SafeNet, The Foundation of Information Security
 
 
Language: English English Japanese Chinese Chinese Spanish Portuguese
sample image
Luna CA3
Ensure the integrity of your information.

ProtectToolkit M - Cryptographic API

ProtectToolKit M enables users to:

  • Easily integrate Hardware Security Modules - HSMs with the leading software applications of the most important global and regional software vendors that implement security solutions to Microsoft Cryptographic API (MS CAPI) standards
  • "Harden" Microsoft Certificate Services (PKI) and Information Security Server (IIS), with no-compromise, HSM-based root key and SSL Web Server private key protection
  • Securely generate, store and use cryptographic keys within the secure environment of a FIPS 140 certified HSM, avoiding the risk of exposing sensitive keys as clear text in working memory when performing cryptographic operations
  • Speed-up CPU intensive cryptographic operations that typically impede host server performance. ProtectToolKit M enables cryptographic processing to be off-loaded to dedicated HSMs removing processing bottlenecks and relieving the Microsoft based host application to concentrate on other critical application processing tasks
  • Benefit from stronger security through support of higher key lengths (up to 4096 bit RSA) compared to the default Microsoft “Base”, "Strong", or "Enhanced” cryptographic providers, which offer maximum 1024-bit RSA security

CryptoAPI (MS CAPI) is Microsoft’s Cryptographic Application Programming Interface containing functions that allow Windows-based applications to encrypt or digitally sign data in a flexible manner whilst providing protection for the user's sensitive private key data. Independent modules known as cryptographic service providers (CSPs) perform all cryptographic operations and form the cornerstone for Microsoft based PKI cryptographic services.

Seamless out-of-the-box integration

As a plug-in CSP, ProtectToolKit M seamlessly adds the hardware-based physical and logical security of an SafeNet Inc's Hardware Security Module - HSM to CryptoAPI compliant Windows applications. Integration requires only the installation of the SafeNet HSM and selection of the “SafeNet CSP” Provider via the configuration setup of the Windows application.

Windows GUI based key management and device management utilities simplify the process of integration and deployment.

SafeNet constantly monitors, tests and upgrades its CSP to ensure its interoperability and integration with the leading CryptoAPI enabled Windows applications and third party integrations. This ensures an extensive suite of technologies are available, such as Microsoft PKI, IIS, and ISA Server, and third party applications utilizing these technology’s. For example, ProtectToolkit M is compliant with the latest version of the Windows 2003 PKI, providing seamless support for extended features such as Microsoft’s key recovery scheme.

Accelerate development of customized applications

Due to the two-layer MS CAPI architecture, integration of cryptographic services into Windows applications by software developers occurs on the external CryptoAPI level. Being an internal CSP, ProtectToolkit M is not directly accessible and hence shielded from the developers.

Therefore, the entire cryptographic development environment, including APIs, tools, sample code and documentation needed to develop MS CAPI applications is provided directly by Microsoft as part of their standard Windows Operating System environment and additional development facilities, e.g. MSDN. Developers already familiar with Microsoft MS CAPI development experience no additional learning curve and are immediately productive.

Enhanced system security and processing performance

The strength of a cryptosystem is dependent on the storage and management of the cryptographic keys. All keys within the Microsoft CAPI are saved within a CSP key database generally located within software on a host server. ProtectToolKit M allows Windows-based applications that call the Microsoft CryptoAPI (CAPI) to integrate with SafeNet's HSMs to achieve the highest levels of physical and logical secure key storage.

The dedicated Digital Cipher Processor within the HSM off-loads CPU intensive cryptographic processing from the host-server facilitating an increase in overall system performance. This is achieved using ProtectToolKit M’s “RSA FULL” and “RSA SChannel” CSP in place of the corresponding Microsoft CSPs.

Coexistence with other SafeNet ProtectToolkit APIs

ProtectToolkit M is a member of SafeNet's family of standard-compliant cryptographic providers for its suite of “Open API” HSM products and co-exists perfectly with another SafeNet API on the same HSM. All standards-compliant SafeNet APIs share a common suite of administration and management tools, decoupled from the specific cryptographic API implementation and HSM platform type, evidence of SafeNet's modular Transaction Security framework.

HSM Platform Options
Arrow Contact Us
Request Information
Technical Support
General Contact
Find a Partner
 
ProtectToolkit M
Related Documents
Cryptographic APIs
     Company | Site Map | Privacy Statement | Contact Us | Send Feedback | Terms & Conditions of Sale
     © 2008 SafeNet Inc. All rights reserved. | Use of this website signifies your agreement to the Terms of Use.