manualshive.com logo in svg

Sansec HSM, User Manual

Halton HSM user manuals are essential for getting the most out of your Halton product. Download the manual for free from our website to access important instructions and information for proper usage. Get the most comprehensive guidance on operating your Halton HSM product by downloading the manual today.

Share
Download
background image

Sansec HSM User Manual V2.2 

 

21 

7.

 

Key Management 

7.1.

 

Key Initialization 

This operation destroys all keys and user information in the cryptographic device. 

Key initialization: 

----------- 

Please be careful, because this operation destroys all keys and user information in the device. 

 
Please input “YES” to decide [Quit(Q)] [Return(R)]> 

<!>Safety reminder

This function is used not only to reset the initial state of the 

cryptographic device, but also to destroy all keys and user files in the device. 

7.2.

 

Setting Local Master Key 

This operation is used to generate a new master key to ensure the security of other 

keys. Three key fragments need to be entered to set up the master key; and the HSM will 

automatically synthesize the master key internally. 

Setting local master key: 

----------- 

Please select the type to setting. 

      _|___________________________________ 

      1|    Randomly setting local master key. 

      2|   

  Synthesizing local master key by key fragments.

 

      3|    Viewing the check value of local master key. 

<!>Safety reminder

Please keep the key fragments separate and secure.

 

7.3.

 

RSA Key Management 

7.3.1.

 

Generate Key Pair 

The  device  supports  one  RSA  key  pairs  for  each  index  location.  The  steps  are  as 

follows: 

a)

 

Specify the key location according to the prompted key index range.   

Generate RSA key pair: 

------------------ 

Generate new RSA key pair according to key index. 

 

Please input the key index(1-100)(Default index[1]), or [Return(R)] [Next Step(N)]>11 

Summary of Contents for HSM

Page 1: ...Sansec HSM User Manual v2 2 Beijing Sansec Technology Development Co Ltd July 2016...

Page 2: ...company makes no express or implied warranties including the content of the manual on merchantability or implied warranties for the specific purpose In accordance with the copyright laws of China our...

Page 3: ...mation 12 5 4 Viewing Modifying Network Configurations 13 5 5 Viewing Modifying Financial Application Parameters 13 5 6 View management audit log 13 6 Authority Management 15 6 1 Viewing Login Status...

Page 4: ...Key Generation 25 7 6 2 Key Generation Via Synthesizing Key Segments 26 7 6 3 Key Deletion 28 7 6 4 View Key State 28 7 6 5 View Key Verification Value 28 7 7 Backup and Recovery 28 7 7 1 Key Backup...

Page 5: ...cteristics applicable to all types of financial information systems especially for cross regional and cross agency financial transaction systems to provide data encryption and security protection It c...

Page 6: ...and storage of ECDSA key pair with the curve P 256 P 384 P 521 Support a variety of Public Key Cryptography Standards such as PKCS1 ANSIX9 31 EMV2000 etc Support RSA ECDSA SM2 signature and verificati...

Page 7: ...d development are based on a high stability optimized dedicated operating platform Hardware design stratifies FIPS140 2LEVEL3 standard so it has high security Support hierarchical authority management...

Page 8: ...components At least two random or pseudo random parameters with key features of the encryption key The cryptographic key is made through a combination of one or more of such parameters Key segmentati...

Page 9: ...ys The keys used by a group of specific entities when using symmetric cryptography Session key Key of the lowest layer within the key management system The key is only used for a session within a limi...

Page 10: ...For more information refer to section 6 s administrator guide chapter 6 5 and operator guide chapter 6 6 f Modify PIN password For more information refer to section 6 s modify user password chapter 6...

Page 11: ...etwork configuration chapter 5 4 l Service management and configuration For more information refer to section8 s Service management m Backup and recovery For more information refer to section 7 s Back...

Page 12: ...4 2 Device management a Use the serial port control cable to connect the HSM to a personal computer with Windows operating system installed b Run the HyperTerminal tool that comes with the Windows op...

Page 13: ...e terminal press any key the shell interface will appear 4 3 Start up Management Program a Connect to the HSM b Run management program execute the hsmm command to start the Sansec HSM management progr...

Page 14: ...ervice 6 Backup and Recovery Back up the key information to file or restore key information from file to cryptography module 7 Installation Guide Complete the basic configuration of HSM according to t...

Page 15: ...ate ECDSA key pairs and save them into the device h SM2 key management Generate SM2 key pairs and save them into the device i Network configuration View or modify networking configuration parameters o...

Page 16: ...EC 2 Product Model secHSM V2 3 Product No SJ6A21 SC9EDLR 4 Serial No 2015040714501174 5 Version v2 00 0001 5 2 Viewing Modifying Device Maintenance Information Users can view or modify device maintena...

Page 17: ...t mask 255 255 255 0 3 Default gateway 192 168 1 1 4 Enable the above configuration immediately Select the function to be performed or Quit Q Next Step N 5 5 Viewing Modifying Financial Application Pa...

Page 18: ...017 09 04 14 12 13 swhsm start hsmm success 2017 09 04 14 12 20 swhsm start hsmm success 2017 09 04 14 12 55 swhsm Administrator 3 log in success 2017 09 04 14 13 35 swhsm Administrator 2 log in succe...

Page 19: ...in the administrator or operator token in the direction indicated and enter the PIN to gain access to the token User login Insert the user s token into the USB port in the correct direction and input...

Page 20: ...ogin status which is enough for running the financial data HSM cryptographic services and status monitoring function 6 4 Modify User Password a Insert the administrator token in the USB port indicated...

Page 21: ...afety reminder The device supports up to 5 administrators To ensure security it is recommended to have at least 3 administrators Safety reminder The default passwords of all the user tokens are initia...

Page 22: ...e of the operators and the login passwords saved in the device After this operation is completed all existing operators will be deleted so the Add operator function will be needed to run in order to a...

Page 23: ...gin passwords saved in the device After this operation is completed all existing auditors will be deleted so the Add auditor function will be needed to run in order to add new auditor to the system Up...

Page 24: ...for viewing the system management service management and other functions 2 Viewing permission for management privilege The privilege for viewing administrators and operators and other functions 3 Vie...

Page 25: ...keys Three key fragments need to be entered to set up the master key and the HSM will automatically synthesize the master key internally Setting local master key Please select the type to setting _ _...

Page 26: ...48 Generating RSA key pair with index 1 and 2048 bits successful Select Quit Q Return R Previous Step P 7 3 2 Key Pair Deletion Follow the prompts to enter the key index and delete the RSA key pair fo...

Page 27: ...ystem protection key Generating SM2 key pair with index 11 and 256 bits successful 7 4 2 Key Pair Deletion Based on the prompt input the key index and delete SM2 key pair in the specified location Thi...

Page 28: ...bit size of the key from 256 bits to 521 bits _ ___________________________________ 1 256 2 384 3 521 Select bit size of the key Default 256 or Quit Q Return R Previous Step P Next Step N 1 c The gene...

Page 29: ..._ _______________________________________________________________________ 1 521 521 384 384 11 256 256 256 256 7 6 Symmetric Key Management This is to manage various symmetric keys saved in the HSM Sy...

Page 30: ...choose the 3DES or 3DES variant in the above step please select the key strength Select the bit size of the key from 64 bits to 192 bits _ ___________________________________ 1 64 2 128 3 192 Select b...

Page 31: ...7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Check value is 8ca64de9c1b123a7 c Verify whether the key ciphertext is needed to be exported or not and if it does then ente...

Page 32: ...the symmetric key with index 200 7 6 4 View Key State View the existing key information 1 128 X 128 S 128 U 9 17 25 33 41 49 57 65 73 81 89 97 7 6 5 View Key Verification Value Input key index view ke...

Page 33: ...egment Please select an administrator USB token to insert the USB port in the correct direction and enter the protection password Please enter USB token password or Quit Q 3 Output the second backup k...

Page 34: ...topped and the backup file will be deleted from HSM Please seriously manage backup file and USB tokens Please select Quit Q Return R 7 7 2 Key Recovery Run the recovery wizard to synthesize the key se...

Page 35: ...strator USB token to insert the USB port in the correct direction and enter the protection password Please enter USB token password or Quit Q 4 Import the second backup key segment Please select anoth...

Page 36: ...vice automatically start up at boot The 0 indicates that the service does not automatically start up at boot 3 Session timeout minutes 100 In order to prevent the idle service caused by the abnormal s...

Page 37: ...boot Yes Y No N or Quit Q Return R b After completing the parameter modification press the Enter key to save the modified configuration Select the item to be modified or Quit Q Return R Save S s Succ...

Page 38: ...t Safety reminder If the white list is empty it means this function is disabled However for safety reasons it is recommended not to disable this function Reminder If the service has been started the n...

Page 39: ...or None Add administrator Super administrator Delete administrator Super administrator Add operator Super administrator Delete operator Super administrator Set system protection key Super administrato...

Page 40: ...er cord near entrances or exits to avoid being trampled 8 When using extension cord please pay attention to its power load The total electricity consumption of devices attached to the same extension l...

Page 41: ...e product is accidentally dropped on the ground or the shell has any damage e When product features change significantly which indicates a need for maintenance Appendix C Technical Support If you have...

Page 42: ...Sansec HSM User Manual V2 2 38...

Reviews:

No comments

Related manuals for HSM

Paradyne FrameSaver SLV 9126 Installation Instructions Manual preview
FrameSaver SLV 9126
Brand: Paradyne Pages: 24
Hi-flying HF2221 User Manual preview
HF2221
Brand: Hi-flying Pages: 29
Avaya Virtual Services Platform 7000 Series Troubleshooting Manual preview
Virtual Services Platform 7000 Series
Brand: Avaya Pages: 103
IBM HS21 XM BLADECENTER - L5408 FOR SPEC CPU2006 Supplementary Manual preview
HS21 XM BLADECENTER - L5408 FOR SPEC CPU2006
Brand: IBM Pages: 1
Ovislink AirLive WP-203G User Manual preview
AirLive WP-203G
Brand: Ovislink Pages: 132
TYAN Transport TX46 (B4985) Service Service Manual preview
Transport TX46 (B4985) Service
Brand: TYAN Pages: 75
Buffalo TERASTATION HS-D1.0TGL/R5 Technical Specifications preview
TERASTATION HS-D1.0TGL/R5
Brand: Buffalo Pages: 2
Supermicro SuperServer 7089P-TR4T User Manual preview
SuperServer 7089P-TR4T
Brand: Supermicro Pages: 155
Supermicro SuperServer 1029P-MT User Manual preview
SuperServer 1029P-MT
Brand: Supermicro Pages: 123
Supero SUPERSERVER 7045W-NTR+ User Manual preview
SUPERSERVER 7045W-NTR+
Brand: Supero Pages: 146
HP ProBook 4320t Administrator'S Reference Manual preview
ProBook 4320t
Brand: HP Pages: 94
HP Integrity rx5670 Site Preparation Manual preview
Integrity rx5670
Brand: HP Pages: 46
HP mt245 Maintenance And Service Manual preview
mt245
Brand: HP Pages: 98
HP NetServer AA 4000 Installation Manual preview
NetServer AA 4000
Brand: HP Pages: 82
HP MultiSeat t150 Hardware Reference Manual preview
MultiSeat t150
Brand: HP Pages: 25
HP HPE ProLiant ML30 Gen9 User Manual preview
HPE ProLiant ML30 Gen9
Brand: HP Pages: 112
HP mt40 Product End-Of-Life Disassembly Instructions preview
mt40
Brand: HP Pages: 28
HP PA-8600 Specification preview
PA-8600
Brand: HP Pages: 56

Brands by name

Popular brands

Load more brands