Key Management

Key Lifecycle Management Solutions For End-to-End Security

Certified Zero Trust

Zero trust means zero exposure of all key material from generation to distribution and use. Ultra offers the highest FIPS 140-2, Level 4 certified hardware security module (HSM) to protect cryptographic key throughout their lifecycle. Ultra’s Keyper and CARDS product suites provide assured management of keys between devices and users.

COMSEC Experts

A comprehensive cybersecurity strategy includes policies and procedures for controlled tracking and use of cryptographic assets throughout an organisation. We simplify these complex tasks with products and services to help security departments maintain the fleet of equipment and keys required for the mission.

Trusted Distribution

Complex supply chains and partner networks require controlled sharing of keys across multiple sites and groups. Ultra’s solution allows for the remote electronic distribution of cryptographic keys, while reducing costs and security breaches by ensuring all assets are tracked and audited.

HSMs and Key Management Solutions

Ultra’s comprehensive key lifecycle management solutions provide the highest level of certified protection; including key-generation, storage, audit, distribution and destruction of keys and digital trust assets.


A network Hardware Security Module (HSM) for organisations that have the highest security requirements. KeyperPLUS enforces zero trust through zero exposure protection of the most sensitive keys in government, Internet and industry. Entirely NIST FIPS 140-2 and Level 4 certified, KeyperPLUS  provides security features beyond the competition:

Capabilities above Level 3 HSMs

  • Multi-factor, identity-based authentication using N of M smartcards
  • Active and passive tamper detection and response
  • Temperature/Voltage Environmental failure protection

Capabilities above Level 4 (Physical) HSMs

  • Common Criteria EAL4 evaluated operating software
  • Formal model design and validation

Level 4 devices are designed for use in physically unprotected environments, and with additional defences against environmental attacks, including fluctuations outside normal operating ranges.

HSMs are at the root of trust in the generation, storage, distribution and controlled use of cryptographic keys within supply chain security infrastructures. Ultra’s experts support your security development teams with easy integration and support. This includes:

  • Industry standard interface libraries: PKCS#11, MSCAPI, and CNG
  • Platforms supported (to date): Windows Server 2012R2, 2016, 2019, 2022 (64 bit), RHE Linux 7.9 & 8.3 (64 bit)
  • Third party interoperability: Entrust Authority Security Manager, Oracle database TDE, UniCERT, Microsoft ADCS, IIS, Bloombase Storesafe, EJBCA, ISC BIND, OpenDNSSEC, KnotDNS, OpenVPN, LibraSwan, OpenSSL, Java, Apache, Nginx

Built on a tradition of trust and customer support for over 15 years, KeyperPLUS includes a robust suite of interface libraries and algorithms at no extra charge.

Additional Capabilities

  • Remote management application software provided, permitting run-time application key backup, audit log retrieval and firmware update
  • N of M storage key backup via smartcard
  • Encrypted application key backup on to smartcard(s) or USB
  • Load Balancer software provides redundancy and improved overall system performance
  • Rack-mount installation kit including redundant power supply available

 KeyperPLUS remains the highest certified protection of public key infrastructures across industries worldwide:  Internet, Banking, Financial Services, Insurance, Crypto Currency, Telecommunications, Governments, Manufacturing, Energy, IoT, Medical Devices, Aerospace and Defense and Transportation.


Ultra supports your project with our expert services in:

  • Assistance with third-party integration
  • Periodic replacement of internal battery
  • Firmware and external management tools updates
  • Implementation of bespoke algorithms and APIs
COMSEC Accounting, Reporting & Distribution System (CARDS)

Improve your security operations by simplifying complex COMSEC asset management tasks. CARDS streamlines the business of COMSEC with inventory management, automated reporting, and controlled transfer of assets. Custodians and key managers at every tier benefit from the features of CARDS:

  • Track the location, usage and transfer of physical and digital assets
  • Generate SF-153s and other required reports
  • Record and schedule equipment maintenance
  • Controlled distribution and management of black keys to remote users
  • Manage configurations and documents associated with each asset

Electronic Key Distribution

The CARDS server is interoperable with U.S. and international Electronic Key Management System (EKMS-308) sources. This bridges the gap between Tier 2 and Tier 3 with controlled distribution and management of ‘black keys’ to remote locations, contractors and coalition partners. CARDS Key Hold client software provides off-line storage of assigned keys and direct on-site loading to Fill Devices.

CARDS is deployed around the world in these locations:

Ultra supports your COMSEC security operations with training and services to deploy the best CARDS solution for the mission.


Remote Cryptographic Management System (RCMS)

RCMS provides over the network rekey (black key) of COMSEC equipment at remote unmanned sites. Ultra Key Management (UKM) software controls central operation and distribution of multiple RCMs performing DS-101 key loads.

  • MIDS-LVT and MIDS-JTRS Link 16 radio support
  • Legacy and Block Upgrade 2 (BU2) black key formats
  • Intuitive mission planner allows for a single operator initiating vital tasks

UKM is a user-friendly mission planner enabling a single operator to perform the following important tasks: receiving key, zeroizing key locally and remotely, initiating rekey operations and providing a COMSEC account for the black keys; and the management of several remote sites from the central site.

Cyber Solutions from Ultra

Contact us

Sign up for download access

Please submit your details below to access our downloads.

I'm happy for you to contact me

View our privacy policy
Not now