CryptoAPI Cryptographic Service Providers

Providers associated with Cryptography API (CryptoAPI) are called cryptographic service providers (CSPs) in this documentation. CSPs typically implement cryptographic algorithms and provide key storage. Providers associated with CNG, on the other hand, separate algorithm implementation from key storage. The following Microsoft CSPs are distributed with Windows Vista and Windows Server 2008.

Microsoft Base Cryptographic Provider v1.0

Implements the following algorithms to hash, sign, and encrypt content.

NameUseType Key size (Default/Min/Max)
Data Encryption Standard (DES)EncryptionBlock56/56/56
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 2 (MD2)HashingAny128/128/128
Message Digest 4 (MD4)HashingAny128/128/128
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock40/40/56
RSA Data Security 4 (RC4)EncryptionBlock40/40/56
RSA Key ExchangeKey exchangeRSA512/384/1024
RSA SignatureSigningRSA512/384/16384
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288

 

Microsoft Base DSS and Diffie-Hellman Cryptographic Provider

Implements the following algorithms to support hashing, signing, encryption, and Diffie-Hellman key exchange.

NameUseTypeKey size (Default/Min/Max)
CYLINK Message Encryption AlgorithmEncryptionBlock40/40/40
Data Encryption Standard (DES)EncryptionBlock56/56/56
Diffie-Hellman Key Exchange AlgorithmKey exchangeDiffie-Hellman512/512/1024
Diffie-Hellman Ephemeral AlgorithmKey exchangeDiffie-Hellman512/512/1024
Digital Signature Algorithm (DSA)SigningDSS1024/512/1024
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock40/40/56
RSA Data Security 4 (RC4)EncryptionStream40/40/56
Secure Hash Algorithm (SHA1)HashingAny160/160/160

 

Microsoft Base DSS Cryptographic Provider

Implements the following algorithms to sign and hash content:

NameUseTypeKey size (Default/Min/Max)
Digital Signature Algorithm (DSA)SigningDSS1024/512/1024
Message Digest 5 (MD5)HashingAny128/128/128
Secure Hash Algorithm (SHA1)HashingAny160/160/160

 

Microsoft Base Smart Card Crypto Provider

Supports smart cards and implements the following algorithms to hash, sign, and encrypt content.

NameUseTypeKey size (Default/Min/Max)
Advanced Encryption Standard 128 (AES128)EncryptionBlock128/128/128
Advanced Encryption Standard 192 (AES192)EncryptionBlock192/192/192
Advanced Encryption Standard 256 (AES256)EncryptionBlock256/256/256
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 2 (MD2)HashingAny128/128/128
Message Digest 4 (MD4)HashingAny128/128/128
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/40/128
RSA Data Security 4 (RC4)EncryptionStream128/40/128
RSA Key ExchangeKey exchangeRSA1024/1024/4096
RSA SignatureSigningRSA1024/1024/4096
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Secure Hash Algorithm 256 (SHA256)HashingAny256/256/256
Secure Hash Algorithm 384 (SHA384)HashingAny384/384/384
Secure Hash Algorithm 512 (SHA512)HashingAny512/512/512
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288

 

Microsoft DH Schannel Cryptographic Provider

Supports the Secure Channel (Schannel) security package which implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) authentication protocols. This CSP also supports Diffie-Hellman key exchange and implements the following algorithms.

NameUseTypeKey size (Default/Min/Max)
CYLINK Message Encryption AlgorithmEncryptionBlock40/40/40
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Diffie-Hellman Key Exchange AlgorithmKey exchangeDiffie-Hellman512/512/4096
Diffie-Hellman Ephemeral AlgorithmKey exchangeDiffie-Hellman512/512/4096
Digital Signature Algorithm (DSA)SigningDSS1024/512/1024
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock40/40/128
RSA Data Security 4 (RC4)EncryptionStream40/40/128
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Schannel Encryption KeyEncryptionSchannel0/0/-1
Schannel MAC KeyEncryption/HashingSchannel0/0/-1
Schannel Master HashEncryption/HashingSchannel0/0/-1
Secure Sockets Layer (SSL3) MasterEncryptionSchannel384/384/384
Transport Layer Security (TLS1) MasterEncryptionSchannel384/384/384

 

Microsoft Enhanced Cryptographic Provider v1.0

Provides stronger security than the Microsoft Base Cryptographic Provider v1.0 by using longer keys with some of the existing algorithms and by implementing additional algorithms.

NameUseTypeKey size (Default/Min/Max)
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
EncryptionBlock168/168/168
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 2 (MD2)HashingAny128/128/128
Message Digest 4 (MD4)HashingAny128/128/128
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/40/128
RSA Data Security 4 (RC4)EncryptionStream128/40/128
RSA Key ExchangeKey exchangeRSA1024/384/16384
RSA SignatureSigningRSA1024/384/16384
Secure Hash Algorithm (SHA1HashingAny160/160/160
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288

 

Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider

Provides stronger security than the Microsoft Base DSS and Diffie-Hellman Cryptographic Provider CSP by using longer keys with some of the existing algorithms and by implementing additional algorithms.

NameUseTypeKey size (Default/Min/Max)
CYLINK Message Encryption AlgorithmEncryptionBlock40/40/40
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Diffie-Hellman Key Exchange AlgorithmKey exchangeDiffie-Hellman1024/512/4096
Diffie-Hellman Ephemeral AlgorithmKey exchangeDiffie-Hellman1024/512/4096
Digital Signature Algorithm (DSA)SigningDSS1024/512/1024
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/128/128
RSA Data Security 4 (RC4)EncryptionStream128/128/128
Secure Hash Algorithm (SHA1)HashingAny160/160/160

 

Microsoft Enhanced RSA and AES Cryptographic Provider

Implements the following algorithms to sign, encrypt, and hash content.

NameUseType Key size (Default/Min/Max)
Advanced Encryption Standard 128 (AES128)EncryptionBlock128/128/128
Advanced Encryption Standard 192 (AES192)EncryptionBlock192/192/192
Advanced Encryption Standard 256 (AES256)EncryptionBlock256/256/256
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 2 (MD2)HashingAny128/128/128
Message Digest 4 (MD4)HashingAny128/128/128
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/128/128
RSA Data Security 4 (RC4)EncryptionStream128/128/128
RSA Key ExchangeKey exchangeRSA1024/384/16384
RSA SignatureSigningRSA1024/384/16384
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Secure Hash Algorithm (SHA256)HashingAny256/256/256
Secure Hash Algorithm (SHA384)HashingAny384/384/384
Secure Hash Algorithm (SHA512)HashingAny512/512/512
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288

 

Microsoft RSA Schannel Cryptographic Provider

Supports the RSA Secure Channel (Schannel) security package which implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) authentication protocols.

NameUseTypeKey size (Default/Min/Max)
Advanced Encryption Standard 128 (AES128)EncryptionBlock128/128/128
Advanced Encryption Standard 256 (AES256)EncryptionBlock256/256/256
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/128/128
RSA Data Security 4 (RC4)EncryptionStream128/128/128
RSA Key ExchangeKey exchangeRSA1024/384/16384
Schannel Encryption KeyEncryptionSchannel0/0/-1
Schannel Master HashEncryption/HashingSchannel0/0/-1
Schannel MAC KeyEncryption/HashingSchannel0/0/-1
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Secure Socket Layer 2 (SSL2) MasterEncryptionSchannel40/40/192
Secure Socket Layer 3 (SSL3) MasterEncryptionSchannel384/384/384
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288
Transport Layer Security (TLS1) MasterEncryptionSchannel384/384/384

 

Microsoft Strong Cryptographic Provider

Implements the following algorithms.

NameUseTypeKey size (Default/Min/Max)
Data Encryption Standard (DES)EncryptionBlock56/56/56
Two Key Triple DESEncryptionBlock112/112/112
Three Key Triple DESEncryptionBlock168/168/168
Hashed Message Authentication Checksum (HMAC)HashingAny0/0/0
Message Authentication Checksum (MAC)HashingAny0/0/0
Message Digest 2 (MD2)HashingAny128/128/128
Message Digest 4 (MD4)HashingAny128/128/128
Message Digest 5 (MD5)HashingAny128/128/128
RSA Data Security 2 (RC2)EncryptionBlock128/40/128
RSA Data Security 4 (RC4)EncryptionStream128/40/128
RSA Key ExchangeKey exchangeRSA1024/384/16384
RSA SignatureSigningRSA1024/384/16384
Secure Hash Algorithm (SHA1)HashingAny160/160/160
Secure Socket Layer 3 SHA and MD5 (SSL3 SHAMD5)HashingAny288/288/288

 

Related topics

Understanding Cryptographic Providers

 

 

Community Additions

ADD
Show:
© 2014 Microsoft