Default banner

Thales Luna USB HSM

usb hsmLuna USB HSM – formerly Luna G5 – delivers industry leading key management in a portable appliance with an USB interface. All key materials are maintained exclusively within the confines of the hardware. The small form-factor and on-board key storage sets the product apart, making it especially attractive to customers who need to physically remove and store the small appliance holding PKI root keys.

Download the Product Brief


Crytographic Capabilities

Algorithm Luna USB HSM
RSA-1024 200
RSA-2048 60
ECC P256 40

Luna USB HSM supports a broad range of asymmetric key encryption and key exchange capabilities, as well as support for all standard symmetric encryption algorithms. It also supports all standard hashing algorithms and message authentication codes (MAC). The Luna USB HSM has a hardware implemented random number generator (AES-DRBG) compliant with NIST SP 800-90.

Enhancing the previous generation HSM’s support of factory generated digital IDs based on RSA key pairs, the Luna G5 also supports ECC key pairs for use in Suite B applications that require a permanent, factory generated digital ID.

Download the Product Brief

  • Specifications
  • Features

Luna USB HSM Dpecifications:



OS support

Windows, Linux


  • Full Suite B Support
  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)

Crytographic APIs

PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL


8.5” x 6.675” x 1.7” (215.9mm x 169.545mm x 43.18mm)


3.3lb (1.5kg)

Input Voltage

100-240V, 50-60Hz

Power Consumption

26W maximum, 20W typical


Operating 0°C – 35°C, storage -20°C – 70°C

Relative Humidity

20% to 95% (38°C) non-condensing

Host Interface

USB 2.0


  • FIPS 140-2 Level 2 and Level 3
  • BAC & EAC ePassport Support


  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE


M of N support for division of command

Luna USB HSM Features and Benefits

Sample Applications:

  • PKI key generation & key
  • Storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance

Security at a Glance:

  • Keys in hardware
  • Remote Management
  • Secure transport mode for high-assurance delivery
  • Multi-level access control
  • Multi-part splits for all access control keys
  • Intrusion-resistant, tamper evident hardware
  • Secure Audit Logging
  • Strongest cryptographic algorithms
  • Suite B algorithm support
  • Secure decommission


  • Intrusion-resistant, tamper evident hardware
  • Field Serviceable Components
  • Software upgradable
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Load Balancing and Scalability