Question 173. What is BSAFE?

BSAFE is a general purpose, low-level cryptographic toolkit that offers developers the tools to add privacy and authentication features to their applications.

BSAFE is designed to provide the security tools for a wide range of applications, such as digitally signed electronic forms, virus detection, or virtual private networks. It is compatible with various industry standards, including S/MIME, S-HTTP, SSL, PCT, S/WAN, SEPP, and STT (see Question 131, Question 133, Question 134, Question 136, Question 137, Question 140, and Question 142). BSAFE also fully supports PKCS (see Question 166).

The 3.0 release of BSAFE contains the following algorithms:

Public-Key Algorithms:

Secret-Key Algorithms

Cryptographic Hashing Algorithms:

Other Cryptographic Functions:

The 3.0 release of BSAFE offers greater security by supporting public-key operations with up to 2048-bit keys, and better performance by enhancing the throughput of both the public-key and secret-key algorithms. BSAFE is written in portable C, and is available on a wide variety of platforms.

For more information on BSAFE, see <>.