Editions
Dedicated HSM provides instances of the standard edition and platinum edition (Chinese mainland). For details, see Table 1.
The items with an asterisk (*) vary according to the device model. Contact the customer service personnel for details.
| Function | Description | Standard Edition - Virtual Sharing | Platinum Edition (Chinese Mainland) - Exclusive Use |
|---|---|---|---|
| Exclusive chip for encryption | Provides you with exclusive chips for data encryption in the cloud, ensuring hardware isolation while maintaining your service performance. | Supported | Supported |
| Full service support | Supports application security, such as financial payment, identity authentication, and digital signature, meeting your stringent requirements for data and system security. | Supported | Supported |
| Scalable | Allows you to easily and flexibly add and reduce password computing resources based on your service needs. | Supported | Supported |
| High reliability | Back-end hardware devices can be deployed in the HA mode (active/standby) to achieve high reliability (requiring two instances). | Supported | Supported |
| Compatibility | Provides the same functions and interfaces as physical password devices to facilitate migration to the cloud. Supported APIs are listed as follows: PKCS#11, CSP, JCE, and GM/T 0018-2012 SDF | Supported | Supported |
| Exclusive subrack and power supply | Provides you with exclusive HSM subrack and power supply. | Not supported | Supported |
| Dedicated network | Provides dedicated network bandwidth and API resources. | Not supported | Supported |
| FIPS 140-2 certification | Uses FIPS 140-2 certified level 3 HSMs to generate and manage encryption keys. | Not supported | Not supported |
| Common algorithms | Symmetric algorithm | AES | AES |
| Asymmetric algorithm | RSA (1024, 4096) * | RSA (1024, 4096) * | |
| Digest Algorithm | SHA1, SHA256, and SHA384 | SHA 1, SHA 256, and SHA 384 | |
| Chinese national cryptographic algorithms | Symmetric algorithm | SM1, SM4, SM7 * | SM1, SM4, SM7 * |
| Asymmetric algorithm | SM2 | SM2 | |
| Digest algorithm | SM3 | SM3 | |
| General algorithm performance | RSA 2048 signature verification computing performance | 3,500 TPS | 40,000 TPS |
| RSA 2048 signature computing performance | 400 TPS | 4,000 TPS | |
| Chinese national cryptographic algorithms performance | SM1 encryption computing performance | 600 TPS | 15,000 TPS |
| SM2 signature computing performance | 3,000 TPS | 80,000 TPS | |
| SM2 signature verification computing performance | 2,000 TPS | 15,000 TPS | |
| SM7 algorithm performance | 1,000 TPS * | 1,000 TPS * | |
| Data communication | Maximum number of concurrent connections of the TCP/IP | 64 | 2,048 |
Last Article: Application Scenarios
Next Article: Security
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.