CNG Key Isolation

The CNG (Cryptographic Next Generation) key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.

This service is required for wireless networks (WLAN).

More Info MSDN - CNG Features
More Info MSDN - Key Storage and Retrieval
More Info Wiki - Common Criteria
Recommended state:
  • Manual
Default State:
  • Win8: Manual (Trigger Start)
  • Win7/Vista: Manual
Proces name:


  1. John R says:

    I've already read the description of this service in windows 7, I was hoping for an answer in "english" not computer talk.

  2. Janssen says:

    Well, to be honest we have no idea what all those programs on our computers rely do. We just get an description from microsoft and we must be leave that it is what they say it is.
    We are not even allowed to do reverse engineering by some stupid acts, so we are not supposed to know what all those 250.000 programs on an standard windows installation rely do.

    We must have trust in microsoft that they are honest with help us god!

Leave a Reply

Your email address will not be published. Required fields are marked *