The Kiuru SAM product is a Signature Activation Module (SAM) that offers remote digital signature services. It ensures that the Signer’s signing keys are only used under the sole control of the Signer and only used for the intended purpose.
Certified with the SAM-PP as defined in EN 419 241-2, Kiuru SAM exists in a dedicated tamper protected environment. All communications are via a secure trusted channel.
Kiuru SAM implements various functions including:
- Transport encryption – provides a message encryption mechanism for all traffic between the SAM and the Alauda smartphone client application.
- Kiuru B17 protocol – implements a signing key splitting mechanism which allows a HSM key wrapped signing key to be split and distributed between the SAM and the app client. B17 protocol provides a strong basis for user sole control of the signing key.
- Crypto Module – Typically an HSM, Kiuru SAM uses the crypto module for generating signing keys and to create digital signatures.
- SRP6 validators – implements secure remote password initialization and verification for signer PINs. SRP6(b) validators binds the signer authentication with the signing key and the data to be signed (DTBS) before the Crypto Module creates a digital signature.
- Methics has a long experience of working with leading HSM providers of the world (such as Utimaco, nShield, Securosys), making Kiuru SAM and the solution compatible with external hardware.
For more details, see Kiuru SAM Product Factsheet