acs CryptoMate EVO Cryptographic USB Token User Manual

June 9, 2024
ACS

CryptoMate EVO
User Manual

CryptoMate EVO Cryptographic USB Token

Dear customer,
Thank you for purchasing our product. Please read the following instructions carefully before first use and keep this user manual for future reference. Pay particular attention
to the safety instructions. If you have any questions or comments about the device, please contact the customer line.
www.alza.co.uk/kontakt
✆ +44 (0)203 514 4411
Importer Alza.cz a.s., Jankovcova 1522/53, Holešovice, 170 00 Prague 7, www.alza.cz

Introduction

The CryptoMate EVO contains an ACOS5-EVO cryptographic smart card module. The ACOS5-EVO cryptographic smart card module offers advanced asymmetric and symmetric cryptographic algorithms such as ECC and RSA and is compliant with international standards for PKI smart cards such as FIPS 14-2 (US Federal Information Processing Standards) Level 3 and CC EAL 5+ (chip level).acs
CryptoMate EVO Cryptographic USB Token -

The CryptoMate EVO is similar in appearance to the CryptoMate Nano, but it can be easily distinguished when plugged in the PC with its Green LED. PC applications will
recognize it through its PCSC and Driver Name: ACS CryptoMate EVO. It also offers higher memory and more advanced cryptographic functionalities compared to the CryptoMate Nano.

Features

Cryptographic Smart Card Features
The CryptoMate EVO contains the ACOS5-EVO cryptographic smart card module, which has the following features:

Communication Protocols

  • T=0, T=1 with baud up to 446,400 bps

Memory

  • Capacity: 192Kb
  • EEPROM Endurance: 500,000 erase/write cycles
  • Data Retention: 30 years

Cryptographic Capabilities
The ACOS5-EVO supports a number of cryptographic algorithms, including:

  • ECC: Curves P-224/P-256/P-384/P-521
  • RSA: 512 – 4096 bits in 256 bits increments
  • AES: 128/192/256-bits (ECB, CBC)
  • DES/3DES: 56/112/168-bits (ECB, CBC)
  • Hash: SHA1, SHA224, SHA256, SHA384, SHA512
  • MAC: CBC-MAC (DES/3DES, AES), CMAC (3DES, AES)

Random Number Generation

  • Deterministic RNG according to FIPS 140-2
  • Non-deterministic RNG compliant to AIS-31

File Security

  • Private and secret key file read access can be set to “Never”

  • File access condition capability with ISO 7816-compliant Secure AttributeCompact.
    File access is only allowed if the proper security conditions are met (e.g., PIN submissions)

  • Command execution condition capability per Dedicated File (DF) with ISO 7816compliant Secure Attribute-Extended.
    Commands are allowed only if the proper security  conditions are met (e.g., PIN submission)

  • Secure Messaging function for confidential and authenticated data transfer

  • Mutual authentication (terminal-co-card and card-to-terminal) with session key generation for encryption and MAC

  • Anti-tearing Function Support

Compliance to Standards

  • Compliance with ISO 7816 Parts 1,2.3,4, 8, and 9
  • Compliance with FIPS 140-2 Level 3
  • Certified with Common Criteria ELA 5+ (Chip Level)

Token Features
Physical Characteristics

  • Green Status LED
  • Lightweight: 4.61 g
  • Extremely small: 29.25 mm x 14.80 mm x 10.28 mm
  • Keychain hole
  • Tamper-evident casing
  • Smart card power supply through USB port

Compliance to Standards

  • USB Full Speed Interface
  • CCID-compliant (Plug and Play)
  • CE and FCC-certified
  • RoHS-compliant
  • REACH-certified
  • Microsoft WHQL-certified
  • Supports Android 3.1 and later

Typical Applications

  • e-Government
  • e-Healthcare
  • Banking and Payment
  • Network Security
  • Access Control
  • Public Key Infrastructure
  • Digital Signature

Middleware

To use CryptoMate EVO for PKI applications with digital certificates, an applicable middleware id needed.
ACS offers software solutions such as the ACOS5 Minidriver and ACOS5-EVO PKI Kit so that the ACOS5-EVO and the CryptoMate EVO can be used with other third- party applications as shown in the figure below:

acs CryptoMate EVO Cryptographic USB Token -
Middleware

Please contact us at info@acs.com.hk for inquiries about the middleware supports for the CryptoMate EVO token.

Technical Specifications

acs CryptoMate EVO Cryptographic USB Token - Technical
Specifications

Physical Characteristics

Dimensions| 29.18 mm (L) x 14.50 mm (W) x 10.54 mm (H)
Weight| 4.61 g
Color| Black
ACOS5-EVO Cryptographic Smart Card Module
Memory Size| 192 KB
Endurance| 500,000 write/erase cycles
Data Retention| 30 years
Cryptographic Capability| ECC: Curves P-224/P-256/P-384/P-521 RSA: 512 – 4096 bits in 256 bits increments
AES: 128/192/256-bits (ECB, CBC)
DES/3DES: 56/112/168-bits (ECB, CBC)
MAC: CBC-MAC (DES/3DES, AES) CMAC (3DES, AES)
Hashing Capabality| SHA1, SHA 224, SHA256, SHA384, SHA512
USB Host Interface
Protocol| USB CCID
Connector Type| Standard Type A
Power Source| From USB port
Speed| USB Full Speed (12 Mbps)
Built-in Peripherals
LED| Green
Casing| Tamper-evident
Others| Keychan hole for portability
Operating Conditions
Temperature| 0°C – 50°C
Humidity| Max. 90% (non-condensing)
MTBF| 500,000 hrs

Certifications/Compliance
ISO 7816, USB Full Speed, Common Criteria ELA5+ (Chip Level), PC/SC, CCID, CE, FCC,
RoHS, REACH, FIPS, 140-2 Level 3 (USA), Microsoft WHQL
Middleware Support
ACS PKCS #11, ACS CSP (based on Microsoft’s CryptoAPI), ACS CNG (based on Microsoft’s CNG)
ACS Minidriver
X.509 v3 Certificate Storage (can store more than 10 Key Pairs)
Device Driver Operating System Support
Windows 7, Windows 8, Windows 8.1, Windows 10
Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server
2012 R2, Windows Server 2016
Linux, Mac OSM Android 3.1 and later

acs CryptoMate EVO Cryptographic USB Token - System
Support

Warranty Conditions

A new product purchased in the Alza.cz sales network is guaranteed for 2 years. If you need repair or other services during the warranty period, contact the product seller directly, you must provide the original proof of purchase with the date of purchase.
The following are considered to be a conflict with the warranty conditions, for which the claimed claim may not be recognized:

  • Using the product for any purpose other than that for which the product is intended or failing to follow the instructions for maintenance, operation, and service of the product.
  • Damage to the product by a natural disaster, the intervention of an unauthorized person or mechanically through the fault of the buyer (e.g., during transport, cleaning by inappropriate means, etc.).
  • Natural wear and aging of consumables or components during use (such as batteries, etc.).
  • Exposure to adverse external influences, such as sunlight and other radiation or electromagnetic fields, fluid intrusion, object intrusion, mains overvoltage, electrostatic discharge voltage (including lightning), faulty supply or input voltage and inappropriate polarity of this voltage, chemical processes such as used power supplies, etc.
  • If anyone has made modifications, modifications, alterations to the design or adaptation to change or extend the functions of the product compared to the purchased design or use of non-original components.

References

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

Related Manuals