PRIMEINK TOOLKITS

Security is important to all businesses to ensure the confidentiality, integrity and authenticity of both internal and customer-facing interactions. Cryptomathic's PrimeInk Toolkits secure a wide variety of business applications ranging from secure data storage and communication, to trusted web-based forms.

The Toolkits provide high performance and portable code, compliant with industry standard algorithms and cover cryptographic functions from low-level to more specific technologies such as digital signatures.

PrimeInk CodePrimeInk Premium

PrimeInk Premium offers all the features of PrimeInk Basic, plus full support for digital certificates and message formats. This allows standards-based integration with a wide range of third-party security products, as well as enabling signatures, authentication and encryption with third parties across open networks.

PrimeInk Premium is an ideal toolkit for the development of applications that integrate with a Public Key Infrastructure (PKI). Full X.509 certificate handling is supported, including path discovery and validation. Standard data formats for interoperation with certificate authorities and time-stamping authorities are also included. See the technical brochure for more details.

Example applications include:

  • Access control in open environments
  • Interoperable security solutions
  • Home banking systems
  • Internet based groupware

PrimeInk ECC

PrimeInk ECC provides security based on Elliptic Curve Cryptography (ECC). These advanced public key cryptographic algorithms achieve similar security to traditional algorithms but using much shorter keys. This makes computations faster and reduces storage requirements. In particular, key generation is considerably faster than traditional public key algorithms.

These features make ECC ideal for use in performance critical environments. In addition, ECC usage is being standardised in a variety of new applications worldwide, making PrimeInk ECC ideal for developers working within those industry sectors. See the technical brochure for details of the supported standards.

Example applications include:

  • Performance critical systems
  • Interoperability with other ECC systems

PrimeInk Java

Using cryptography and security in Java applications is straight-forward using the common interface defined by Sun. PrimeInk Java is a signed Java Cryptography Extension (JCE) provider, which integrates seamlessly with the standard Java development environment. It provides a full set of highly optimised cryptographic algorithms.

A complete list of the supported algorithms can be found in the technical brochure. These include hash algorithms, symmetric key encryption and decryption, computation of message authentication codes (MACs), public key encryption and decryption and the generation and validation of digital signatures.

Example applications include:

  • Securing J2EE and EJB enterprise applications
  • Browser-based Java applets
  • Secure communication for Java applications

PrimeInk CSP

A Cryptographic Service Provider (CSP) is a Microsoft Windows component that offers cryptographic services such as encryption or signing and the secure storage of user keys. All CSPs are accessible via standard Microsoft interfaces, and thus integrate fully with standard Microsoft applications such as Outlook, Outlook Express and Internet Explorer, as well as third-party software such as VPN clients.

The PrimeInk CSP provides an alternative to the standard Microsoft CSPs on Windows/x86 platforms. It offers full strength cryptographic algorithms and key protection and is digitally signed by Microsoft. In addition, the PrimeInk CSP offers the application developer full control of the user experience, regarding password policies and the dialog branding.

Example applications include:

  • Customised secure e-mail interface
  • Customised secure web signing interface
  • Customised VPN logon
  • Toolkit Add-Ons

PrimeInk Crypto Hardware Support

Some scenarios require an extraordinary high level of physical security and/or the highest available performance. This add-on enables support for all PKCS#11 based hardware. Compatible hardware includes hardware security modules from leading manufacturers and also smart card readers and USB key tokens from all main vendors.

Also included is a PKCS#11 interface to PrimeInk, which allows it to act as a software PKCS#11 device. This can be used in applications which have a PKCS#11 interface for cryptographic action but where no hardware PKCS#11 token is available, or during development to avoid the cost of deploying expensive cryptographic hardware on every workstation. Whether using hardware or software implementations, the PrimeInk programming interface remains the same.