, and authentication in closed communities where a defined chain of trust is required but global<br />
certificate revocation status validation is not mandatory. <strong>MySafeID</strong> can also be integrated with an existing<br />
full PKI system to ensure global compliance. <strong>MySafeID</strong> takes security to the edge, wherever the edge<br />
may be located.<br />
LYNKS Series II CA HSM<br />
<strong>MySafeID</strong> includes a LYNKS Series II CA HSM in a choice of either PCMCIA or stackable USB versions.<br />
The LYNKS CA HSM generates keys and certificates that can be downloaded to a<br />
SPYRUS Hydra Privacy Card Series II or Rosetta Series II device. Up to 50 root CA<br />
keys and signing certificates of different key strengths and types can<br />
be stored on the tamper-resistant FIPS 140-2 LYNKS CA HSM.<br />
With the HSM Copy Utility, the LYNKS CA HSM can be cloned to create a locked-down<br />
replica as a backup CA, for auditing preparedness, or for disaster recovery.<br />
A Bridge to Tomorrow’s Cryptographic Support<br />
<strong>MySafeID</strong> is unique in its ability to generate keys and certificates for every public key<br />
cryptographic algorithm currently certified by the National Institute of Standards and<br />
Technology (NIST) as Federal Information Processing Standards (FIPS). Supported<br />
algorithms exceed the Suite B standards set by the U.S. National Security Agency for<br />
protecting certain classified information.<br />
ECC P-256<br />
ECC P-384<br />
ECC P-521<br />
The self-signed root CA certificate can be<br />
explicitly trusted by the defined security<br />
community. Software-generated user certificates are<br />
signed by the root CA and can be used for security<br />
operations such as signing and encrypting email, secure<br />
authentication, and Hydra PC encrypted file sharing.<br />
LYNKS CA HSM<br />
Up to 50 root<br />
certificates<br />
RSA-1024<br />
RSA-2048<br />
RSA-4096<br />
The easy-to-use software interface guides you through the certificate<br />
generation process, with no need for special IT staff or training.<br />
The responsibility for data protection starts at the lowest level within<br />
an organization, where day-to-day operations requiring open access<br />
can pose the greatest vulnerability to security. <strong>MySafeID</strong> makes it<br />
easier to safeguard sensitive information without interrupting your<br />
business.
Technical Specifications<br />
Supported Algorithms<br />
Elliptic Curve Cryptography (ECC) using the NIST curves in GF(p) (P-256, P-384, and P-521)<br />
ECDH and ECMQV Key Establishment per NIST SP 800-56A Key Establishment Guidelines<br />
ECDSA Digital Signature Algorithm<br />
Advanced Encryption Standard (AES) 128/192/256<br />
<br />
<br />
<br />
Secure Hash Algorithms: SHA-1 and SHA-224/256/384/512<br />
RSA 1024/2048 Digital Signature and Key Exchange Algorithms.<br />
(RSA-4096 supported on LYNKS Series II HSM for CA keys only)<br />
Two-key and three-key triple DES<br />
Security Certifications<br />
<br />
<br />
LYNKS Series II: certified for FIPS 140-2 Level 2 Overall, with Level 3 Physical<br />
Rosetta Series II and Hydra PC Series II: completing FIPS 140-2 Level 3 validation<br />
Standards Compliance<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Microsoft CryptoAPI, Microsoft Card Module, and PKCS #11 interoperability<br />
FIPS PUB 46 Data Encryption Standard<br />
FIPS PUB 180-2 Secure Hash Algorithm Standard<br />
FIPS PUB 186-2 Digital Signature Standard<br />
FIPS PUB 197 Advanced Encryption Standard<br />
SP 800-38A Block Modes of Operation<br />
SP 800-56A Key Establishment Guidelines<br />
SP 800-90 Random Number Generation<br />
Software Requirements<br />
<br />
Microsoft Windows XP SP2 or later<br />
Components<br />
LYNKS HSM dimensions:<br />
PCMCIA: 3.37” (85.60mm) x 2.126” (54.00mm) x .196” (4.98mm)<br />
USB: 3.64” (92.50mm) x 2.38” (60.50mm) x .385” (9.80mm)<br />
Optional HSM Copy Utility comes with software and backup LYNKS Series II HSM<br />
Note: Technical specifications may change without notice.<br />
SPYRUS, Inc.<br />
For additional details about SPYRUS products, visit www.spyrus.com or contact us at:<br />
USA +1 408 392-9131 info@spyrus.com<br />
Australia +61 7 3220-1133 info@spyrus.com.au<br />
© 2008 SPYRUS, Inc. All rights reserved. SPYRUS, the SPYRUS logos, Security to the Edge, Hydra Privacy Card, Hydra PC, <strong>MySafeID</strong>, and Rosetta are either registered<br />
trademarks or trademarks of SPYRUS in the United States and/or other countries. All other trademarks are the property of their respective owners. Individual SPYRUS<br />
products may embody technology protected by one or more of the following patents or patent applications: U.S. Pat. Nos. 6,088,802; 6,003,135; 6,981,149; 5,761,305;<br />
5,889,865; 5,896,455, 5,933,504; 5,999,626; 6,122,736; 6,141,420; 6,336,188; 6,487,661; 6,563,928; 6,618,483, U.S. Pat. Appl. Ser. Nos. 09/434,247; 09/558,256;<br />
09/942,492; 10/185,735; Can. Pat. Appl. Ser. Nos. 2176972; 2176866; 2202566; 2174261; 2155038; 2174260; E.P. Pat. Appl. Ser. No. 96201322.3; 97106114.8;<br />
96105920.1; 95926348.4; 96105921.9<br />
Document number 400-340001-02