At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.

Products
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Solutions
- - By Market
  - AI & Machine Learning
  - Automotive
  - Data Center
  - Edge
  - Government
  - IoT
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Resources
- - Resource Library
  - Our library of informational videos, papers, presentations, and more
  - Webinars
  - Check out our library of upcoming and on-demand webinars
- - Inventions
  - Explore innovations that enable the superior performance of Rambus solutions
  - Certifications
  - Certified silicon IP solutions tailored to the specific needs of some of the world’s most demanding applications
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Company
- - About
  - Corporate Overview
  - Leadership
  - Inventors
  - Careers
  - Locations
  - Investor Relations
- - News & Media
  - Newsroom
  - Blog
  - Events
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
- English

SafeZone Crypto Engine and SafeZone Crypto Provider

Home > Security IP > Software Protocols > Crypto Engine and Crypto Provider

Crypto Engine and Crypto Provider (SafeZone Crypto Engine and SafeZone Crypto Provider) are fast and flexible implementations of the OpenSSL Engine and Provider APIs. They can be used together with the SafeZone FIPS Crypto Library to provide a FIPS validated backend to OpenSSL.

However, they are decoupled form the cryptographic modules, ensuring a smooth and fast transition between FIPS 140 versions. The separation of the Provider/Engine from the cryptographic module allows us maximum flexibility in case that an update or fix needs to be made. This flexibility ensures a fast response rate and minimum disruption in update cycles.

Contact

Security Certifications

Solution	Description
Crypto Engine	Implementation of OpenSSL 1.1.x Engine API
Crypto Provider	Implementation of OpenSSL 3.x Provider API

SafeZone Crypto Engine allows customers to use FIPS 140-3 validated cryptography without forcing them to upgrade OpenSSL before they are ready. Rambus is committed to supporting all customers still using OpenSSL 1.1.x

SafeZone Crypto Provider allows customers to use the latest OpenSSL versions and our FIPS validated modules, and build for the future without worrying about changes in FIPS standards or OpenSSL APIs.

Both the SafeZone Crypto Provider and Engine support a wide range of algorithms and standards and are not limited only to those which are FIPS approved.

Supported algorithms by SafeZone Crypto Provider:

Cipher algorithms: AES (ECB, CBC, CFB, GCM, CCM, CTR, OFB, KW, KWP, WRAP, WRAP-PAD), 3DES, ChaCha20-Poly1305, RSA
Hash algorithms: SHA-1, SHA-2, SHA-3
MAC algorithms: HMAC-SHA, GMAC-AES, AES CMAC
Digital signatures: RSA, DSA, ECSDA
Key agreement: Diffie-Hellman, ECDH
Key derivation: TLS (1.0, 1.1, 1.2, 1.3), PKCS #5 PBKDF2, HKDF
Random number generation: NIST SP 800-90A Rev 1: AES-CTR