At present, commercial cryptographic products are divided into six categories according to their forms: cryptographic software, cryptographic chips, cryptographic modules, cryptographic boards, cryptographic machines and cryptographic systems. (1) Cryptographic software: providing cryptographic products in the form of pure software, including information encryption software and cryptographic algorithm implementation software; (2) Cryptographic chips refer to cryptographic products in the form of integrated circuit chips, and the main products are cryptographic algorithm chips and cryptographic SOC chips; (3) Cryptographic module class: refers to products that appear in the form of multi-chip assembly backboards and have special cryptographic functions, but cannot complete the complete cryptographic functions by themselves. There are mainly encryption and decryption modules, security control modules and other products. (4) Password card category: refers to products with complete password function in the form of cards, which are the core components of password products, mainly including USB keys, PCI password cards and other products. (5) Password machine: refers to the product with complete password function in the form of a complete machine with a password card as the core. There are mainly VPN, network cipher machine, server cipher machine, signature verification server and other products. (6) Cryptosystem: refers to products that appear in the form of systems and are supported by cryptographic functions. Generally, they are composed of multiple cryptographic machines, including security authentication systems, key management systems and other products. At present, commercial cryptographic products can be divided into seven categories according to their functions: cryptographic algorithm, data encryption and decryption, authentication and authentication, certificate management, key management, password anti-counterfeiting and synthesis. (1) cryptographic algorithm: products that provide basic cryptographic operation functions, such as cryptographic algorithm chips (2) data encryption and decryption: products that provide data encryption and decryption functions, such as server cryptographers and VPN devices (3) authentication and authentication: products that provide identity authentication and password authentication functions, such as dynamic cryptographic systems and authentication gateways (4) certificate management: providing certificate generation, distribution and authentication. Such as certificate authentication system (5) key management: products that provide key generation, distribution, updating, archiving, recovery and other functions, such as key management system (6) password anti-counterfeiting: products that provide password anti-counterfeiting verification functions, such as electronic seal system, payment cipher device and digital watermarking system (7) comprehensive category: products that provide two or more functions of the above six categories, such as e-commerce security platform and comprehensive security system.
What are not commercial password products? The following products are not commercial password products:
1. Personal password management software: This software is designed to facilitate individuals to manage their own passwords, and has nothing to do with business activities.
2. Open source password management software: This kind of software is password management software released based on or skillfully using open source protocols. Although it can be commercialized, it has not made special functions and configurations for commercial activities.
3. Cracking software: This kind of software is not used for password management, but for stealing other people's passwords or cracking encrypted data, which is often an illegal product.
4. Cryptographic technology products such as cryptographic algorithm library and cryptographic coprocessor: These products are used for the research and application of cryptographic technology, and usually do not belong to the category of commercial cryptographic products.
To sum up, the above products are not commercial password products and need to be classified according to their actual use.
At present, commercial cryptographic products are divided into six categories according to their forms: cryptographic software, cryptographic chips, cryptographic modules, cryptographic boards, cryptographic machines and cryptographic systems.
Legal basis:
People's Republic of China (PRC) Cryptography Law Article 21 The State encourages the research and development, academic exchange, transformation of achievements, popularization and application of commercial passwords, improves a unified, open, competitive and orderly commercial password market system, and encourages and promotes the development of commercial password industry.
The people's governments at all levels and their relevant departments shall follow the principle of non-discrimination and treat equally commercial cipher research, production, sales, service, import and export units (hereinafter referred to as commercial cipher practitioners) including foreign-invested enterprises according to law. The state encourages foreign investors to cooperate in commercial cryptography technology based on the principle of voluntariness and commercial rules in the process of investment. Administrative organs and their staff shall not use administrative means to force the transfer of commercial cipher technology.
The scientific research, production, sale, service and import and export of commercial passwords shall not harm national security, social interests or the legitimate rights and interests of others.