Acs Cryptomate evo User manual

CryptoMate EVO

User Manual • Uživatelský manuál •

Užívateľský manuál • Használati utasítás •

Benutzerhandbuch

English

3 –10

Čeština

11 –19

Slovenčina

20 –28

Magyar

29 –37

Deutsch

38 –45

Dear customer,

Thank you for purchasing our product. Please read the following instructions carefully

before first use and keep this user manual for future reference. Pay particular attention

to the safety instructions. If you have any questions or comments about the device,

please contact the customer line.

✉www.alza.co.uk/kontakt

✆+44 (0)203 514 4411

Importer Alza.cz a.s., Jankovcova 1522/53, Holešovice, 170 00 Prague 7, www.alza.cz

Introduction

The CryptoMate EVO contains an ACOS5-EVO cryptographic smart card module. The

ACOS5-EVO cryptographic smart card module offers advanced asymmetric and

symmetric cryptographic algorithms such as ECC and RSA and is compliant with

international standards for PKI smart cards such as FIPS 14-2 (US Federal Information

Processing Standards) Level 3 and CC EAL 5+ (chip level).

The CryptoMate EVO is similar in appearance to the CryptoMate Nano, but it can be

easily distinguished when plugged in the PC with its Green LED. PC applications will

recognize it through its PCSC and Driver Name: ACS CryptoMate EVO. It also offers

higher memory and more advanced cryptographic functionalities compared to the

CryptoMate Nano.

Features

Cryptographic Smart Card Features

The CryptoMate EVO contains the ACOS5-EVO cryptographic smart card module, which

has the following features:

Communication Protocols

•T=0, T=1 with baud up to 446,400 bps

Memory

•Capacity: 192Kb

•EEPROM Endurance: 500,000 erase/write cycles

•Data Retention: 30 years

Reader MCU

ACOS5-EVO PKI Smart Card

CryptoMate EVO

Cryptographic Capabilities

The ACOS5-EVO supports a number of cryptographic algorithms, including:

•ECC: Curves P-224/P-256/P-384/P-521

•RSA: 512 –4096 bits in 256 bits increments

•AES: 128/192/256-bits (ECB, CBC)

•DES/3DES: 56/112/168-bits (ECB, CBC)

•Hash: SHA1, SHA224, SHA256, SHA384, SHA512

•MAC: CBC-MAC (DES/3DES, AES), CMAC (3DES, AES)

Random Number Generation

•Deterministic RNG according to FIPS 140-2

•Non-deterministic RNG compliant to AIS-31

File Security

•Private and secret key file read access can be set to “Never”

•File access condition capability with ISO 7816-compliant Secure Attribute-

Compact. File access is only allowed if the proper security conditions are met

(e.g., PIN submissions)

•Command execution condition capability per Dedicated File (DF) with ISO 7816-

compliant Secure Attribute-Extended. Commands are allowed only if the proper

security conditions are met (e.g., PIN submission)

•Secure Messaging function for confidential and authenticated data transfer

•Mutual authentication (terminal-co-card and card-to-terminal) with session key

generation for encryption and MAC

•Anti-tearing Function Support

Compliance to Standards

•Compliance with ISO 7816 Parts 1,2.3,4, 8, and 9

•Compliance with FIPS 140-2 Level 3

•Certified with Common Criteria ELA 5+ (Chip Level)

Token Features

Physical Characteristics

•Green Status LED

•Lightweight: 4.61 g

•Extremely small: 29.25 mm x 14.80 mm x 10.28 mm

•Keychain hole

•Tamper-evident casing

•Smart card power supply through USB port

Compliance to Standards

•USB Full Speed Interface

•CCID-compliant (Plug and Play)

•CE and FCC-certified

•RoHS-compliant

•REACH-certified

•Microsoft WHQL-certified

•Supports Android 3.1 and later

Typical Applications

•e-Government

•e-Healthcare

•Banking and Payment

•Network Security

•Access Control

•Public Key Infrastructure

•Digital Signature

Middleware

To use CryptoMate EVO for PKI applications with digital certificates, an applicable

middleware id needed.

ACS offers software solutions such as the ACOS5 Minidriver and ACOS5-EVO PKI Kit so

that the ACOS5-EVO and the CryptoMate EVO can be used with other third-party

applications as shown in the figure below:

Please contact us at [email protected].hk for inquiries about the middleware supports for

the CryptoMate EVO token.

ACS Applications

Microsoft

Applications

Smart Card

Logon

Non-Microsoft

Applications

Microsoft

CryptoAPI:

Next Gen

Microsoft

CryptoAPI

Minidriver

PKCS #11

ACS CNG

(CryptoAPI Next

Generation

ACS CSP

(Cryptographic

Service Provider

ACS Minidriver

ACS PKCS #11

Windows Resource Manager

Applications

Middleware

Operating System Layer

ACS Smart Card Reader/Token Driver

Technical Specifications

Physical Characteristics

Dimensions

29.18 mm (L) x 14.50 mm (W) x 10.54 mm

(H)

Weight

4.61 g

Color

Black

ACOS5-EVO Cryptographic Smart Card Module

Memory Size

192 KB

Endurance

500,000 write/erase cycles

Data Retention

30 years

Cryptographic Capability

ECC: Curves P-224/P-256/P-384/P-521

RSA: 512 –4096 bits in 256 bits

increments

AES: 128/192/256-bits (ECB, CBC)

DES/3DES: 56/112/168-bits (ECB, CBC)

MAC: CBC-MAC (DES/3DES, AES) CMAC

(3DES, AES)

Hashing Capabality

SHA1, SHA 224, SHA256, SHA384, SHA512

USB Host Interface

Protocol

USB CCID

Connector Type

Standard Type A

Power Source

From USB port

Speed

USB Full Speed (12 Mbps)

Built-in Peripherals

LED

Green

Casing

Tamper-evident

Others

Keychan hole for portability

Operating Conditions

Temperature

0°C - 50°C

Humidity

Max. 90% (non-condensing)

MTBF

500,000 hrs

Certifications/Compliance

ISO 7816, USB Full Speed, Common Criteria ELA5+ (Chip Level), PC/SC, CCID, CE, FCC,

RoHS, REACH, FIPS, 140-2 Level 3 (USA), Microsoft WHQL

Middleware Support

ACS PKCS #11, ACS CSP (based on Microsoft’s CryptoAPI), ACS CNG (based on Microsoft’s

CNG)

ACS Minidriver

X.509 v3 Certificate Storage (can store more than 10 Key Pairs)

Device Driver Operating System Support

Windows 7, Windows 8, Windows 8.1, Windows 10

Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server

2012 R2, Windows Server 2016

Linux, Mac OSM Android 3.1 and later

Warranty Conditions

A new product purchased in the Alza.cz sales network is guaranteed for 2 years. If you

need repair or other services during the warranty period, contact the product seller

directly, you must provide the original proof of purchase with the date of purchase.

The following are considered to be a conflict with the warranty conditions, for

which the claimed claim may not be recognized:

•Using the product for any purpose other than that for which the product is intended

or failing to follow the instructions for maintenance, operation, and service of the

product.

•Damage to the product by a natural disaster, the intervention of an unauthorized

person or mechanically through the fault of the buyer (e.g., during transport,

cleaning by inappropriate means, etc.).

•Natural wear and aging of consumables or components during use (such as

batteries, etc.).

•Exposure to adverse external influences, such as sunlight and other radiation or

electromagnetic fields, fluid intrusion, object intrusion, mains overvoltage,

electrostatic discharge voltage (including lightning), faulty supply or input voltage and

inappropriate polarity of this voltage, chemical processes such as used power

supplies, etc.

•If anyone has made modifications, modifications, alterations to the design or

adaptation to change or extend the functions of the product compared to the

purchased design or use of non-original components.

Table of contents

Languages:

ACS CryptoMate EVO User manual

Popular Card Reader manuals by other brands