Encryption and digital signature with VS-NfD approval

Convenient, authorized, secure: GreenShield software protects emails and files from unauthorized access and verifies the sender beyond doubt. GreenShield supports authorities and industry in complying with regulations for the protection of information when it requires secrecy. The German Federal Office for Information Security (BSI) has approved GreenShield for the transmission and processing of classified information up to classification level VS-NfD.

Today, companies and public authorities are exposed to numerous cyber attacks. Those who want to ensure that information and operations are protected from unauthorized knowledge must secure digital communications. This is especially true for government agencies and their industry partners, who are subject to their respective confidentiality regulations. GreenShield has implemented end-to-end encryption on the S/MIME standard in a user-friendly and straightforward manner.


As an add-in for Microsoft Outlook, HCL Notes and Windows, GreenShield integrates seamlessly with the user’s email program or operating system and is extremely easy to use. An integrated PKCS#11 module and PKI client simplify key management and recovery mechanisms. GreenShield offers central configuration and supports all common smartcards and tokens.

Chiasmus replacement

Until now, the file encryption program Chiasmus developed by the BSI has been used to store VS-NfD-classified information. However, the VS-NfD approval of this software expires at the end of 2021 and will not be renewed. GreenShield is ideally suited to replace Chiasmus. Unlike Chiasmus, GreenShield also supports asymmetric crypto algorithms and can also encrypt emails.

Frequently Asked Questions

Can classified information be exchanged digitally?

Yes, information with VS classification up to and including NfD (for official use only) can be exchanged in encrypted form. The data can be shared by e-mail or stored on a data carrier. In any case, the VSA (classified information directive) or the secrecy manual (for industries subject to secrecy) must be observed. In addition, only tools approved by the Federal Office for Information Security (BSI) may be used for encryption.

What is GreenShield?

GreenShield is a software by cv cryptovision GmbH for e-mail and file encryption at the highest security level. GreenShield is approved by the German Federal Office for Information Security (BSI) for the processing and transmission of VS-classified information up to Nfd (for official use only), NATO- and EU-restricted. The software can be seamlessly integrated into standard e-mail clients (MS Outlook, Notes) and the operating system (MS Windows). Users can therefore use GreenShield immediately without training or familiarisation.

Where can I get the certificates?

The certificates for the so-called “authorised operation” must fulfil certain security criteria (see VSA). In the future, the “classified industry” can obtain these certificates e.g. via D-Trust GmbH. Services receive their certificates e.g. via the “Informationsverbund Berlin-Bonn (IVBB)”, operated by the “Bundesanstalt für den Digitalfunk der Behörden und Organisationen mit Sicherheitsaufgaben (BDBOS)” or via their own sub-CA of the V-PKI (Bundeswehr).


What does GreenShield offer?

GreenShield Suite is a complete solution for encrypting and signing e-mails and files at the highest security level. End-to-end encryption is used for this purpose. GreenShield offers maximum data security and is intuitive to use.

GreenShield Suite consists of the products GreenShield File and the email add-in GreenShield Mail. With GreenShield File, files can be encrypted and securely stored in the familiar working environment. GreenShield Mail integrates into the respective e-mail systems and thus enables the secure processing of e-mails including attachments. Both components are based on the same BSI-approved security core, which allows the integration of defined security tokens.

Can GreenShield replace the Chiasmus file encryption software?

Yes. GreenShield has already had approval for the processing and transmission of information classified for VS-NfD since December 2018. This approval is regularly updated. The authorisation for Chiasmus already ends in December 2021 and will not be renewed thereafter. Therefore, all services and the intelligence-led industry must replace Chiasmus with BSI VS-NfD-approved products, such as GreenShield.

Who uses GreenShield?

GreenShield is used in the sovereign and military sector as well as in the secretive industry.

How can GreenShield be licensed?

There are different licence models (user licence, company licence, etc.), about which we will be happy to inform you. Please use the form at the bottom of this page to contact us. We look forward to hearing from you!

Do you have any further questions?

Do not hesitate to contact us.

Maximum data security
  • End-to-end encryption
  • VS-NfD-, NATO-restricted and EU-restricted approved
Focus on VS customer requirements
  • File and email security
  • Signature and verification
  • Encryption and decryption
  • Asymmetric and symmetric algorithms
  • Smart card, soft token or password
  • Chiasmus replacement depending on customer needs
  • S/MIME and OpenPGP support
High user-friendliness
  • No change of usual work: seamless integration as add-in in Microsoft Outlook and HCL (IBM) Notes
  • Only little user training required
  • Intuitive operation
  • Integrated online help
  • Support of S/MIME and OpenPGP standards
  • Compatible with GnuPG and all S/MIME-capable clients
  • Available for MS Outlook & HCL (IBM) Notes
  • Supports all smart cards that are common in VS environments
Central administration
  • Central control of certificates and trust states
  • Individual configuration on system/admin/user level possible
  • Easy installation
Flexible smartcard support
  • Crypto software „Made in Germany“
  • > 20 years of development and certification expertise
  • Dedicated development and consulting team
  • Extensive project experience in the public sector
  • Roadmap and support guarantee
Extensive support and implementation services
  • In-house user training
  • Innovative user support system
  • Unlimited first and second level support possible
  • Guaranteed SLAs for third-level support
  • Multi-tenant ticket system*
  • Integration support with respect to test environment, going productive and much more
  • Support in creation of operation and security policies
Proven standards and crypto algorithms
  • S/MIME
  • OpenPGP
  • X.509 certificates and revocation lists
  • PKCS#1, PKCS#10, PKCS#11 and PKCS#12
  • RSA, Diffie-Hellman, DSA, SHA-2, AES, Triple-DES and other crypto algorithms

* for larger operators

Brochure (German)

Product Brief

Data Sheet (Mail)

Data Sheet (File)

Application examples (German)

File encryption
(Chiasmus replacement)

Symmetric file encryption

Symmetric file decryption

Asymmetric file encryption

Asymmetric file decryption

E-mail encryption

E-Mail signature and encryption

Receive encrypted mail with invalid signature

Receive encrypted and signed mail

Email security references

We inform you …

You’re interested in email and data security? Request information without obligation. We will provide it to you in a timely manner.

Your data will not be passed on to third parties. You have the possibility to unsubscribe from the mailing list at any time. You can find information about privacy statement here.


Do you have questions? Feel free to contact us!

Do you have questions about one of our products or solutions? Don't hesitate to contact us.
We're happy to support you!