The “sematicon Security and Authentication Module” – in short se.SAM™ – has been especially designed to meet the requirements of industrial, electronic, IoT and IIoT systems, in which stability, robustness and particular easy handling must be the main focus. The se.SAM™ module complies with these demands and enables smooth integration and upgrading of digital security on various platforms.
For installation in devices, our se.SAM™ P-Series is also available. For integration directly on the PCB, we also offer our modules as an integrated circuit for the PCB. You can find information on this under se.SAM™ – Embedded.
Additional se.SAM™ Products
Die se.SAM™ N-Series for Networks
• se.SAM™ N200 – The network HSM
• se.SAM™ N200X – The network HSM for the shopfloor
Die se.SAM™ P-Serie for Integration
• se.SAM™ P210 – The module with miniPCIe-Interface
• se.SAM™ P220 – The module with ephemeral keys
se.SAM™ Embedded – Crypto for your new project
Corefunctions of the se.SAM™ U-Series
Keys in hardware
All cryptographic keys are generated in special security hardware – the N200 Crypto Core – and the cryptographic functions are also processed in hardware. Because the keys never reside in the appliance’s storage, outsiders can never obtain the valuable key material. The use of certified hardware secure elements (Secure Elements) prevents side-channel attacks.
Authenticity and protection of data and access
se.SAM™ protects digital secrets comprehensively and prevents unauthorised copying of or access to data. At the same time, source as well as destination of data can be clearly identified and verified. se.SAM™
guarantees protection and authenticity of any kind of data, such as sensor data, measured data and other intellectual property.
Easy integration – fast project success
se.SAM™ provides a wide range of cryptographic security functions on a very limited space, which can be implemented in projects in the simplest possible way and without any additional software. Thus, se.SAM™ is not only perfectly suitable for data protection, but also serves as a tool to ensure a fast and secure project success. In-depth cryptographic expertise is no longer necessary – se.SAM™
takes care of it.
Flexible and platform-independent use
No matter whether the module shall be operated indoors, in the control cabinet or outdoors: se.SAM™ is flexible. A wide temperature range, an extended radio interference suppression as well as waterproof tightness enables the module’s application in all climatic environments. It is fully encapsulated with a special sealing compound resisting mechanical influences and manipulation.
Guarantee security and save costs
se.SAM™ is manufactured exclusively in Germany and supported by all computers and platforms without any additional software. A long-term availability of the module assures additional planning reliability. The very low effort for support and integration reduces operational costs. se.SAM™ is the perfect tool to ensure security, minimise risks and realise cost savings.
The se.SAM™ U110 Cryptomodule
The se.SAM™ U110 is the first version of the se.SAM™ – family with a simple USB interface. The module has a CC-JIL verified cryptoprocessor. Many settings and algorithms are predefined as universally as possible. This means that projects can be developed quickly. The device communicates via a virtual serial interface and can therefore be used on all platforms in any programming language.
The se.SAM™ U110 – simple and universal
- Suitable and tested for industry, IT and office operation
- Long-term availability
- Extreme temperature ranges -40°C to +90°C
- Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
- No libraries or special software necessary
- Isolated storage areas for protecting cryptographic keys and data
- Cost-efficient integration by short training periods
- Integrated PIN-Management and Passwordmanagement feature (“Password Safe”)
Dimensions in milimetres (mm)
Technical specifications
Cryptography
- Key storage: 10 symmetric keys and 10 asymmetric key pairs with certificate
- Asymmetric algorithms: ECC-NIST-P/secp256r1, ECDSA, ECDH
- Symmetric algorithms: AES CBC, AES ECB with 128 bit, SHA256, SHA256-HMAC
- HASH digest: SHA-2-256
- Key derivation function: HKDF
- Additional functions: Pseudo-Random-Number Generator (PRF), cryptographic hardware counter, user-/password storage with up to 10 entries, firmware update, which can be disabled permanently, cryptographic self-test
Certifications
- NIST CAVP
- Common Criteria JIL-Level Score >30 (“high“)
- Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)
Connection
- USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector
Module features
- Size (LxWxH): 39,1 x 17,5 x 8,25 mm
- Weight: 10g
- Temperature range: -40°C to +90°C
- Humidity rating: 0% – 100%
- Water resistance certification: IP X8 (DIN EN 60529)
- Casing: full encapsulation (plastic) without air inclusion
- Memory data retention: over 15 years
- Immunity (ESD): 4kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
- Immunity (EMI): 10V/m from 80 MHz to 1GHz (Performance Criteria A), 3V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
- Emission (EMR): EN55032:2012
- Voltage: 5V-DC (USB-supply)
- Power supply: less than 2mA
- EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU und 2015(863/EU /RoHS), 2014/30/EU (EMC)
The se.SAM™ U200 Cryptomodule
The se.SAM™ U200 Series is compared to the se.SAM™ U100 accessible over a serial Port which is part of most operating systems (CDC). In addition to a variety of algorithms such as NIST, Brainpool and RSA ranular permissions can be assigned to key objects. There is full support for “Secure Manufacturing”, which the device can fully exploit together with an N-Series module. The hardware of the cryptoprocessor as well as its operating system are CC-EAL6+ certified.
The se.SAM™ U200 – simple, universal with extended features and cryptofunctions
- Suitable and tested for industry, IT and office operation
- Long-term availability
- Extreme temperature ranges -40°C to +90°C
- Driverless – “Plug & Play“ – Independent of OS or CPU-Architectures
- No libraries or special software necessary
- Isolated storage areas for protecting cryptographic keys and data
- Cost-efficient integration by short training periods
- Integrated PIN-Management
Dimensions in milimetres (mm)
Technical specifications
Cryptography
- Key storage: 10 symmetric keys and 10 asymmetric key pairs with certificate
- Symmetric algorithms: AES CBC, AES, CTR, AES ECB each with 128 and 256 bit, SHA1-HMAC, SHA256-HMAC, SHA384-HMAC, SHA512-HMAC, CMAC-128
- Asymmetric algorithms: RSA 512 to 4096, ECC-NIST-P/secp192r1 to 521r1, ECC-Brainpool 160 to 512, ECC Koblitz/secp160k1 to 256k1, ECDSA , ECDH
- HASH digest: SHA1, SHA-2-224 bis 512
- Key derivation function: HKDF
- Additional functions: Secure Hardware Counter, “Multi Source True Random Number Generator“, Key-ACLs, Secure Key Exchange, firmware update, which can be disabled, cryptographic self-test, Secure Key Import, Key Usage Counter
Certifications
- Common Criteria EAL6+ (hardware and operating system of the crypto-processor)
- Compliant to EU-directive 2014/32/EU and the WELMEC Software Guide for Measuring Instruments (V7.2, 2015)
Connections
- USB 1.0, USB 2.0 (full speed, low speed), USB-A-connector
Module features
- Size (LxWxH): 39,1 x 17,51 x 8,25 mm
- Weight: 10g
- Temperature range: -40°C to +90°C
- Humidity rating: 0% – 100%
- Water resistance certification: IP X8 (DIN EN 60529)
- Casing: full encapsulation (plastic) without air inclusion
- Memory data retention: over 15 years
- Immunity (ESD): 4 kV contacted discharge (Performance Criteria A), 8kV air discharge (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
- Immunity (EMI): 10 V/m from 80 MHz to 1GHz (Performance Criteria A), 3 V/m from 1GHz to 2,7GHz (Performance Criteria A), EN55024:2010, EN61000-6-2:2005
- Emission (EMR): EN55032:2012
- Voltage: 5 V-DC (USB-supply)
- Power supply: up to 25 mA (under load)
- EU-directives (CE marking): 2012/19/EU (WEEE), 2011/65/EU and 2015(863/EU /RoHS),2014/30/EU (EMC)