Skip Navigation

The Luna G5 for Government is a small form factor HSM that is widely used by government agencies for data, applications and digital identities to reduce risk and ensure regulatory compliance.  Derived from industry-leading technology, the FIPS 140-2 certified Luna G5 for Government is manufactured, sold, and supported exclusively by Thales TCT.

Luna G5 for Government delivers industry leading key management in a small and portable form factor. All key material is maintained exclusively within the confines of the hardware. The small form-factor and offline key storage capability sets the product apart, making it especially attractive to customers with business critical keys that need to physically detach and store the HSM in a secure offline environment.

Tamper Recovery Role

The Luna G5 for Government features sophisticated tamper detection and response circuitry to automatically zeroize internal keys in the event of an attempted attack on the HSM. Balancing this extreme security posture with end user ease of use concerns, the Luna G5 for Government includes a capability for properly authenticated security officers to recover from an inadvertent tamper event and quickly put the HSM back into its usable state without the loss of any keys or sensitive data.

Secure Transport Mode
The G5 tamper response circuits have also allowed the introduction of a secure transport mode. Security Officers use the device’s tamper recovery role keys to cryptographically lock down the HSM prior to transporting the device.

Cryptographic Capabilities
Luna G5  for Government supports a broad range of asymmetric key encryption and key exchange capabilities, as well as support for all standard symmetric encryption algorithms. It also supports all standard hashing algorithms and message authentication codes (MAC). The Luna G5 for Government also supports ECC key pairs for use in Suite B applications that require a permanent, factory generated digital ID.

Luna G5 for Government Performance and Scalability

• RSA-1024 200 tps
• RSA-2048 63 tps
• ECC P256 43 tps
• AES-GCM 71 tps

  • Features and Benefits

    Most Secure

    • Keys in hardware
    • Remote management
    • Secure transport mode for high-assurance delivery
    • Multi-level access control
    • Multi-part splits for all access control keys
    • Intrusion-resistant, tamper- evident hardware
    • Suite B algorithm support
    • Secure decommission
    • Secure audit logging
    • Strongest cryptographic algorithms

    Sample Applications

    • PKI key generation & key storage (online CA keys & offline CA keys)
    • Certificate validation & signing
    • Document signing
    • Transaction processing
    • Database encryption
    • Smart card issuance
  • Technical Specifications

    Operating System

    • Windows, Linux

    Cryptographic APIs

    • PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL


    • Full Suite B support
    • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
    • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
    • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
    • Random Number Generation

    Physical Characteristics

    • Dimensions: 8.5” x 6.7” x 1.7”
    • Power Consumption: 12W maximum, 8W typical
    • Temperature: operating 0°C – 50°C

    Security Certifications

    • FIPS 140-2 Level 2 and Level 3 Validation

    Safety and Environmental Compliance

    • UL, CSA, CE
    • FCC, KC Mark, VCCI, CE
    • RoHS, WEEE

    Host Interface

    • USB 2.0


    • Mean Time Between Failure (MTBF) 858,824 hours
  • Resources
    Luna G5 for Government Product Brief
    Product overview with technical features and specifications.

    Download Now

    Thales TCT Luna HSM Family Brochure
    Product family  overview with technical features and specifications.

    Download Now

    Roots of Trust: Five Things You Must Know
    The term Root of Trust (RoT) is commonly used in information security circles, but what does it mean? Why do we care? How does it apply to cryptographic controls? Modern computer systems are incredibly powerful and flexible. They can be molded to accomplish things that were unimaginable a mere decade ago. This same property makes them almost impossible to control and all too easy for malicious actors to find ways to disrupt them. To counter these threats, security experts have resorted to a wide range of cryptographic tools, and for these tools to function they need a trust worthy beginning.

    Download Now

    Best Practices for Cryptographic Key Management
    Once data is encrypted, the only way to gain access is by decrypting or unlocking secret content using the key. Haphazardly protecting these keys negates the entire process of encryption and creates a false sense of security. This white paper outlines best practices for deploying an effective cryptographic key management strategy.

    Download Now




This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.