Knet
KNET1

ENCRYPTION PORTFOLIO PRODUCTS

HSM NETWORK: kNET

Kryptus kNET is a FIPS and ICP-Brasil certified hardware security module (HSM) that protects critical applications protecting sensitive keys and software with top-level performance.
The native KMIP API allows direct TLS connection (no drivers required), and is the perfect fit for IoT, Cloud, and Blockchain applications.

PERFORMANCE

Up to 30,000 RSA 2048 TPS

SECURE CODE EXECUTION

The kNET enables customers to run their code in a tamper-proof environment

KMIP PROTOCOL

Full native KMIP support (v1.2, v1.3 and 1.4 – no drivers required)

VIRTUAL HSMs

Real insulation in multi-tenant scenarios

HIGH AVAILABILITY

Hot-Swap Dual power supply and Dual Gigabit Ethernet, load Balancing

CERTIFICATION

FIPS 140-2 Level 3+ (EFP/EFT) | ICP-Brasil NSH3/NSC3
| PCI Compliance|

KNET

kNET FOR PIX.
NEW INSTANT PAYMENT SYSTEM.

The Central Bank of Brazil (BCB) announced the PIX instant payment system, which allows financial transactions, such as payments and transfers, to be carried out in up to ten seconds and for 24 hours, unlike TED’s and Doc’s that take from hours to days to be carried out.

Kryptus kNET equipment is the best cost-effective choice for your Instant Payment System project, as it is the only Brazilian hardware security module, with international certification FIPS level 3, ICP Brazil and 100% compliance with the standards of the Brazilian Central Bank.

The national cybersecurity strategy itself in Decree No. 10.222, of February 5, 2020 in Article 2.3.1, recommends the adoption of international standards in the development of new products and the adoption of national encryption solutions.

Kryptus kNET

EASY TO MANTAIN.
ALWAYS AVAILABLE.

Kryptus kNET comes equiped with dual Hot-Swap redundant power supply and dual redundant Gigabit Ethernet ports.
Coolers are easy to replace with frontal access, and no need to open the casing.

TECHNICAL SPECIFICATION

Capabilities

Prepared for payment system
Prepared for XML signatures
Multi-tenant – Up to 50 Virtual HSMs
TLS 1.2 Encrypted Channel
Load balancing and High Availability support
Remote management via GUI
– Windows
– Linux
– OS X
Smartcard, USB token + PIN, User + Password and OTP (TOTP and HOTP)
Double authentication factor
authentication modes available
Software simulator for development and evaluation
Secure execution of customer code
SNMPv3 Monitoring (with traps)

Physical Specification

19” 1U form factor
1 x USB ports (Smart-Card, Token ,and external PIN pad)
Dual hot-swap power supply (100~240V)
Front-panel Dual Gigabit Ethernet Interfaces
Front-panel LCD Display
Front-panel Serial Console Port
Tamper-evident seals on external enclosure
Tamper-detection of external enclosure opening

Cryptography

Asymmetric
RSA (up to 8192 bits)
DSA
ECDSA (NIST and Brainpool)
EdDSA (Curve25519, Ed448-Goldilocks e E-521)

Symmetric
AES (ECB, CBC, CFB, OFB, CTR, GCM, CCM, XTS), HMAC
HMAC
DES e 3DES

Hash
SHA-1
SHA-2 (SHA-224, SHA-256, SHA-384 SHA-512, SHA-512/224, SHA-512/256
MD5
RIPEMD-160

Available APIs

Native KMIP Support – Versions 1.2, 1.3 and 1.4 – No drivers
needed
PKCS#11
Java (JCA/JCE)
Microsoft CNG / CAPI
Libs available in Java, C++(integrated and compatible with Microsoft Visual C version 6, JavaScript and Python

Performance

Up to 30,000 RSA 2048 Transactions per Second
Up to 7.5GB of storage available for Objects

Certification and Compliance

FIPS 140-2 level 3+ (EFP/EFT)
ICP-Brasil NSH3/NSC3
PCI Compliant
UL/FCC Compliant
RoHS Compliant
Common Criteria EAL 4+ augmented AVA_VAN.5 eiDAS (EN-419-221-5)*
*On-going

OTHER PRODUCTS

HSM USB: COMPACT HSM

HSM in compact form and USB connection, ideal for use internally in servers to accelerate and protect encrypted operations.

HSM PCIe: CHX3

Accelerator of encrypted operations in hardware with physical protection for installation via PCIexpress. Possibility to load proprietary algorithm into hardware.

SUPERTOKEN KEYGUARDIAN

High performance USB token with secure data storage and identity management features.

MT4: SECURE PASSWORD

Privileged Identity Management solution that stores, manages and monitors high privilege passwords for your IT assets.

TALK TO KRYPTUS  Whatsapp

  • Rua Maria Tereza Dias da Silva, 270 - Barão Geraldo - Campinas-SP - Brasil - CEP 13083-820
  • +55 (19) 3112 5000