Basics: Cryptographic Service Provider (CSP) and Key Storage Provider (KSP)

Author Uwe GradeneggerPosted on Categories Certificate usageTags , , , , , ,

Since Windows NT 4.0, the Cryptographic Service Provider (CSP) has been part of the CryptoAPI.

The purpose is that an application does not have to worry about the concrete implementation of key management, but can leave this to generic operating system interfaces. It is also intended to prevent cryptographic keys from being loaded into memory in the security context of the user/application being used (a fatal security incident based precisely on this problem was the Heartbleed incident).

For example, it makes no technical difference to the certification authority software how its private key is protected - whether in software or with a hardware security module (HSM), for example. The call of the private key is always identical for the certification authority.

With Windows Vista and the introduction of Cryptography Next Generation (CNG) as a replacement for CryptoAPI, Key Storage Providers (KSP) were introduced.

Introduction

Key storage provider benefits include:

  • Key isolation. Keys can be used without leaving the KSP (important for use of keys stored in hardware).
  • Auditability of key accesses (see event no. 5058 and 5059).
  • Support for modern Algorithms like SHA2 and on elliptic curves based key.

Hardware manufacturers can develop their own CSP or KSP to provide access to their products. This is often the case with Hardware security modules (HSM, such as from SafeNet or Utimaco) or smartcards (from Gemalto or Yubico, for example).

Storage Locations

This refers to the storage locations of the private keys. Public keys are part of the associated certificates.

AreaCryptoAPI / CSPCNG / CSP
User%AppData%\Microsoft\Crypto\RSA\{User-SID}
%AppData%\Microsoft\Crypto\DSA\{User-SID}		%AppData%\Microsoft\Crypto\Keys
Local system%AllUsersProfile%\Application Data\Microsoft\Crypto\RSA\S-1-5-18
%AllUsersProfile%\Application Data\Microsoft\Crypto\DSA\S-1-5-18		%AllUsersProfile%\Application Data\Microsoft\Crypto\SystemKeys
Local service%AllUsersProfile%\Application Data\Microsoft\Crypto\RSA\S-1-5-19
%AllUsersProfile%\Application Data\Microsoft\Crypto\DSA\S-1-5-19		%WinDir%\ServiceProfiles\LocalService
Network service%AllUsersProfile%\Application Data\Microsoft\Crypto\RSA\S-1-5-20
%AllUsersProfile%\Application Data\Microsoft\Crypto\DSA\S-1-5-20		%WinDir%\ServiceProfiles\NetworkService
All users%AllUsersProfile%\Application Data\Microsoft\Crypto\RSA\MachineKeys
%AllUsersProfile%\Application Data\Microsoft\Crypto\DSA\MachineKeys		%AllUsersProfile%\Application Data\Microsoft\Crypto\Keys
Source: Microsoft Windows Server 2008 PKI and Certificate Security. Brian Komar, 2008

Overview of the providers available in the Windows system

The following is an overview of KSP and CSP present on a modern Windows system.

Key Storage Provider

ProviderNotes
Microsoft Passport Key Storage ProviderUsed by Windows Hello for Business, among others. Can store keys transparently either in software or (if available) in a Trusted Platform Module (TPM).
Microsoft Platform Crypto ProviderCan key in a Trusted Platform Module (TPM) store. Does not support all CNG algorithms due to restrictions in the respective TPM standard. ECC key when requested via a certificate template only possible as of Windows 10 21H2 or Windows 11.
Microsoft Smart Card Key Storage ProviderGeneric provider to store keys in a Smartcard to store. Supported by many smart card manufacturers. Support for certain algorithms depends on the smartcard used, e.g. the Microsoft virtual smartcard does not support ECC keys.
Microsoft Software Key Storage ProviderGeneric provider to store keys in software. Supports all existing algorithms for certificates in the Windows ecosystem. Should be the minimum standard.

Cryptographic Service Provider

Among the listed CSP, the following can be used to generate RSA keys up to 16384 bit key size:

  • Microsoft Base Cryptographic Provider v1.0
  • Microsoft Base Smart Card Crypto Provider (maximum 2048 bit key size)
  • Microsoft Enhanced Cryptographic Provider v1.0
  • Microsoft Enhanced RSA and AES Cryptographic Provider
  • Microsoft RSA SChannel Cryptographic Provider (not for signature-only keys)
  • Microsoft Strong Cryptographic Provider
ProviderNotes
Microsoft Base Cryptographic Provider v1.0Should no longer be used if possible.
Microsoft Base DSS and Diffie-Hellman Cryptographic ProviderCannot be used for the generation of RSA keys.
Should no longer be used if possible.
Microsoft Base DSS Cryptographic ProviderCannot be used for the generation of RSA keys.
Microsoft Base Smart Card Crypto ProviderGeneric provider to store keys in a Smartcard to save.
Maximum key length limited to 2048 bits.
Should no longer be used if possible.
Microsoft DH SChannel Cryptographic ProviderCannot be used for the generation of RSA keys.
Microsoft Enhanced Cryptographic Provider v1.0Should no longer be used if possible.
Microsoft Enhanced DSS and Diffie-Hellman Cryptographic ProviderCannot be used for the generation of RSA keys.
Microsoft Enhanced RSA and AES Cryptographic ProviderShould no longer be used if possible.
Microsoft RSA SChannel Cryptographic ProviderSupports the SChannel Security Package and AES with up to 256 bit key length. Should therefore be used for TLS/SSL (e.g. Web server, Remote Desktop) can be used if no key storage provider is possible. Default setting for web server and CEP Encryption certificate templates.
Microsoft Strong Cryptographic ProviderShould no longer be used if possible.

Use of Key Storage Providers

The usability of Key Storage Providers in a certificate template is released by setting the compatibility of the certification authority and the requesting clients to at least Windows Vista / Windows Server 2008. This raises the certificate template to version 3 and it can no longer be used by older operating systems.

See also the following articles:

Am I free to choose the provider when configuring my certificate template?

No, the use of the provider depends not only on its cryptographic capabilities but also on whether the application can use it. For example, operating systems prior to Windows Vista are not capable of using key storage providers. The Microsoft Platform Crypto Provider for example, does not support all algorithms.

Likewise, some applications still rely on the use of a CSP today. A prominent example is the Network Device Registration Service (NDES), as well as the associated connector for Microsoft Intune.

See also the following articles:

Do I necessarily have to use a key storage provider?

It can be considered best practice to use a Key Storage Provider instead of a Cryptographic Service Provider wherever possible and to ensure that self-developed applications are compatible with them.

How can I view the providers installed on the system?

The providers present on a system can be listed with the following command:

certutil -csplist

Via Windows PowerShell, listing is possible using the ICSPInformation COM object possible:

$KspList = New-Object -ComObject 'X509Enrollment.CCspInformations'
$KspList.AddAvailableCsps()
$KspList | Select-Object -Property Name

How can I find out which provider a particular certificate uses?

There is a "certutil" command for this. The corresponding certificate is identified by its SHA1 checksum (also called thumbprint).

For the computer certificate store:

certutil -verifystore my {Thumbprint}

For the certificate store of the currently logged in user:

certutil -user -verifystore my {Thumbprint}

How can I list the keys protected by a particular provider?

There is also a "certutil" command for this:

For the computer certificate store:

certutil -csp "{CSPName}" -key

For the certificate store of the currently logged in user: 

certutil -user -csp "{CSPName}" -key

Related links:

External sources

26 thoughts on “Grundlagen: Cryptographic Service Provider (CSP) und Key Storage Provider (KSP)”

  1. Pingback: Configuring a Secure Socket Layer (SSL) Certificate Template for Web Server - Uwe Gradenegger
  2. Pingback: Using Your Own Registration Authority (RA) Certificate Templates for the Network Device Enrollment Service (NDES) - Uwe Gradenegger
  3. Pingback: Configuring a certificate template for Remote Desktop (RDP) certificates - Uwe Gradenegger
  4. Pingback: Basics: Elliptic curves with regard to their use in the public key infrastructure - Uwe Gradenegger
  5. Pingback: Requesting certificates with elliptic curve based keys fails when using Microsoft Platform Crypto Provider - Uwe Gradenegger
  6. Pingback: Limits of Microsoft Active Directory Certificate Services - Uwe Gradenegger
  7. Pingback: The Network Device Enrollment Service (NDES) logs the error message "The Network Device Enrollment Service cannot retrieve one of its required certificates (0x80070057). The parameter is incorrect." - Uwe Gradenegger
  8. Pingback: Troubleshooting for automatic certificate request (autoenrollment) via RPC/DCOM - Uwe Gradenegger
  9. Pingback: Which Cryptographic Service Provider (CSP) should be used for the Network Device Enrollment Service (NDES)? - Uwe Gradenegger
  10. Pingback: Configuring the Trusted Platform Module (TPM) Key Attestation - Uwe Gradenegger
  11. Pingback: Configuring a Certificate Template to Use the Microsoft Platform Crypto Provider to Enable Private Key Protection Using a Trusted Platform Module (TPM) - Uwe Gradenegger
  12. Pingback: Details about the event with ID 130 of the source Microsoft-Windows-CertificationAuthority - Uwe Gradenegger
  13. Pingback: Requesting a certificate fails with the error message "The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation. 0x80090345 (-21468929
  14. Pingback: Creating a backup of the private key of a certification authority - Uwe Gradenegger
  15. Pingback: The partition of the Hardware Security Module (HSM) is running full - Uwe Gradenegger
  16. Pingback: Basics: Restricting Extended Key Usage (EKU) in Certification Authority Certificates - Uwe Gradenegger
  17. Pingback: Basics Network Device Enrollment Service (NDES) - Uwe Gradenegger
  18. Pingback: List of certificate use cases for which compatibility with elliptic curve (ECC) based keys is known - Uwe Gradenegger
  19. Pingback: Microsoft Outlook: Emails encrypted with S/MIME cannot be opened. The error message "Your digital ID name cannot be found by the underlying security system." appears. - Uwe Gradenegger
  20. Pingback: Manual application for a web server certificate - Uwe Gradenegger
  21. Pingback: Manual application for a domain controller certificate - Uwe Gradenegger
  22. Pingback: What key lengths should be used for certificate authorities and certificates? - Uwe Gradenegger
  23. Pingback: Attack vector on Active Directory directory service via smartcard logon mechanism - Uwe Gradenegger
  24. Pingback: List of Use Cases for Certificates Requiring Specific Cryptographic Service Providers (CSP) or Key Storage Providers (KSP) - Uwe Gradenegger
  25. Pingback: Configuring a certificate template for domain controllers - Uwe Gradenegger
  26. Pingback: Configuring a Certificate Template for Online Responders (OCSP) Response Signing Certificates - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish