The IAIK Provider for the Java™ Cryptography Extension (IAIK-JCE) is a set of APIs and implementations of cryptographic functionality, including hash functions, message authentication codes, symmetric, asymmetric, stream, and block encryption, key and certificate management. It supplements the security functionality of the default JDK.


The IAIK ECCelerate™ library for the Java™ platform is based on Java 6 technology and offers easy to use elliptic curve cryptography protocols, like ECDSA, ECDH, ECIES and ECMQV (optional), compliant with current standards. As of version 3.0, it also provides support for asymmetric bilinear pairings using Barreto-Naehrig curves. Since version 5.0, ECCelerate™ supports EdDSA and DH based on X25519 and X448. ECCelerate™ is an add-on to the IAIK JCE provider (of version 5.51 or higher), which you have to download and install separately.


The JCE CC Core is a Common Criteria evaluated version of most of the cryptographic functionality of the IAIK-JCE toolkit.

Post Quantum Provider

The IAIK-PQ (Post-Quantum) library is based on Java 8 and offers easy to use Post-Quantum signature and Public-key Encryption and Key-establishment algorithms (KEMs). With the advance of Quantum Computers such algorithms will gain in importance in the future.

PKCS#11 Provider

This product allows easy integration of smart cards, USB tokens and HSMs into Java™ applications. It provides a simple java.security.KeyStore view of these tokens and makes cryptographic operations of these devices accessible via the JCA/JCE framework. For the application, it is just like working with pure software crypto and file key stores. The library accesses the hardware tokens via the PKCS#11 API, also known as Cryptoki. Hence, it can work with any product which supports PKCS#11.

PKCS#11 Wrapper

This is a library for the Java™ platform which makes PKCS#11 (also known as Cryptoki) modules accessible from within Java™. A PKCS#11 module is a software library with a defined API which allows access to cryptographic hardware. It usually comes with hardware security modules (HSM), smart cards and crypto tokens (e.g. USB tokens). Thus, the PKCS#11 Wrapper provides Java™ software access to almost any crypto hardware. For example, a Java™ application can use it to integrate a HSM or a smart card to create digital signatures, to decrypt data or to unwrap keys. We provide this library with an apache-style license.

Ascon Lightweight Crypto Toolkit

The IAIK-LW Provider for the Java™ Cryptography Extension (JCE) is an implementation of the NIST awarded Ascon algorithm family offering lightweight authenticated encryption, hashing, and Message Authentication Codes.
Ascon is the result of the excellent research work at IAIK. It has been designed at IAIK and has won the NIST competition for standardizing a lightweight authenticated encryption algorithm suitable for constrained environments.