CNG Provider - Available Key Storage Providers in Windows
This chapter describes Microsoft Base Cryptographic Providers
The Microsoft Base Cryptographic Provider is a foundational provider in CryptoAPI, offering basic cryptographic services. It supports essential algorithms such as RSA (up to 512 bits), RC2, RC4 (40 bits), and DES (56 bits). While its key lengths and algorithms are limited, it ensures compatibility with legacy applications and systems. This provider is designed for simple cryptographic operations, making it suitable for applications with minimal security requirements.
Microsoft Enhanced Cryptographic Provider
The Microsoft Enhanced Cryptographic Provider (Enhanced Provider) extends the capabilities of the Microsoft Base Cryptographic Provider (Base Provider). It offers stronger security by using longer keys and more algorithms. This provider works with all versions of CryptoAPI.
Key Features
- Stronger Keys and Algorithms:
- RSA: Supports up to 1024 bits for both signature and key exchange.
- RC2 and RC4: Allows up to 128 bits, with adjustable salt lengths.
- Triple DES: Provides 112-bit (2 key) and 168-bit (3 key) support.
- Versioning:
- Default provider name:
MS_ENHANCED_PROV(keeps version 1.0 for compatibility). - Current version: 2.0 (can be identified using
CryptGetProvParamwithPP_VERSION, which returns0x0200).
- Default provider name:
Comparison of Key Lengths:
| Algorithm | Base Provider | Enhanced Provider |
|---|---|---|
| RSA (signature & exchange) | 512 bits | 1024 bits |
| RC2/RC4 (block/stream cipher) | 40 bits | 128 bits |
| DES | 56 bits | 56 bits |
| Triple DES (2-key/3-key) | Not supported | 112 / 168 bits |
Compatibility:
- The Enhanced Provider and Strong Provider are backward-compatible with the Base Provider.
- They cannot generate RC2 or RC4 keys with 40-bit lengths (the default for the Base Provider), but they can import and use such keys.
The Enhanced Provider offers better security while maintaining compatibility with legacy systems.
CNG Key Storage Providers (KSPs)
The Cryptography API: Next Generation (CNG) separates cryptographic providers from key storage providers (KSPs), unlike the older CryptoAPI. KSPs manage keys for creation, storage, export, import, and usage. Depending on how they are implemented, KSPs can also handle tasks like asymmetric encryption, secret agreement, and signing. Windows includes the following built-in KSPs, but vendors can also create custom providers.
Microsoft Software Key Storage Provider
Supports software-based key creation and storage with the following algorithms:
| Algorithm | Purpose | Key Length (bits) |
|---|---|---|
| Diffie-Hellman (DH) | Secret agreement, key exchange | 512 to 4096 (64-bit increments) |
| Digital Signature Algorithm (DSA) | Signatures | 512 to 1024 (64-bit increments |
| Elliptic Curve Diffie-Hellman (ECDH) | Secret agreement, key exchange | P256, P384, P521 |
| Elliptic Curve Digital Signature Algorithm (ECDSA) | Signatures | P256, P384, P521 |
| RSA | Asymmetric encryption, signing | 512 to 16384 (64-bit increments) |
Microsoft Smart Card Key Storage Provider
| Algorithm | Purpose | Key Length (bits) |
|---|---|---|
| Diffie-Hellman (DH) | Secret agreement, key exchange | 512 to 4096 (64-bit increments) |
| Elliptic Curve Diffie-Hellman (ECDH) | Secret agreement, key exchange | P256, P384, P521 |
| Elliptic Curve Digital Signature Algorithm (ECDSA) | Signatures | P256, P384, P521 |
| RSA | Asymmetric encryption, signing | 512 to 16384 (64-bit increments) |
Summary
CNG KSPs offer flexibility and improved security for managing cryptographic keys:
- Microsoft Software KSP: Suitable for software-based cryptographic keys.
- Microsoft Smart Card KSP: Designed for hardware-backed cryptographic operations that use smart cards.
- Custom KSPs: Allows vendors to extend functionality by creating additional key storage providers.
These KSPs support strong cryptographic processes while following modern security standards.
Supported Key Algorithms in CNG Provider
Due to compatibility limitations between OpenSSL and Windows CNG, not all algorithms supported by the platforms are available in the CNG provider.
| Curve Name | OID | Bits | Supported by Microsoft CNG | Supported by OpenSSL | Status | Implemented |
|---|---|---|---|---|---|---|
| nistP256 / prime256v1 | 1.2.840.10045.3.1.7 | 256 | Yes | Yes | Modern (Recommended) | Yes |
| nistP384 / secp384r1 | 1.3.132.0.34 | 384 | Yes | Yes | Modern (Recommended) | Yes |
| nistP521 / secp521r1 | 1.3.132.0.35 | 521 | Yes | Yes | Modern (Recommended) | Yes |
| brainpoolP256r1 | 1.3.36.3.3.2.8.1.1.7 | 256 | Yes | Yes | Modern (Optional) | Implemented but not currently supported for use in OpenSSL version 3.0.15 |
| brainpoolP384r1 | 1.3.36.3.3.2.8.1.1.11 | 384 | Yes | Yes | Modern (Optional) | Implemented but not currently supported for use in OpenSSL version 3.0.15 |
| brainpoolP512r1 | 1.3.36.3.3.2.8.1.1.13 | 512 | Yes | Yes | Modern (Optional) | Implemented but not currently supported for use in OpenSSL version 3.0.15 |
Supported RSA Algorithms
| Algorithm | Key Size | Supported by Microsoft CNG | Supported by OpenSSL | Status | Implemented |
|---|---|---|---|---|---|
| RSA-2048 | 2048 bits | Yes | Yes | Modern (Recommended) | Yes |
| RSA-3072 | 3072 bits | Yes | Yes | Modern (Recommended for Long-term) | Yes |
| RSA-4096 | 4096 bits | Yes | Yes | Modern (High Security) | Yes |
| RSA-512 | 512 bits | Yes (Deprecated) | Yes (Deprecated) | Legacy (Insecure) | Yes, but forbidden for use by OpenSSL due to low security. |
| RSA-1024 | 1024 bits | Yes (Deprecated) | Yes (Deprecated) | Legacy (Insecure) | Yes |
| RSA-1536 | 1536 bits | Yes (Deprecated) | Yes | Legacy (Insecure) | Yes |
| RSA-8192 | 8192 bits | Yes | Yes | Modern (Optional, High Security) | Yes |