RNTrust Empowers Innovation Through Interdata Middle East Acquisition

READ MORE
Get in Touch +800-RNTrust (7687878)
Email Us sales@rn-trust.com
Whatsapp +971-4-446-5181

What is orca?

ORCA solves the common challenges of the Offline Root CA: the Hardware, the Software, the HSM, the Backup storage and the Integration of those four elements. 

With ORCA you don’t have to spend valuable time integrating bits and bytes in a functional solution. RNTrust has built ORCA as an off-the-shelf turnkey solution. 

ORCA runs on a state-of-the-art Mini PC with Intel Atom x5-Z8500 1.44Ghz CPU Quad Cores Quad Threads (up to 2.24Ghz), 4GB RAM and 64 GB SSD storage. 

ORCA uses an OpenSSL based CA on top of a hardened SuSE Linux with encrypted file system and stores its status in a SQLite database. 

ORCA supports all the standards including:

  • RSA, DSA and EC private keys.
  • All x509v3 extensions.
  • PKCS#1 unencrypted RSA key storage format.
  • PKCS#7 Collection of public certificates.
  • PKCS#8 Encrypted private key format for RSA DSA EC keys.
  • PKCS#10 Certificate signing request.
  • PKCS#11 Security token / Smart card / HSM access.
  • PKCS#12 Certificate, Private key and probably a CA chain.


To ensure strong protection of the private keys, ORCA uses an nShield Edge hardware security module.


WHY CHOOSE orca appliance?

No Extra Time 


Ready Built 

Dedicated Hardware

Mini PC
Intel Atom
x5-Z8500, 4GB RAM and 64 GB SSD 

HSM Integrated 

nShield Edge

Maximum Security 

PIN-authenticated,
AES-XTS 256-bit hardware-encrypted flash drive 

No Surprises 


Out of the Box
Fully Tested and Controlled Solution 

PACKAGED SOLUTION

SELF SIGNED

Predefined Templates.
The Root CA's keys are generated in the HSM.

HSM

nCipher Edge USB HSM protects the Keys with N of M Administrators Cards.

SIGNING SUBORDINATE

Signing requests are
generated by an external Subordinate CA and signed by the Root CA.

ISSUANCE

Generated subordinate CA certificates are transferred to the respective servers via USB Keys.

BACKUPS

ORCA backups will be stored securely into the datAshur PRO².

The nShield Edge hardware security module (HSM) is a full-featured, portable USB HSM designed for low-volume transaction environments. It’s capable of encryption and key protection and is ideally suited for off-line key generation for certificate authorities (CAs). 


nShield EDGE FEATURES: 

  • Certifications: nShield Edge USB HSMs are certified to FIPS 140-2 Level 2 and Level 3.
  • Supported APIs: PKCS#11, OpenSSL, Java (JCE), Microsoft CAPI and CNG.

SUPPORTED CRYPTOGRAPHIC ALGORITHMS: 

  • Asymmetric public key algorithms: RSA, Diffie-Hellman, ECMQV, DSA, KCDSA, ECDSA, ECDH, Edwards (X25519, Ed25519ph).
  • Symmetric algorithms: AES, AES-GCM, ARIA, Camellia, CAST, RIPEMD160 HMAC, SEED, Triple DES.
  • Hash/message digest: SHA-1,
  • SHA-2 (224, 256, 384, 512 bit),
  • HAS-160
  • Full Suite B implementation with fully licensed ECC, including Brainpool and custom curves.
  • Elliptic Curve Key Agreement (ECKA) available via Java API and nCore APIs.
  • Elliptic Curve Integrated Encryption Scheme (ECIES) available via Java API, PKCS#11 and nCore APIs.

All ORCA components comply with the following safety and Environmental Standards: 

CRM form will load here

CONTACT US​ 

Whether it's for assistance, or inquiries. We will do our best to provide you with an answer promptly.​


RNTrust headquarter is located in Dubai, UAE, and has global offices in Abu Dhabi, Bangalore, Belgrade, Boston, California, Italy, Paris, Riyadh and Zagreb. 


RNTrust (RECRO NET ME FZ LLC)
(Head Quarter)

  • Address: 1905, 19th floor, Tower A, Business Central Towers, Dubai Media City, Dubai, UAE, PO Box 503012

request a demo
REQUEST
request rfp - pki
REQUEST
request datasheet
REQUEST
RNTrust (RECRO NET)

©2024 RNTrust. All rights Reserved