YubiKey YubiHSM 2 FIPS (GTIN: 5060408464557)

RM5,893.00

YubiKey YubiHSM 2 FIPS (GTIN: 5060408464557)

Product Family : Data Security
Brand Name : Yubico
Ask us via Whatsapp!
Categories: ,

High quality

Built to last. IP68 rated (water and dust resistant), crush resistant, no batteries required, no moving parts.

Rapid Integration, Easy Management 

Custom application support using open source libraries. Interfaces via YubiHSM KSP, PKCS#11, and native libraries.

Form-factor

“Nano” for discrete in-port retention. USB-A connector for standard 1.0, 2.0 and 3.0 ports. Designed for low-power usage.

Securely manufactured

From component sourcing through manufacturing, Yubico ensures the highest levels of security. Made in the USA & Sweden.

NIST Certification

FIPS 140-2 validated (Overall Level 2, Physical Security Level 3.

Operating System Support

Windows, Linux, macOS

Cryptographic interfaces (APIs)

  • Microsoft CNG (KSP)
  • PKCS#11 (Windows, Linux, macOS)
  • Native YubiHSM Core Libraries (C, python)

Cryptographic capabilities

Hashing (used with HMAC and asymmetric signatures)

  • SHA-1, SHA-256, SHA-384, SHA-512

RSA

  • 2048, 3072, and 4096 bit keys
  • Signing using PKCS#1v1.5 and PSS
  • Decryption using PKCS#1v1.5 and OAEP

Elliptic Curve Cryptography (ECC)

  • Curves: secp224r1, secp256r1, secp256k1, secp384r1, secp521r, bp256r1, bp384r1, bp512r1, curve25519
  • Signing: ECDSA (all except curve25519), EdDSA (curve25519 only)
  • Decryption: ECDH (all except curve25519)

Key wrap

  • Import and export using NIST AES-CCM Wrap at 128, 196, and 256 bits

Random numbers

  • On-chip True Random Number Generator (TRNG) used to seed NIST SP 800-90 AES 256 CTR_DRBG

Attestation

  • Asymmetric key pairs generated on-device may be attested using a factory certified attestation key and certificate, or using your own key and certificate imported into the HSM

Storage capacity

  • All data stored as objects. 256 object slots, 128KB (base 10) max total
  • Stores up to 127 rsa2048, 93 rsa3072, 68 rsa4096 or 255 of any elliptic curve type, assuming only one authentication key is present
  • Object types: Authentication keys (used to establish sessions); asymmetric private keys; opaque binary data objects, e.g. x509 certs; wrap keys; HMAC keys

Management

  • Mutual authentication and secure channel between applications and HSM
  • M of N unwrap key restore via YubiHSM Setup Tool

Software Development Kit

Software Development Kit for YubiHSM 2 is available for download on Yubico.com and includes:

  • YubiHSM Core Library (libyubihsm) for C, Python
  • YubiHSM Shell (Configuration CLI)
  • PKCS#11 Module
  • YubiKey Key Storage Provider (KSP) for use with Microsoft
  • YubiHSM Connector
  • YubiHSM Setup Tool
  • Documentation and code examples

Physical characteristics

  • Form factor: ‘nano’ designed for confined spaces such as internal USB ports in servers
  • Dimensions: 12mm x 13mm x 3.1mm
  • Weight: 1 gram
  • Current requirements 20mA avg, 30mA max
  • USB-A plug connector

Safety and environmental compliance

  • FCC
  • CE
  • WEEE
  • ROHS

Host interface

  • Universal Serial Bus (USB) 1.x Full Speed (12Mbit/s) Peripheral with bulk interface.

Related products