Protection
Keep keys out of software
Generate, store, and use sensitive keys inside dedicated hardware boundaries to reduce extraction and misuse risk.
Hardware root of trust for high-value cryptographic keys
Entrust nShield HSMs protect cryptographic keys and operations in tamper-resistant hardware for use cases such as certificate authorities, digital signing, code signing, encryption, payment systems, and custom applications.
iTrust helps choose the right HSM model, integrate applications, define key ceremonies, and create operational controls for secure key management.
Performance
Support critical cryptographic workloads
Use HSMs for signing, encryption, key generation, CA operations, transaction systems, and high-throughput application services.
Compliance
Build on certified hardware
Support audit and regulatory needs with certified platforms, controlled administration, and clear operational procedures.
Common HSM integrations
- PKI and CAs
- Protect CA private keys, signing operations, certificate issuance, and trust anchor workflows.
- Digital signing
- Secure document signing, code signing, timestamping, and transaction signing keys.
- Application encryption
- Integrate with custom applications, databases, and services that need hardware-backed key operations.
- PQC planning
- Evaluate crypto-agile HSM options as part of longer-term post-quantum readiness.
Resources
Datasheets and technical resources
Official Entrust resources for nShield HSM evaluation.
Datasheet
Entrust nShield 5s HSM Datasheet
Datasheet for nShield 5s HSMs, including post-quantum support, remote administration, Security World architecture, CodeSafe, and performance models.
View Datasheet
Official Entrust PDF
Product Page
nShield 5s Product Page
Product page covering PCIe HSM capabilities, certifications, APIs, algorithms, supported platforms, and performance data.
View Product Page
Official Entrust page