sematicon se.SAM™ U110 & U200 USB Cryptomodules – Keys in Hardware for the industry

The “sematicon Security and Authentication Module” – in short se.SAM™ – has been especially designed to meet the requirements of industrial, electronic, IoT and IIoT systems, in which stability, robustness and particular easy handling must be the main focus. The se.SAM™ module complies with these demands and enables smooth integration and upgrading of digital security on various platforms.

For installation in devices, our se.SAM™ P-Series is also available. For integration directly on the PCB, we also offer our modules as an integrated circuit for the PCB. You can find information on this under se.SAM™ – Embedded.

Additional se.SAM™ Products

Die se.SAM™ N-Series for Networks

se.SAM™ N200 – The network HSM
se.SAM™ N200X – The network HSM for the shopfloor

Die se.SAM™ P-Serie for Integration

se.SAM™ P210 – The module with miniPCIe-Interface
se.SAM™ P220 – The module with ephemeral keys

Corefunctions of the se.SAM™ U-Series

Keys in hardware

All cryptographic keys are generated in special security hardware – the N200 Crypto Core – and the cryptographic functions are also processed in hardware. Because the keys never reside in the appliance’s storage, outsiders can never obtain the valuable key material. The use of certified hardware secure elements (Secure Elements) prevents side-channel attacks.

Authenticity and protection of data and access

se.SAM™ protects digital secrets comprehensively and prevents unauthorised copying of or access to data. At the same time, source as well as destination of data can be clearly identified and verified. se.SAM™
guarantees protection and authenticity of any kind of data, such as sensor data, measured data and other intellectual property.

Easy integration – fast project success

se.SAM™ provides a wide range of cryptographic security functions on a very limited space, which can be implemented in projects in the simplest possible way and without any additional software. Thus, se.SAM™ is not only perfectly suitable for data protection, but also serves as a tool to ensure a fast and secure project success. In-depth cryptographic expertise is no longer necessary – se.SAM™
takes care of it.

Flexible and platform-independent use

No matter whether the module shall be operated indoors, in the control cabinet or outdoors: se.SAM™ is flexible. A wide temperature range, an extended radio interference suppression as well as waterproof tightness enables the module’s application in all climatic environments. It is fully encapsulated with a special sealing compound resisting mechanical influences and manipulation.

Guarantee security and save costs

se.SAM™ is manufactured exclusively in Germany and supported by all computers and platforms without any additional software. A long-term availability of the module assures additional planning reliability. The very low effort for support and integration reduces operational costs. se.SAM™ is the perfect tool to ensure security, minimise risks and realise cost savings.

The se.SAM™ U110 Cryptomodule

The se.SAM™ U110 is the first version of the se.SAM™ – family with a simple USB interface. The module has a CC-JIL verified cryptoprocessor. Many settings and algorithms are predefined as universally as possible. This means that projects can be developed quickly. The device communicates via a virtual serial interface and can therefore be used on all platforms in any programming language.

se.SAM™ U-Serie

The se.SAM™ U110 – simple and universal

  • Suitable and tested for industry, IT and office operation
  • Long-term availability
  • Extreme temperature ranges -40°C to +90°C
  • Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
  • No libraries or special software necessary
  • Isolated storage areas for protecting cryptographic keys and data
  • Cost-efficient integration by short training periods
  • Integrated PIN-Management and Passwordmanagement feature (“Password Safe”)

Dimensions in milimetres (mm)

Technical specifications

Cryptography

  •  Key storage: 10 symmetric keys and  10 asymmetric key pairs with certificate
  • Asymmetric algorithms: ECC-NIST-P/secp256r1, ECDSA, ECDH
  • Symmetric algorithms: AES CBC, AES ECB with 128 bit, SHA256, SHA256-HMAC
  • HASH digest: SHA-2-256
  • Key derivation function: HKDF
  • Additional functions: Pseudo-Random-Number Generator (PRF), cryptographic hardware counter, user-/password storage with up to 10 entries, firmware update, which can be disabled permanently, cryptographic self-test

Certifications

  • NIST CAVP
  • Common Criteria JIL-Level Score >30 (“high“)
  • Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)

Connection

  • USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector

Module features

  • Size (LxWxH): 39,1 x 17,5 x 8,25 mm
  • Weight: 10g
  • Temperature range: -40°C to +90°C
  • Humidity rating: 0% – 100%
  • Water resistance certification: IP X8 (DIN EN 60529)
  • Casing: full encapsulation (plastic) without air inclusion
  • Memory data retention: over 15 years
  • Immunity (ESD): 4kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Immunity (EMI): 10V/m from 80 MHz to 1GHz (Performance Criteria A), 3V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Emission (EMR): EN55032:2012
  • Voltage: 5V-DC (USB-supply)
  • Power supply: less than 2mA
  • EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU und 2015(863/EU /RoHS), 2014/30/EU (EMC)

The se.SAM™ U200 Cryptomodule

The se.SAM™ U200 Series is compared to the se.SAM™ U100 accessible over a serial Port which is part of most operating systems (CDC). In addition to a variety of algorithms such as NIST, Brainpool and RSA ranular permissions can be assigned to key objects. There is full support for “Secure Manufacturing”, which the device can fully exploit together with an N-Series module. The hardware of the cryptoprocessor as well as its operating system are CC-EAL6+ certified.

se.SAM™ U-Serie

The se.SAM™ U200 – simple, universal with extended features and cryptofunctions

  • Suitable and tested for industry, IT and office operation
  • Long-term availability
  • Extreme temperature ranges -40°C to +90°C
  • Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
  • No libraries or special software necessary
  • Isolated storage areas for protecting cryptographic keys and data
  • Cost-efficient integration by short training periods
  • Integrated PIN-Management

Dimensions in milimetres (mm)

Technical specifications

Cryptography

  • Key storage: 10 symmetric keys and 10 asymmetric key pairs with certificate
  • Symmetric algorithms: AES CBC, AES, CTR, AES ECB each with 128 and 256 bit, SHA1-HMAC, SHA256-HMAC, SHA384-HMAC, SHA512-HMAC, CMAC-128
  • Asymmetric algorithms: RSA 512 to 4096, ECC-NIST-P/secp192r1 to 521r1, ECC-Brainpool 160 to 512, ECC Koblitz/secp160k1 to 256k1, ECDSA , ECDH
  • HASH digest: SHA1, SHA-2-224 bis 512
  • Key derivation function: HKDF
  • Additional functions: Secure Hardware Counter, “Multi Source True Random Number Generator“, Key-ACLs, Secure Key Exchange, firmware update, which can be disabled, cryptographic self-test, Secure Key Import, Key Usage Counter

Certifications

  • Common Criteria EAL6+ (hardware and operating system of the crypto-processor)
  • Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)

Connections

  • USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector

Module features

  • Size (LxWxH): 39,1 x 17,51 x 8,25 mm
  • Weight: 10g
  • Temperature range: -40°C to +90°C
  • Humidity rating: 0% – 100%
  • Water resistance certification: IP X8 (DIN EN 60529)
  • Casing: full encapsulation (plastic) without air inclusion
  • Memory data retention: over 15 years
  • Immunity (ESD): 4 kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Immunity (EMI): 10 V/m from 80 MHz to 1GHz (Performance Criteria A), 3 V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Emission (EMR): EN55032:2012
  • Voltage: 5 V-DC (USB-supply)
  • Power supply: up to 25 mA (under load)
  • EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU and 2015(863/EU /RoHS),2014/30/EU (EMC)

Do you need information on our commands and technical details??

Get the se.SAM™ U-Serie Manual

U-Series Manual Request

    BItte wählen Sie das gewünschte Modul aus:
Secure Coding Basics Video Michael Walser sematicon AG 2021Secure Coding Basics Video Michael Walser sematicon AG 2021

Mastering Windows Code Signing – Standard vs. EV Certificates

Windows device drivers must be protected using strongest EV certificates. Otherwise, these drivers are not accepted by the operating system. Furthermore, Windows SmartScreen-filter in Windows 10 warns for software packages and executables not signed by an EV code signing certificate. But what exactly are EV code signing certificates and what is the difference to standard code signing certificates?
HSM-Safe (Credentials, Personal Data, Business Secrets, Finance Data)

Keys in hardware: encryption using an HSM

Häufig müssen vertrauliche Informationen, z.B. personenbezogene Daten, Zugangsdaten, Finanzdaten oder Firmengeheimnissen, in Server- oder Cloud-Anwendungen verschlüsselt abgespeichert werden