KeyCrypt 3000

ST Electronics (Info-Security) Pte Ltd.


Your Key To Security and Mobility

DigiSAFE KeyCrypt 3000 is a cryptographic smart card designed in a small USB token form factor for access control as well as any other cryptographic applications. Incorporating a powerful cryptographic smartcard chip that is programmable, it provides a strong two-factor authentication for security applications and solutions. KeyCrypt 3000 comes with stronger security features such as ECC and SHA-2 supports.

KeyCrypt 3000 image

Key Features


  • •  2FA solution for security applications and solutions
  • •  Supports both RSA & ECC key generation and cryptographic algorithms for stronger security in applications and solutions.
  • •  Highly configurable access conditions and authentication mechanisms.


  • •   FIPS-certified smartcard in a portable USB form factor for greater user convenience and security

Data Management

  • •   tandard ISO 7816-4 file system (storage of data)
  • •   Cryptographic object (storage of symmetric and asymmetric keys)

Cryptographic services

  • •   FIPS certified true random generator
  • •   RSA key pair on-board generation
  • •   External and internal authentication mechanisms with symmetric and asymmetric key
  • •   Encryption/decryption of data with symmetric and asymmetric keys
  • •   Digital signature (verification and generation)

Ease of Integration

  • •   Easy solution integration through standard application programming interface using PKCS#11 and PC/SC



Limitations: Do not support Window Services such as Cryptographic Service Provider, BitLocker



Smart Card NXP
Applet AuthentIC v .3.22
Memory 73kb EEPROM
Interface USB 2.0
Cryptographic Module IDOne Cosmo V7.0
Cryptographic Co-processor

• RSA key generation (1024, up to 2048 bits key length)
• ECC key generation (160, up to 521 bits key length)
• DES, 3DES (2 and 3 keys), AES (128/192/256 bits)
• SHA-1, SHA-256, SHA-384 & SHA-512
• ECDSA (160, up to 521 bits) GF(P) algorithm
• True Random Generator compliant to FIPS 140-2 certification

Certifications and Standards

• Java 2.2.2
• Global Platform 2.1.1
• FIPS 140-2 level 3 and Common Criteria EAL5+ certified smartcard

Platforms and APIs

• PKCS#11 v2.20

Operating Systems

• Windows® XP, 7, 8 & 10
• Windows Server 2003, 2008, 2012 R2

Qualifications FCC, CE certified

• Tamper evident casing – ultrasonic welded
• USB Type A connector – 10,000 insert/pull cycle
• Operating Temperature – 0˚C to 55˚C
• Weight – 13 ~ 17g

Software Included

• PKCS#11 library
• Key Personalization software
• AWP Manager (AWP 4.6)

Note:  The specification list above are subjected to change without notice. 

Use Cases

With a set of tools provided, DigiSAFE KeyCrypt 3000 could be integrated seamlessly out-of-the-box with a wide range of existing third party applications to provide security functions such as:

  • • Public Key Infrastructure (PKI) – 2 Factor Authentication for security applications and solutions
  • • Virtual Private Network (VPN) logon
  • • Document Encryption and Signing Disk Encryption 

Regulatory Compliance

DigiSAFE KeyCrypt supports strong two-factor user authentication to enable organizations to better protect and control access to their corporate and customer data to comply with regulations such as Sarbanes-Oxley, HIPAA, FDA and Basel II.