 | This articlemay beconfusing or unclear to readers. Please helpclarify the article. There might be a discussion about this onthe talk page.(January 2009) (Learn how and when to remove this message) |
The Microsoft Windows platform specificCryptographic Application Programming Interface (also known variously asCryptoAPI,Microsoft Cryptography API,MS-CAPI or simplyCAPI) is anapplication programming interface included withMicrosoft Windowsoperating systems that provides services to enable developers to secure Windows-based applications usingcryptography. It is a set ofdynamically linked libraries that provides anabstraction layer which isolates programmers from the code used to encrypt the data. The Crypto API was first introduced inWindows 95 OSR2[1] andWindows NT 4.0[2] and enhanced in subsequent versions.
CryptoAPI supports bothpublic-key andsymmetric key cryptography, though persistent symmetric keys are not supported. It includes functionality for encrypting and decrypting data and forauthentication usingdigital certificates. It also includes acryptographically secure pseudorandom number generator functionCryptGenRandom.
CryptoAPI works with a number of CSPs (Cryptographic Service Providers) installed on the machine. CSPs are the modules that do the actual work of encoding and decoding data by performing the cryptographic functions. Vendors ofHSMs may supply a CSP which works with their hardware.
Windows Vista features an update to the Crypto API known asCryptography API: Next Generation (CNG). It has better API factoring to allow the same functions to work using a wide range of cryptographic algorithms, and includes a number of newer algorithms that are part of theNational Security Agency (NSA)Suite B.[3] It is also flexible, featuring support for plugging custom cryptographic APIs into the CNG runtime. However, CNG Key Storage Providers still do not support symmetric keys.[4] CNG works in bothuser andkernel mode, and also supports all of the algorithms from the CryptoAPI. The Microsoft provider that implements CNG is housed in Bcrypt.dll.
CNG also supportselliptic curve cryptography which, because it uses shorter keys for the same expectedlevel of security, is more efficient than RSA.[5] The CNG API integrates with thesmart card subsystem by including a Base Smart Card Cryptographic Service Provider (Base CSP) module which encapsulates the smart card API. Smart card manufacturers just have to make their devices compatible with this, rather than provide a from-scratch solution.
CNG also adds support forDual_EC_DRBG,[6] apseudorandom number generator defined inNIST SP 800-90A that could expose the user to eavesdropping by theNational Security Agency since it contains akleptographic backdoor, unless the developer remembers to generate new base points with a different cryptographically secure pseudorandom number generator or atrue random number generator and then publish the generated seed in order to remove the NSA backdoor. It is also very slow.[7] It is only used when called for explicitly.
CNG also replaces the default PRNG withCTR_DRBG using AES as the block cipher, because the earlier RNG which is defined in the now superseded FIPS 186-2 is based on eitherDES orSHA-1, both which have been broken.[8] CTR_DRBG is one of the two algorithms in NIST SP 800-90 endorsed bySchneier, the other being Hash_DRBG.[7]