Secure usage and implementation of cryptographic procedures are the foundation of secure digitization in projects for state, economy and society. The Cryptographic Service Provider (CSP) makes cryptographic primitives, algorithms and advanced protocols readily available for secure usage.

The CSP is dedicated hardware component that is used as a security evaluated and certified crypto core in IT-Products. An application component implementing the business case of such a product may use the standardizes interfaces and functionality of the CSP.

Using the CSP provides a fast and secure way to realize digitization projects that rely on a high assurance in its security functionality. As of today, the CSP is already implemented as the core component in Technical Security Systems for electronic record keeping systems as well as the Smart-eID.

The Technical Guideline TR-03181 CSP2 describes the requirements for the implementation of such a CSP. It is separated into multiple parts. Part 1 – ‘Architecture and Concepts’ – describes the generic architecture of the CSP, its functionality, life cycle, role and access model. The mapping of those generic and platform agnostic concepts is described in additional parts.

Further information and requirements regarding the CSP can be found at Cryptographic Service Provider (CSP).

BSI TR-03181 Technical Guideline for Cryptographic Service Provider 2 (CSP2)