Luna PCI-E can be embedded directly in an appliance or application server for an easy-to-integrate and cost-efficient solution for cryptographic acceleration and security.  The high-security hardware design of Luna PCI-E ensures the integrity and protection of encryption keys throughout their life cycle.

All digital signing and verification operations are performed within the hardware security module (HSM) to increase performance and maintain security.

Achieve FIPS 140-2 and Common Criteria Validation without Investing in Costly Certifications

Achieving FIPS and Common Criteria certification can be a lengthy process and cost hundreds of thousands of dollars for each product certified. As SafeNet’s sole focus is security, we make third-party certifications a priority. Our team has years of experience in designing products that adhere to FIPS 140-2 and Common Criteria.  Leveraging Luna PCI-E in your appliance or service represents a cost effective way to bring FIPS 140-2 and Common Criteria validated solutions to market.

Develop Solutions for Resource Constrained Environments with ECC Support

As the need to provide security for resource constrained devices (smart phones, tablets, smart meters) grows, vendors must be able to provide solutions that leverage ECC algorithms. ECC Algorithms offer high key strength, at a greatly reduced key length when compared to RSA keys. SafeNet Luna PCI-E offers hardware accelerated ECC algorithms that can be used in the development of solutions without the need to purchase additional licenses.

Embed the SafeNet Luna General Purpose HSM Feature Set for Operational Cost Savings

Luna PCI-E benefits from a robust and forward thinking feature set. These features, including remote management, secure transport, and remote backup, will greatly reduce the management and operational costs of a deployment that utilizes Luna PCI.

Available in Two Performance Models

Luna PCI-E is available in two performance models: Luna PCI-E 7000 and Luna PCI-E 1700.

  • Luna PCI-E 7000 is a high performance HSM capable of best in class performance across a breadth of algorithms including ECC, RSA, and symmetric transactions.
  • The Luna PCI-E 1700 variant, is capable of 1700 RSA 1024-bit transactions per second.



Luna PCI-E 1700 Model


Luna PCI-E 7000 Model








ECC P256









Luna PCI-E Cryptographic Accelerator Specifications

Operating System Support

OS Support

Windows, Linux, Solaris

Cryptographic Support


  • Full Suite B support
  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)

Crytographic APIs

PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL

Physical Characteristics


Full Height, Half Length 4.16” x 6.6” (106.7mm x 167.65mm)

Power Consumption

12W maximum, 8W typical


Operating 0° to 50°C

Host Interface

PCI-Express X4, PCI CEM 1.0a

Security Certifications


  • FIPS 140-2 Level 2 and Level 3
  • Common Criteria EAL4+
  • BAC & EAC ePassport Support

Safety and Environmental Compliance


  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE

Management, Logging, and Monitoring


M of N support for division of command





Luna PCI-E Features & Benefits

Sample Applications:

  • PKI key generation & key
  • Storage (online CA keys & offline CA keys)
  • Card Issuance & Management
  • Code & Document Signing
  • Database & File Encryption
  • Email Encryption
  • Infrastructure Security
  • Identity & Rights Management
  • Key Management
  • Timestamping
  • SSL & TLS

Security at a Glance:

  • Keys in hardware

  • Remote Management
  • Secure transport mode for high-assurance delivery
  • Multi-level access control
  • Multi-part splits for all access control keys
  • Intrusion-resistant, tamper evident hardware
  • Secure Audit Logging
  • Strongest cryptographic algorithms
  • Suite B algorithm support
  • Secure decommission


  • Intrusion-resistant, tamper-evident hardware

  • Field Serviceable Components
  • Software upgradable
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Load Balancing and Scalability