Skip Navigation
  • Overview

    The Luna G5 for Government is a small form factor HSM that is widely used by government agencies for data, applications and digital identities to reduce risk and ensure regulatory compliance.  Derived from industry-leading technology, the FIPS 140-2 certified Luna G5 for Government is manufactured, sold, and supported exclusively by SafeNet Assured Technologies.

    Luna G5 for Government delivers industry leading key management in a small and portable form factor. All key material is maintained exclusively within the confines of the hardware. The small form-factor and offline key storage capability sets the product apart, making it especially attractive to customers with business critical keys that need to physically detach and store the HSM in a secure offline environment.

    Tamper Recovery Role

    The Luna G5 for Government features sophisticated tamper detection and response circuitry to automatically zeroize internal keys in the event of an attempted attack on the HSM. Balancing this extreme security posture with end user ease of use concerns, the Luna G5 for Government includes a capability for properly authenticated security officers to recover from an inadvertent tamper event and quickly put the HSM back into its usable state without the loss of any keys or sensitive data.

    Secure Transport Mode

    The G5 tamper response circuits have also allowed the introduction of a secure transport mode. Security Officers use the device’s tamper recovery role keys to cryptographically lock down the HSM prior to transporting the device.

    Cryptographic Capabilities

    Luna G5  for Government supports a broad range of asymmetric key encryption and key exchange capabilities, as well as support for all standard symmetric encryption algorithms. It also supports all standard hashing algorithms and message authentication codes (MAC). The Luna G5 for Government also supports ECC key pairs for use in Suite B applications that require a permanent, factory generated digital ID.

    Performance and Scalability

     

    Algorithm

    Model

    RSA-1024

    200

    RSA-2048

    63

    ECC P256

    43

    ECIES

    20

    AES-GCM

    71

  • Features and Benefits

    Most Secure

    • Keys in hardware
    • Remote management
    • Secure transport mode for high-assurance delivery
    • Multi-level access control
    • Multi-part splits for all access control keys
    • Intrusion-resistant, tamper- evident hardware
    • Suite B algorithm support
    • Secure decommission
    • Secure audit logging
    • Strongest cryptographic algorithms

    Sample Applications

    • PKI key generation & key storage (online CA keys & offline CA keys)
    • Certificate validation & signing
    • Document signing
    • Transaction processing
    • Database encryption
    • Smart card issuance
  • Technical Specifications

    Operating System Support

    • Windows, Linux

    Cryptographic APIs

    •  PKCS #11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL

    Cryptography

    • Full Suite B support
    • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
    • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
    • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
    • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)

    Physical Characteristics

    • Dimensions: 8.5” x 6.675” x 1.7” (215.9mm x 169.545mm x 43.18mm)
    • Weight: 3.3lb (1.5kg)
    • Input Voltage: 100-240V, 50-60Hz
    • Power Consumption: 26W maximum, 20W typical
    • Temperature: operating 0°C - 35°C, storage -20°C - 70°C
    • Relative Humidity: 20% to 95% (38%C) non-condensing

    Safety and Environmental Compliance

    • UL, CSA, CE
    • FCC, KC Mark, VCCI, CE
    • RoHS, WEEE

    Host Interface

    • USB 2.0

    Reliability

    • MTBF 124,780 hrs
 

Connect with us

Learn more about our products, solutions and services Contact SafeNet AT