sematicon se.SAM™ U110 & U200 USB Cryptomodules – Keys in Hardware for the industry

The “sematicon Security and Authentication Module” – in short se.SAM™ – has been especially designed to meet the requirements of industrial, electronic, IoT and IIoT systems, in which stability, robustness and particular easy handling must be the main focus. The se.SAM™ module complies with these demands and enables smooth integration and upgrading of digital security on various platforms.

For installation in devices, our se.SAM™ P-Series is also available. For integration directly on the PCB, we also offer our modules as an integrated circuit for the PCB. You can find information on this under se.SAM™ – Embedded.

Additional se.SAM™ Products

Die se.SAM™ N-Series for Networks

se.SAM™ N200 – The network HSM
se.SAM™ N200X – The network HSM for the shopfloor

Die se.SAM™ P-Serie for Integration

se.SAM™ P210 – The module with miniPCIe-Interface
se.SAM™ P220 – The module with ephemeral keys

se.SAM™ Embedded – Crypto for your new project

Corefunctions of the se.SAM™ U-Series

Keys in hardware

All cryptographic keys are generated in special security hardware – the N200 Crypto Core – and the cryptographic functions are also processed in hardware. Because the keys never reside in the appliance’s storage, outsiders can never obtain the valuable key material. The use of certified hardware secure elements (Secure Elements) prevents side-channel attacks.

Authenticity and protection of data and access

se.SAM™ protects digital secrets comprehensively and prevents unauthorised copying of or access to data. At the same time, source as well as destination of data can be clearly identified and verified. se.SAM™
guarantees protection and authenticity of any kind of data, such as sensor data, measured data and other intellectual property.

Easy integration – fast project success

se.SAM™ provides a wide range of cryptographic security functions on a very limited space, which can be implemented in projects in the simplest possible way and without any additional software. Thus, se.SAM™ is not only perfectly suitable for data protection, but also serves as a tool to ensure a fast and secure project success. In-depth cryptographic expertise is no longer necessary – se.SAM™
takes care of it.

Flexible and platform-independent use

No matter whether the module shall be operated indoors, in the control cabinet or outdoors: se.SAM™ is flexible. A wide temperature range, an extended radio interference suppression as well as waterproof tightness enables the module’s application in all climatic environments. It is fully encapsulated with a special sealing compound resisting mechanical influences and manipulation.

Guarantee security and save costs

se.SAM™ is manufactured exclusively in Germany and supported by all computers and platforms without any additional software. A long-term availability of the module assures additional planning reliability. The very low effort for support and integration reduces operational costs. se.SAM™ is the perfect tool to ensure security, minimise risks and realise cost savings.

The se.SAM™ U110 Cryptomodule

The se.SAM™ U110 is the first version of the se.SAM™ – family with a simple USB interface. The module has a CC-JIL verified cryptoprocessor. Many settings and algorithms are predefined as universally as possible. This means that projects can be developed quickly. The device communicates via a virtual serial interface and can therefore be used on all platforms in any programming language.

se.SAM™ U-Serie

The se.SAM™ U110 – simple and universal

  • Suitable and tested for industry, IT and office operation
  • Long-term availability
  • Extreme temperature ranges -40°C to +90°C
  • Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
  • No libraries or special software necessary
  • Isolated storage areas for protecting cryptographic keys and data
  • Cost-efficient integration by short training periods
  • Integrated PIN-Management and Passwordmanagement feature (“Password Safe”)

Dimensions in milimetres (mm)

Technical specifications

Cryptography

  •  Key storage: 10 symmetric keys and  10 asymmetric key pairs with certificate
  • Asymmetric algorithms: ECC-NIST-P/secp256r1, ECDSA, ECDH
  • Symmetric algorithms: AES CBC, AES ECB with 128 bit, SHA256, SHA256-HMAC
  • HASH digest: SHA-2-256
  • Key derivation function: HKDF
  • Additional functions: Pseudo-Random-Number Generator (PRF), cryptographic hardware counter, user-/password storage with up to 10 entries, firmware update, which can be disabled permanently, cryptographic self-test

Certifications

  • NIST CAVP
  • Common Criteria JIL-Level Score >30 (“high“)
  • Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)

Connection

  • USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector

Module features

  • Size (LxWxH): 39,1 x 17,5 x 8,25 mm
  • Weight: 10g
  • Temperature range: -40°C to +90°C
  • Humidity rating: 0% – 100%
  • Water resistance certification: IP X8 (DIN EN 60529)
  • Casing: full encapsulation (plastic) without air inclusion
  • Memory data retention: over 15 years
  • Immunity (ESD): 4kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Immunity (EMI): 10V/m from 80 MHz to 1GHz (Performance Criteria A), 3V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Emission (EMR): EN55032:2012
  • Voltage: 5V-DC (USB-supply)
  • Power supply: less than 2mA
  • EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU und 2015(863/EU /RoHS), 2014/30/EU (EMC)

The se.SAM™ U200 Cryptomodule

The se.SAM™ U200 Series is compared to the se.SAM™ U100 accessible over a serial Port which is part of most operating systems (CDC). In addition to a variety of algorithms such as NIST, Brainpool and RSA ranular permissions can be assigned to key objects. There is full support for “Secure Manufacturing”, which the device can fully exploit together with an N-Series module. The hardware of the cryptoprocessor as well as its operating system are CC-EAL6+ certified.

se.SAM™ U-Serie

The se.SAM™ U200 – simple, universal with extended features and cryptofunctions

  • Suitable and tested for industry, IT and office operation
  • Long-term availability
  • Extreme temperature ranges -40°C to +90°C
  • Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
  • No libraries or special software necessary
  • Isolated storage areas for protecting cryptographic keys and data
  • Cost-efficient integration by short training periods
  • Integrated PIN-Management

Dimensions in milimetres (mm)

Technical specifications

Cryptography

  • Key storage: 10 symmetric keys and 10 asymmetric key pairs with certificate
  • Symmetric algorithms: AES CBC, AES, CTR, AES ECB each with 128 and 256 bit, SHA1-HMAC, SHA256-HMAC, SHA384-HMAC, SHA512-HMAC, CMAC-128
  • Asymmetric algorithms: RSA 512 to 4096, ECC-NIST-P/secp192r1 to 521r1, ECC-Brainpool 160 to 512, ECC Koblitz/secp160k1 to 256k1, ECDSA , ECDH
  • HASH digest: SHA1, SHA-2-224 bis 512
  • Key derivation function: HKDF
  • Additional functions: Secure Hardware Counter, “Multi Source True Random Number Generator“, Key-ACLs, Secure Key Exchange, firmware update, which can be disabled, cryptographic self-test, Secure Key Import, Key Usage Counter

Certifications

  • Common Criteria EAL6+ (hardware and operating system of the crypto-processor)
  • Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)

Connections

  • USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector

Module features

  • Size (LxWxH): 39,1 x 17,51 x 8,25 mm
  • Weight: 10g
  • Temperature range: -40°C to +90°C
  • Humidity rating: 0% – 100%
  • Water resistance certification: IP X8 (DIN EN 60529)
  • Casing: full encapsulation (plastic) without air inclusion
  • Memory data retention: over 15 years
  • Immunity (ESD): 4 kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Immunity (EMI): 10 V/m from 80 MHz to 1GHz (Performance Criteria A), 3 V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
  • Emission (EMR): EN55032:2012
  • Voltage: 5 V-DC (USB-supply)
  • Power supply: up to 25 mA (under load)
  • EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU and 2015(863/EU /RoHS),2014/30/EU (EMC)

Do you need information on our commands and technical details??

Get the se.SAM™ U-Serie Manual

U-Series Manual Request

    BItte wählen Sie das gewünschte Modul aus:
Secure Curves

600% less cryptographic overhead for X.509 certificates

In this article we are comparing ECC and RSA algorithm for digital certificates. The objective is to get information about speed, size and usability.

IoT PKI – se.SAM™ PKI Mockup

This is mockup of our se.SAM™ N-Series version 5.0 crypto appliance showing our WebGUI featuring the new PKI solution for IT, industrial, IoT and embedded use cases. It is an optional plugin to our appliance.
se.SAM PKI

X.509 Tutorial: 5 ways to issue certificates for IT services, users, clients, and IoT devices

We show you several ways how easy it is to issue certificates to any kind of devices including embedded systems and IoT using our se.SAM™ PKI.

Technical Concepts in se.SAM PKI™ for IT, OT, Embedded and IoT

Beginning with se.SAM™ N-Series version 5.0 sematicon AG will offer a HSM based PKI solution for IT, industrial, IoT and embedded use cases. The Certificate Authority (CA) will be available as an integrated software module on se.SAM™ N200 Crypto Appliance and se.SAM™ NX200 24-48V Industrial DIN-rail fan-less appliance.

The first affordable HSM based IoT Certificate Authority

sematicon AG is presenting the first HSM including a full featured IoT PKI under the se.SAM™ brand in an affordable package for everyone.

Ready to use HSM based PKI at a minimal cost

Comparing Open-Source PKI Solutions and introducing the difference to our easy to use e.SAM™ PKI with HSM included.

Introduction and concept of se.SAM™ PKI

Beginning with se.SAM™ N-Series version 5.0 sematicon AG will offer a HSM based PKI solution for IT, industrial, IoT and embedded use cases. The Certificate Authority (CA) will be available as an integrated software module on se.SAM™ N200 Crypto Appliance and se.SAM™ NX200 24-48V Industrial DIN-rail fan-less appliance.
N200 Appliance und Lottoschein 6 aus 49

Calculating the correct lottery numbers “6 out of 49” – 100% correct and 100% secure

Crypto in action: The se.SAM™ N200 Crypto Appliance is suitable for calculating the correct lottery numbers of 6 out of 49 100% correct numbers and 100% security, for which we offer customers of the appliance a free Python program.
Secure Coding Basics Video Michael Walser sematicon AG 2021Secure Coding Basics Video Michael Walser sematicon AG 2021

Mastering Windows Code Signing – Standard vs. EV Certificates

Windows device drivers must be protected using strongest EV certificates. Otherwise, these drivers are not accepted by the operating system. Furthermore, Windows SmartScreen-filter in Windows 10 warns for software packages and executables not signed by an EV code signing certificate. But what exactly are EV code signing certificates and what is the difference to standard code signing certificates?