FWIW, you might want to review the Wikipedia entry on this: http://en.wikipedia.org/wiki/NSAKEY and perhaps more importantly, Bruce Schneier's 1999 Crypto-Gram take on this: http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI HTH, Marc Schwartz