CryptoCard Graphite

 

The CryptoCard Graphite is the latest model of cryptographic microprocessor card offered by CryptoTech. This card is a direct successor to the CryptoCard Carbon, continuing the success of the previous model, CryptoCard multiSIGN, which gained significant popularity in the Polish market and established a de facto standard for the functionality of electronic PKI cards. 

The card can simultaneously serve for electronic signature, data and correspondence encryption, user identification, user authentication, and access control to resources and premises. CC Graphite is a versatile device that can be used by both individuals and large companies. 

Proximity Interface 

The requirements for cards very often combine two separate areas of electronic card usage. The first is related to the contact chip and its functionality for signing, encrypting, and authenticating, while the other is the typical corporate need for time registration or physical access control, usually implemented through proximity cards. The CC Graphite card can be equipped with both contact and proximity parts and serve both purposes simultaneously, simplifying the user’s card usage and reduce the costs of card procurement and management. 

There are numerous types and variations of proximity cards available on the market. Thanks to full control over the production cycle, the CryptoCard Graphite can be delivered with practically any type of proximity part (hybrid configuration). The most commonly encountered variations include MIFARE®, Unique, Indala, and iClass. 

Electronic Signature 

Similar to previous solutions offered by CryptoTech, the CryptoCard Graphite can be used for electronic signature in all its variants as specified by Polish and European law (including compliance with the eIDAS regulation). In the case of secure signature, the card acts as a Qualified Signature Creation Device (QSCD) according to the specifications provided in eIDAS and meets the requirements of Polish law for secure signature verified by a qualified public key certificate. In accordance with standards and technical regulations, the part of the card responsible for handling and protecting the data used for generating such a signature is isolated and subject to special control over its usage and management.

 

Identification 

In corporate applications, plastic cards are often used as employee badges. CC Graphite can also serve as an identifier. The appearance of the card can be defined by the client. In the simplest version, it can be a blank card ready for user data printing during issuance, in a process of individual personalization using specialized plastic card printers. For larger-scale applications, high-quality offset printing and all available options used in plastic card production are available, including additional security features such as holograms or guilloche patterns. 

 

Hardware 

The card utilizes a modern processor equipped with 64kB EEPROM memory and a cryptographic coprocessor capable of performing RSA operations with key lengths up to 2048 bits, as well as gaining popularity, signatures based on Elliptic Curve Cryptography (ECC) with a key length of 256 bits. Communication between software using the card and the card’s processor can be encrypted, providing additional protection against advanced attacks. The card platform is based on JavaCard v2.2.2 and GlobalPlatform v2.1.1 specifications, and the PKI application installed on the card is certified along with the entire platform according to Common Criteria EAL4+ and is listed on the official list of devices SSCD and QSCD compliant with eIDAS. 

Software 

The card closely integrates the dedicated new edition of the CryptoCard Suite software, which allows for managing the card’s content and intermediates communication between applications using the card (logging into operating systems, e-mail programs, web browsers, or signing applications) and the card inserted into the reader. CryptoCard Suite is middleware software, fully compliant with industry standards such as PKCS#11 v2.01 and newer, as well as CryptoAPI and CNG API. The new card is equipped with a software interface for new Windows operating systems and works through a module compliant with the Microsoft Smart Card miniDriver v7 API, used by CSP and KSP. 

 

 

Datasheet

Software

Online store

Technical specification
memoryup to 64 kB
RSA signing and encryptionup to 2048 bity
ECC GF(p) signingup to 256 bits (soon 384, 512, 521 bits on request)
supported algorithmRSA, ECC, DES/3DES, AES, SHA1 (limited) SHA-256, SHA-384
support for Secure MessagingYes
key generationon the card (RSA,ECC)
protocolsT=0
support for industry standardsPKCS#11, MS CAPI/CSP/CNG, miniDriver, PC/SC
certified security for qualified signature application (QSCD)CC EAL 4+
certified hardware platformCC EAL 5+
OS supportWindows 8, 8.1, 10 (32/64-bit OS support), Linux (via PKCS#11), MacOSX (PKCS#11), and limited support for Windows 7
OthersTerminal Services support