Crypto devices

cryptlib has now moved to GitHub, these pages are no longer being updated.

In addition to its built-in capabilities, cryptlib can make use of the crypto capabilities of a variety of external crypto devices such as:
  • Hardware crypto accelerators
  • PKCS #11 devices
  • Crypto smart cards
  • Hardware Security Modules (HSMs)
  • PCI crypto cards
  • Dallas iButtons
  • Datakeys/iKeys
  • PCMCIA crypto tokens
  • Trusted Plaform Modules (TPMs)
  • USB tokens
These devices will be used by cryptlib to handle functions such as key generation and storage, certificate creation, digital signatures, and message en-and decryption. Typical applications include:
  • Running a certification authority inside tamper-resistant hardware
  • Smart-card based digital signatures
  • Message encryption/decryption in secure hardware
cryptlib manages any device-specific interfacing requirements so that the programming interface for any crypto device is identical to cryptlib's native interface, allowing existing applications that use cryptlib to be easily and transparently migrated to using crypto devices. The ability to mix and match crypto devices and the software-only implementation allows appropriate tradeoffs to be chosen between flexibility, cost, and security.