Using the Microsoft CryptoAPI


In simple terms, cryptography is the application of selected processes for encoding data so that the information can be stored and transmitted securely. The Microsoft CryptoAPI allows developers to build cryptographic security into their applications by providing a flexible set of functions to encrypt or digitally sign data.

You can use cryptography to achieve many security requirements, including:

  • Ensuring secrecy by coding sensitive files so that an interloper cannot understand them.
  • Guaranteeing secure communications even though the transmission media is not secure.
  • Verifying the origin of messages and data using digital signatures.

The fundamental cryptographic operations supported by the CryptoAPI are encryption, decryption, and signing. Encryption is somewhat like controlled fragmentation: the data is there, but it’s scattered according to the encryption rules. Decryption is simply the inverse of encryption, where the encryption rules are reversed to reassemble the data. Digital signing is analogous to physically hand-signing a document, but with one significant improvement: it is very, very difficult to forge a digital signature.

The Microsoft CryptoAPI is a complete set of tools for creating secure Internet and intranet applications. Microsoft distributes the Cryptographic Service Provider Developer’s Kit (CSPDK) to authorized recipients located in the United States and Canada, and to persons and entities outside the United States or Canada authorized to receive the CSPDK under specific license from the U.S. State Department, Office of Defense Trade Controls.

For More Information   For more information about Microsoft CryptoAPI, visit the Microsoft Web site at