nShield Edge Options
The nShield Edge is available in FIPS 140-2 Level 2 and Level 3 variants. A non-FIPS Developer Edition is also offered, providing a low-cost mechanism for engineers to develop applications that will ultimately be deployed on FIPS-certified nShield Solo or Connect devices, and where the higher performance of those devices is not required in a development environment.
Using the CipherTools Developer Toolkit, developers take full advantage of the advanced integration capabilities available for the nShield HSM family when applying custom applications. The Toolkit includes detailed tutorials, reference documentation, sample programs written in a range of high level languages, and additional libraries to expand capabilities for integration with applications beyond those that can be achieved by the standard application program interfaces (APIs).
nShield HSMs offer a large number of cryptographic algorithms as part of the standard feature set, including AES, DSA and RSA. Organizations who want to take advantage of the next-generation elliptic curve algorithms can enhance their HSMs by adding the ECC Activation. While all nShield HSMs can process elliptic curve cryptography with this option pack, users of the nShield 500 PCI cards will additionally benefit from hardware acceleration.
Highly sensitive areas of government and enterprises with a strong interest in national security sometimes prefer to use proprietary, national cryptographic algorithms to protect their most sensitive information. Given these security concerns, it is advantageous to run such algorithms on a secure HSM platform. The KCDSA Activation enables South Korean agencies to use the Korean Certificate-based Digital Signature Algorithm (KCDSA) on an nShield HSM. Thales recommends CodeSafe technology to organizations that wish to implement their own national algorithms on the protected HSM platform.
* Only one of these CodeSafe applications can be run on a single HSM.