Microsoft Cryptographic Service Providers

Article
01/07/2021

The following cryptographic service providers (CSP) are currently available from Microsoft.

Provider	Description
Microsoft Base Cryptographic Provider	A broad set of basic cryptographic functionality that can be exported to other countries or regions.
Microsoft Strong Cryptographic Provider	An extension of the Microsoft Base Cryptographic Provider available with Windows XP and later.
Microsoft Enhanced Cryptographic Provider	Microsoft Base Cryptographic Provider with through longer keys and additional algorithms.
Microsoft AES Cryptographic Provider	Microsoft Enhanced Cryptographic Provider with support for AES encryption algorithms.
Microsoft DSS Cryptographic Provider	Provides hashing, data signing, and signature verification capability using the Secure Hash Algorithm (SHA) and Digital Signature Standard (DSS) algorithms.
Microsoft Base DSS and Diffie-Hellman Cryptographic Provider	A superset of the DSS Cryptographic Provider that also supports Diffie-Hellman key exchange, hashing, data signing, and signature verification using the Secure Hash Algorithm (SHA) and Digital Signature Standard (DSS) algorithms.
Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider	Supports Diffie-Hellman key exchange (a 40-bit DES derivative), SHA hashing, DSS data signing, and DSS signature verification.
Microsoft DSS and Diffie-Hellman/Schannel Cryptographic Provider	Supports hashing, data signing with DSS, generating Diffie-Hellman (D-H) keys, exchanging D-H keys, and exporting a D-H key. This CSP supports key derivation for the SSL3 and TLS1 protocols.
Microsoft RSA/Schannel Cryptographic Provider	Supports hashing, data signing, and signature verification. The algorithm identifier CALG_SSL3_SHAMD5 is used for SSL 3.0 and TLS 1.0 client authentication. This CSP supports key derivation for the SSL2, PCT1, SSL3 and TLS1 protocols.
Microsoft RSA Signature Cryptographic Provider	Provides data signing and signature verification.