Products

HOME

Data Encryption

KeyGuard

KeyGuard Titan-Cy is an appliance hardware device dedicated to structure encryption processing for structure data encryption services such as DB encryption and bio-certified encryption, and provides the following encryption services with key storage and encryption acceleration modes.

  • Securely store encryption keys using encryption key storage engine
  • High-speed encryption service using encryption acceleration engine
  • Encryption key management service (GS 1st class, KeyManagement Software included)

Secure encryption key storage and ultra-fast password acceleration

  • Applying the NIS authentication (KCMVP) cryptographic module, the key is safely stored in the cryptographic key storage engine
  • Provides physical/logical mechanism for secure key protection
  • Transfer of password processing load of application server to Titna-Cy (reduction of application server workload)
  • Enhancement of encryption business service capability by performing standard encryption processing at high speed

Key storage function and acceleration performance criteria

  • Encryption key storage: up to 1024
  • Asymmetric cryptography acceleration : Up to 100,000tps (Transaction Per Seconds) based on RSA 2048Bit
  • Symmetric cryptographic acceleration : up to 100Gbps

Support algorithm

  1. 1. KCMVP verification algorithm
    * Symmetric Cipher
    DES, TDES, ARIA(128/192/256), AES(128/192/256)의 ECB CBC, CFB, OFB, CCM, GCM Operation mode support
    * Hash
    SHA-1, SHA-2(224/256/384/512), MDS
    * Authentication
    HMAC, CBC-MAC, CMAC, GMAC
    * Random Number Generation
    ISO/IEC 18031(2011), NIST SP 800-90, HASH_DRBG
    * Public Key Functions
    RSAES-PKCS-v1_5, RSAES-OAEP v2.1, RSASSA-PKCS v1.5 RSASSA-PSS, ECDSA, ECDH, KCDSA, EC-KCDSA
  2. 2. International Standard Algorithm
    (ISO/IES, NIST/FIPS PUB Mode)
    * Symmetric & Communication(3G/LET) Cipher
    AES(128,192,256), DES, 3DES, ARC4, Kasumi, Snow3G, ZUC
    * Hash
    SHA-1, MD5, SHA-2[SHA-224, SHA-256, SHA-384, SHA-512], SHA-3
    * Authentication Mode
    CMAC, HMAC, GMAC, AES-XCBC, AES-CCM/GCM, AES-XTS
    * Public Key Functions
    RSA(up to 4096bit), DH, DSA, ECDSA, ECDH, key derivation operation;
    Eliptic curve cryptography (ECDSA and ECDH, up to P256)
    * Random Number Generation (DRBG/NRBG)
    prime number testing

KeyGuard Titan-Cy Appliance H/W Security

  • Equipment open/close shield sticker attached
  • Interface lock function (Bezel Lock)
  • Specially made screw applied appliance disassembly prevention and trace check function
  • Key storage device memory chip destruction function (epoxy)
  • Master key automatic destruction function when power is cut off

Titan-Cy related HSM function and performance comparison by major product

Classification H/W based(HSM)
Titan-Cy nC product Sa product
country of manufacture Republic of Korea foreign foreign
Asymmetric acceleration performance (TPS or OPS) 100,000 or less / per second 20,000 or less / per second 15,000 or less / per second Based on RSA 2048 Bit
Storing and storing cryptographic keys Inside the HSM Save the applied server (external) key and load it into the HSM Inside the HSM
Domestic/foreign encryption module application KCMVP
(FIPS mode applicable))		 FIPS FIPS
CC certification Not applicable to domestic application products CC EAL4+ CC EAL4+
GS certification
(key management S/W module)		 GS 1st grade X X
HSM key storage memory 1GB No key storage inside HSM 2MB

Among HSM products, Titan-Cy is an HSM appliance device dedicated to structured data encryption acceleration that provides maximum performance of encryption/decryption business, securely isolates/protects encryption keys from application servers, and supports key lifecycle management (GS 1st class). (Titan-Cy: Encryption Key Management + Password Acceleration HSM)

* Contents of third-party products are referenced based on the open contents of each product, and please check with each company for details.