Performance Data

Number of certificates:   200 up to 200,000,000
Production speed:   Without HSM up to 5,000 1024-bits certificates/hour
With HSM up to 10,000 1024-bits certificates/hour
Key length:   Root and Intermediate certificates 9196-1024 bits
Client certificates 1024-2048 bits
Symmetric Keys 56 to 256 bits
Key validity:   Root Key 1 to 25 years
Intermediate Keys 1 to 10 years
Client Keys 1 to 10 years (as per CP)
Key storage:   Root Key off-line and stored in several separate pieces Intermediate (signing) keys access through HSM, biometric client certificates, smart card or USB tokens
Cryptographic Ciphers:   AES, Blowfish, CAST5, DES, 3DES, IDEA, RC2, RC4, RC5 and RSA
Signature Algorithms:   MD2, MD4, MD5, MDC2, SHA1 (DSSI) and RIPEMD-160
Entropy:   2127
Authentication, Privacy & Integrity

The authentication, privacy and integrity of the digital certificates is governed by several factors:

Security Protocols

SSL and TLS are protocols that are used to provide secure Web communications on intranets and the Internet. TLS is the standardized (by the Internet Engineering Task Force [IETF]) version of SSL and is also referred to as SSL version 3.1, whereas the most commonly used SSL version is 3.0. Both protocols can provide the following basic security services:

Mutual Authentication

Mutual Authentication verifies the identities of both the server and the client through the exchange and validation of their digital certificates.

Communication Privacy

Communication Privacy encrypts information exchanged between secure servers and secure clients using a secure channel. Communication Integrity

Communication Integrity verifies the integrity of the contents of messages exchanged between the client and the server, which ensures that messages haven’t been altered en route. Digital certificates are an integral part of a total environment. Whether it is a simple case of using them to secure email or using them for authentication purposes in a larger workflow business process, in all cases, Digi-CA™ certificates are easy to deploy.