Model Specifications
SignServer Hardware Appliance offers a complete feature set for your signing solution. It is based on SignServer Enterprise with extensive support for several signing use cases including code, document, and time-stamping and the corresponding signature formats. The high-performance hardware and a built-in FIPS 140-2 Level 3, certified Hardware Security Module (HSM) provides maximum control and security.
SignServer Appliance Models
Depending on your requirements, we offer different SignServer Appliance models to address your needs. All models include SignServer Enterprise.
SignServer Document Signing Hardware Appliance
The SignServer Document Signing model supports document signing formats such as PDF, XML, and CMS. This model also includes Time Stamp Authority (TSA) functionality.
The SignServer Document Signing Hardware Appliance model can be delivered with a standard performance HSM or a high-speed performance HSM.
SignServer Code Signing Hardware Appliance
The SignServer Code Signing model offers the capability to sign different types of code, such as Windows executables, Java applications/libraries, Android applications, firmware for hardware devices, drivers, and apps. This model also includes Time Stamp Authority (TSA) functionality.
The SignServer Code Signing Hardware Appliance model can be delivered with a standard performance HSM or a high-speed performance HSM.
SignServer TSA Hardware Appliance
The SignServer Time Stamp Authority (TSA) Hardware Appliance supports both RFC 3161 and MS Authenticode time-stamps and includes monitoring of time synchronization compliant with the strictest regulations. Time-stamps are generally used together with document and code signing to provide proof that a document and/or code existed before a certain time, and can also be used together with advanced signatures to ensure long-term validation of archives.
The SignServer TSA Hardware Appliance model can be delivered with a standard performance HSM or a high-speed performance HSM.
SignServer ePassport Hardware Appliance
The SignServer ePassport (ePass) Hardware Appliance delivers Machine Readable Travel Document (MRTD) signing. MRTD is implemented worldwide within electronic passports mandated by ICAO. This model is used both for MRTD signing and for CSCA Master List signing.
The SignServer ePassport Hardware Appliance can be delivered with an entry-level performance HSM or a high-speed performance HSM.
Model Comparison Overview
The following provides a model comparison overview.
SignServer Appliance | Document | Code Signing | Time Stamp Authority | Document, Code & Time Stamp Authority | ePassport Signing |
---|---|---|---|---|---|
Software package: SignServer Enterprise | |||||
Use Case | |||||
Document Signing | |||||
Code Signing | |||||
Time Stamp Authority | |||||
ePassport | |||||
Key Features | |||||
Secure & Automated Backup Mechanism | |||||
2 Factor Authentication | |||||
FIPS 140-2 Level 3 validated HSM inside | |||||
Entry-level or Standard performance HSM inside | |||||
Standard or High-speed performance HSM inside | |||||
Dedicated Mng & App Interfaces | |||||
High Availability | |||||
SNMP, Syslog, Audit Log | |||||
Accessories | |||||
SmartCards | 10 | 10 | 10 | 10 | 10 |
PinPad Reader | 1 | 1 | 1 | 1 | 1 |
External Battery Adapter** | |||||
Performance (transactions/sec)* | Standard performance HSM | High-speed performance HSM | File Size | ||
Plain Signing | Transactions per second (Audit log on / Audit log off) | N/A | |||
RSA 2048 SHA 256 with RSA | 59/73 | 355/526 | |||
ECDSA secp256r1 SHA256withECDSA | 171/238 | 331/432 | |||
Time Stamp Authority (TSA) | Transactions per second (Audit log on / Audit log off) | N/A | |||
RSA 2048 SHA 256 with RSA | 59/74 | 303/893 | |||
ECDSA secp256r1 SHA256withECDSA | 170/258 | 296/625 | |||
PDF Signing | Transactions per second (Audit log on / Audit log off) | 15 kB | |||
RSA 2048 SHA 256 with RSA | 60/72 | 304/671 | |||
Authenticode Signing | Transactions per second (Audit log on / Audit log off) | 1 MB | |||
RSA 2048 SHA 256 with RSA | 13/15 | 47/49 | |||
ECDSA secp256r1 SHA256withECDSA | 15/15 | 46/47 |
*The Performance overview displays the performance (signing transactions per second) with activated signed Audit log versus deactivated Audit log.
** Accessories: External Battery Adapter must be provided with a battery (battery is not included) and put into immediate operation! This is absolutely necessary to support the internal battery of the HSM, even if the Hardware Appliance has not yet been put into operation or has been switched off again!