•   SUPPORT +49 89 420447-30
  •   This email address is being protected from spambots. You need JavaScript enabled to view it.   |
  •   SALES +49 89 420447-20
  •   This email address is being protected from spambots. You need JavaScript enabled to view it.


SafeNet Luna CA4 Product Brief

Datasheet - PDF

SafeNet Luna CA4

Strongest Protection of the PKI Root Key


Maintain PKI Integrity

The SafeNet Luna CA4 addresses the security and operational needs required to maintain the integrity of PKIs with true hardware key management, trusted path multi-person authentication, and direct hardware-to-hardware backup.

Optimal Root Key Protection

The SafeNet Luna CA4 offers the strictest hardware security for Certificate Authorities (CAs) issuing digital identities in PKIs. Luna CA4 protects the PKI root key and performs all key management, key storage, and key operations (such as digital signing) exclusively within hardware.

Comprehensive security policies, split user roles, and two-factor, trusted path authentication prevent unauthorized access to critical root keys. Direct hardware-to-hardware backup permits auditable backups of key material for backup and disaster recovery.

Integrates with Leading Certificate Authority Software

Tight integration with leading Certificate Authority software makes it easy to add security and integrity to enterprise PKIs:

  • Microsoft
  • Entrust
  • VeriSign
  • RSA; and more


Operating Systems

• Microsoft Windows 2003 (32 & 64-bit)
• Microsoft Windows 2008 (64-bit)
• Solaris 10 (32 & 64-bit)
• Linux E4, E5 K 2.6 (32 & 64-bit) cryptographic performance
• 25 1024-bit RSA digital signatures per second

Cryptographic Algorithms

  • Asymmetric Key Encryption and Key Exchange
  • RSA (512-4096 bit), PKCS #1 v1.5, OAEP PKCS#1 v2.0
  • Diffie-Hellman (512-1024 bit) Suite B Algorithm


  • ECC Support

Digital Signing

  • RSA (512-4096-bit), DSA (512-1024-bit), PKCS #1 v1.5

Symmetric Key Algorithms

  • DES, TDES (double & triple key lengths), RC2, RC4, RC5, CAST-3, CAST-128, AES, ARIA Hash Digest Algorithms
    SHA-1, MD-2, MD-5, SHA256, SHA512 , SHA-224, SHA-384

Message Authentication Codes


ECC Brainpool Curves (named and user-defined) Object Limit

  • 1280 object limit

Features & Benefits


  • Secure Key Storage
  • Keys are 3DES encrypted, encoded with M of N encryption, and stored on a tamper-proof hardware security token to ensure integrity.
  • Two-factor Trusted Path Authentication - true two-factor, trusted path, multi-person authentication of HSM administrative users to prevent unauthorized access to sensitive HSM administration functions
  • Common Criteria at EAL 4+ (in process) 
  • FIPS 140-2, Level 3 Validated 
  • Easy Hardware Key Management - hardware-based key life cycle management from generation, verification, storage, and backup. All key operations are performed exclusively within hardware to prevent unauthorized access to keys.
  • Easy Integration
  • Support for PKCS#11 Open API and Microsoft CryptoAPI allow easy integration with your custom solutions. In addition, existing Luna CA3 models can be easily migrated to the Luna CA4


  • Satisfies government and industry mandates for key management
  • First HSM to achieve support with Microsoft SQL Server
  • Integrates with leading certificate authority software – including Microsoft Certificate Services, Entrust Authority, VeriSign,  RSA and more

Our Philosophy

Our goal is to assist you in solving specific security problems on the Internet, IT networks and in telecommunications.

We achieve this goal by the quality and actuality of our security products, as well as competence and commitment of our team.

Contact Options

Contact Sales (inquiries,
licenses, orders, ...)
  • +49 89 420447-20
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
Contact Support (settings, ...)
  • +49 89 420447-30
  • This email address is being protected from spambots. You need JavaScript enabled to view it.

Company Details

CyProtect AG - Internet Security


Schatzbogen 58
81829 Munich
  • +49 89 420447 79

Contact Form

How many hours are in a day?