See Also
 Important: |
|---|
| This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
When it is used, the Microsoft Enhanced Cryptographic Provider provides an application with stronger security than is currently available with the Microsoft RSA Base Cryptographic Provider. This provides users more protection for sensitive data .
The following table shows the minimum, default, and maximum key lengths by algorithm and provider.
| Provider | Algorithms | Minimum key length | Default key length | Maximum key length |
|---|---|---|---|---|
|
MS Base |
RC4 and RC2 |
40 |
40 |
56 |
|
MS Base |
DES |
56 |
56 |
56 |
|
MS Enhanced |
RC4 and RC2 |
40 |
128 |
128 |
|
MS Enhanced |
DES |
56 |
56 |
56 |
|
MS Enhanced |
3DES 112 |
112 |
112 |
112 |
|
MS Enhanced |
3DES |
168 |
168 |
168 |
|
DSS/DH Base |
RC4 and |
40 |
40 |
56 |
|
DSS/DH Base |
DES |
56 |
56 |
56 |
|
DSS/DH Enh |
RC4 and |
40 |
128 |
128 |
|
DSS/DH Enh |
DES |
56 |
56 |
56 |
|
DSS/DH Enh |
3DES |
168 |
168 |
168 |
The Enhanced Provider is backward compatible with the Base Provider distributed with CryptoAPI 1.0, with the following exception. For session keys, both cryptographic service providers (CSP) are limited to generating and deriving keys of default key length: 40 bit for the Base Provider, and 128 bit for the Enhanced Provider, which precludes the Enhanced Provider from creating keys with Base Provider–compatible key lengths. However, the Enhanced Provider can import key lengths of any size, up to 128 bits.
 Note: |
|---|
| If you use the Microsoft RSA Base Provider to create a certification authority, your license to issue certificates is limited to certificates intended for use in the context of your particular application or service. |