Child pages
  • HSM Buyers' Guide

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Please note: a Common Criteria certification only has value if the Protection Profile is strict enough. Therefore, a Common Criteria certification can only really be trusted if the Protection Profile that was used for the evaluation is checked (this is very difficult for outsiders). Within the EU, the Protection Profile for Secure Signatured Signature Creation Devices (SSCD) (European standard CWA 14169) is a valuable profile for evaluation.

...

Feature

Required/Optional

PKCS #11 API

Required

MS CryptoAPI

Not required

OpenSSL engine support

Not required

Minimum key size ? 1024 bits

Required

Maximum key size ? 2048 bits

Required

RSA algorithm support

Required

DSA algorithm support

Optional

Symmetric algorithm support (AES, DES, etc.)

Optional

FIPS 140-2 (level 2 or 3)

Recommended*

Common Criteria (EAL 4 or up)

Recommended*

Backup mechanisms

Required

...