CFXWorks-Enterprise: Encryption, Secure Messaging and Credit Card Gateway Solutions for IBM's Smart Market, Red Hat Linux, and Suse Linux

CryptoXpressTM SDK Summary

  1. CryptoXpress SDK General Information
  2. CryptoXpress SDK Encryption Capabilities
  3. CryptoXpress SDK Message Digest capabilities
  4. CryptoXpress SDK Credit Card Security Features
  5. CryptoXpress SDK API Support
1). CryptoXpress SDK General Information

CryptoXpress SDK provides "strong" encryption capabilities and a number of additional cryptology and security features. CryptoXpress SDK offerings have been tested and received the "Ready for IBM eServer with Linux”, "IBM Ready for WebSphere” and "IBM Ready for DB/2” marks from IBM. CryptoXpress SDK has also been validated by CFXWorks on Windows and the iSeries running several versions of the OS/400 operating system.

CryptoXpress SDK features include:
  • Support for multiple encryption/decryption algorithms
  • Support for multiple message digest algorithms
  • Support for selected credit card security features
  • Cross platform support
  • Cross platform compatibility
  • Support for Sun and IBM providers
  • API support
  • Usability features and sample programs
[ top ]
2). CryptoXpress SDK Encryption Capabilities

CryptoXpress SDK supports multiple encryption/decryption algorithms including AES 128-bit, AES 256-bit and TripleDES. These algorithums meet the "string encryption" requirements as defined by all known federal, state and industry regulations, including:

  • The Sarbanes-Oxley Act (SOX)
  • The Gramm-Leach-Bliley Act, the Safeguards Rule (GLBS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • California Assembly Bill 1950 (AB 1950)
  • Title 21 of the Federal Regulations Part 11 (21 CFR Part 11)
  • California Information Practice Act or Senate Bill 1386
  • North American Electric Reliability Council (NERC)
  • Federal Information Security Management Act (FISMA)
  • Cardholder Information Security Program (CISP)
  • Payment Card Industry
  • Federal Information Processing Standards (FIPS)
  • National Association of Securities Dealers Rule 2711
  • SEC 17a-4

CryptoXpress SDK can be used to encrypt and decrypt text, files and fields within a database. It supports EBCDIC, ASCII and binary data. Although it supports multiple encryption algorithms, the preferred encryption technology today is AES. AES is a block cipher (symmetric key) encryption algorithm that uses 128-bit, 192-bit and 256-bit key sizes.


On May 19, 2005 the National Institute of Standards and Technology (NIST) announced the withdrawal of the (single) Data Encryption Standard (DES) as specified in FIPS 46-3. DES no longer provides the security that is needed to protect Federal government information. Federal government organizations are now encouraged to use FIPS 197, Advanced Encryption Standard (AES), which specifies a faster and stronger algorithm. For some applications, Federal government departments and agencies may use the Triple Data Encryption Algorithm (Triple DES) as specified in NIST Special Publication 800-67. Triple DES is also supported by CryptoXpress SDK. Although thought to be considerably less secure than even AES 128-bit encryption, it is still commonly used in some industries.

[ top ]
3). CryptoXpress SDK Message Digest capabilities
CryptoXpress SDK supports multiple message digest algorithms including MD5, SHA1, HMACMD5 and HMACSHA1.

A message digest (also sometimes referred to as a one-way hash function) is a fixed length computationally unique identifier corresponding to a set of data. The result of the algorithm is that each file or data string digested will map to a particular block of information called a message digest. The digest is not random; digesting the same unit of data with the same algorithm will always produce the same message digest.


Most users prefer to use the MD5 message digest algorithm. MD5 belongs to a family of one-way hash functions called message digest algorithms. The MD5 system is defined in RFC 1321. MD5 takes a message of arbitrary length and produces as output a 128-bit message digest. It is conjectured that it is computationally infeasible to produce two different messages having the same message digest, or to produce any message having a given message digest.


RFC 1321 also defines a certification suite to validate correct implementation of the algorithm. CryptoXpress SDK is validated against this suite.


Message digests have many uses. In particular they are used to authenticate data. For example, to create a digest for authentication, data can be digested and the digest saved. Later, to validate that the data has not been altered, the data is digested again and the result is compare against the original digest. If they differ, the data has been altered. This is very different from encryption because the actual data is notified when it is digested. Encryption is intended to protect the confidentiality of data.


The HMAC functions support keyed-hashing capabilities that use either MD5 or SHA1. HMAC is commonly used for message authentication. For example some credit card processors require the user to include a HMACMD5 or HMACSHA1 message digests in the transactions sent to their gateways.

[ top ]
4). CryptoXpress SDK Credit Card Security Features
Crypto/iSeries supports the following credit card industry processing functions:
  • LUHN formula ( 10) validation - The LUHN formula was created in the late 1960s by a group of mathematicians. Shortly thereafter, credit card companies adopted it. Because the algorithm is in the public domain, it can be used by anyone. The LUHN formula (also known as the ulus 10 or 10 algorithm) is used to generate, validate and verify the accuracy of credit-card numbers. Almost all institutions that create and require unique account or identification numbers use the 10 algorithm. For example, the LUHN formula is widely used to validate many different forms of account numbers. Crypto/iSeries provides a function that validates that a value passed to the function passes the Luhn formula test.
  • Account number masking as per credit card processing industry standards - The Cardholder Information Security Program (CISP) and Payment Card Industry (PCI) data security standards specify how many digits of a credit card account number can be displayed. This function masks all but the permitted number of digits.
5). CryptoXpress SDK API Support

Java application programmers access CryptoXpress SDK capabilities using the CryptoXpress SDK class library. The source code for many sample java programs is provided in the distributed code.

[ top ]
Print this

CryptoXpress SDK:

  • SDK Brief
  • SDK Brochure
  • Installation &
        User Guide
  • Price
  • Demo Now
  • Buy Now
  • CryptoXpress LT:

  • LT Brief
  • LT Brochure
  • Installation &
        User Guide
  • Price
  • Demo Now
  • Buy Now
  • CryptoXpress CF:

  • CF Brief
  • CF Brochure
  • Installation &
        User Guide
  • Price
  • Demo Now
  • Buy Now
  • CryptoXpressTM SDK
    Buy CryptoXpress SDK Demo CryptoXpress SDK Price CryptoXpress SDK
    CryptoXpressTM LT
    Buy CryptoXpress LT Demo CryptoXpress LT Price CryptoXpress LT
    CryptoXpressTM CF
    Buy CryptoXpress CF Demo CryptoXpress CF Price CryptoXpress CF
    IT Jungle Logo

    IT Jungle - Four Hundered Stuff

    CFXWorks and Subuno Team Up to Fight Credit Card Fraud

    CFXWorks Enhances Encryption Software, Focuses on Single Card Processor
       © 2015 CFXWorks Inc. All rights reserved. Sitemap |   Login | Home |   Contact | Privacy | Legal