Cryptographic Service Provider

from Wikipedia, the free encyclopedia

Cryptographic Service Provider ( CSP ), components ( software / libraries ) of Windows - operating systems from Microsoft . Each CSP implements functions of the Microsoft Cryptographic API (MS-CryptoAPI) . This API provides programs cryptographic functions to encrypt and decrypt (Engl. Encrypt and decrypt ) data and strong authentication with digital certificates and secure generation of (pseudo) random numbers to. Examples of use are the encryption and decryption of e-mails or logging into systems with smart cards .

CSPs as a special variant of dynamic link libraries implemented . A CSP DLL requires a digital signature from Microsoft. When loading, the validity of the signature is checked (validated) by the operating system.

In addition, the CSP is continuously monitored for changes caused by malware after it has been loaded into the main memory .

In order to apply for a signature, it is necessary to make appropriate declarations about compliance with various requirements, but Microsoft does not check the source code .

Up until now, Microsoft has processed and issued the signature free of charge.

Due to government restrictions in the USA, all export versions (for use outside the USA) are limited to a 512-bit RSA public key and symmetrical 40-bit encryption.

In addition to CSPs with basic cryptographic algorithms (e.g. RSA ), the cryptographic functions can also extend to a chip card (smart card).

A Smart Card CSP represents the Microsoft counterpart to the Public Key Cryptography Standard # 11 and enables it to be used as an intermediate application for the use of chip cards.

Smart Card CSP

A smart card CSP is adapted to specific chip card operating systems and applies file and security structures to these, ideally in accordance with PKCS # 15. Since PKCS # 11 is more powerful than the CSP interface, many CSPs are based on a PKCS # 11.

Windows identifies the CSP to be used for a chip card via the answer to reset of the card, as this is entered in the registry .

Microsoft has been making its own Base Smart Card CSP available since autumn 2005 , which basically represents another more specific interface of this type.

This Base Smart Card CSP contains interface information for some widely used smart cards. Some chip cards can therefore be used with the Windows NT , Windows 2000 and Windows XP operating systems without the use of additional middleware . However, the Windows Vista operating system contains a different Base Smart Card CSP and therefore does not support the same chip cards.

Web links