1. Product Overview Sansec HSM is a special device developed and designed by Beijing Sansec Technology Development Co.,Ltd. (hereinafter referred to as Sansec), combined with the characteristics of domestic and foreign financial business applications. It’s mainly used for the host application layer to encrypt and decrypt data, verify message source correctness and do key management etc.
Page 3
The HSM supports sensitive data and key stored in the user storage area or key storage area, and also supports ciphered key stored in the local host. The key in the device is stored in cipher-text way.
Page 4
Pay related standards, and also compatible with the RACAL command set. We extend the RACAL command set, for supporting the SM cryptographic algorithms. Sansec HSM also provides a rich API interfaces, such as the API compatible with the 《Cryptographic device application interface specification》’s requirements, and also supports PKCS#11, JCE and CSP and other international standard interface.
3. Technical Specifications 3.1. Main functions Encryption / decryption for all kinds of application layer data Message integrity protection (MAC calculation and verification) Protection of transaction validity (TAC calculation and verification) Protection of personal PIN code (PINBLOCK encryption, conversion, verification) VISA PIN and Card Verification Key Encryption, derivation and translation, etc.
Agricultural Bank of China During the domestic cryptographic algorithm transformation project of China Agricultural Bank, Sansec HSM is applied in the key management system in the card issuing process and the front-system in the ATM transaction. It provides key generation, data encryption and decryption of national SM algorithms and...
Page 8
CA root certificate, certificate requirement management, providing IC card key, certificate data, etc. Sansec HSM is mainly used to provide IC card key pair and symmetric key derivation for data preparation system.