Encryption and digital signature with VS-NfD approval


Convenient, authorized, secure: GreenShield software protects emails and files from unauthorized access and verifies the sender beyond doubt. GreenShield supports authorities and industry in complying with regulations for the protection of information when it requires secrecy. The German Federal Office for Information Security (BSI) has approved GreenShield for the transmission and processing of classified information up to classification level VS-NfD.

Today, companies and public authorities are exposed to numerous cyber attacks. Those who want to ensure that information and operations are protected from unauthorized knowledge must secure digital communications. This is especially true for government agencies and their industry partners, who are subject to their respective confidentiality regulations. GreenShield has implemented end-to-end encryption on the S/MIME as well as the OpenPGP standard in a user-friendly and straightforward manner.


As an add-in for Microsoft Outlook, HCL Notes, Windows, and Ubuntu, GreenShield integrates seamlessly with the user’s email program or operating system and is extremely easy to use. An integrated PKCS#11 module and PKI client simplify key management and recovery mechanisms. GreenShield offers central configuration and supports all common smartcards and tokens.

Chiasmus replacement

Until recently, the file encryption program Chiasmus developed by the BSI has been used to store VS-NfD-classified information. However, the VS-NfD approval of this software expired at the end of June 2022 and was not renewed. GreenShield is ideally suited to replace Chiasmus. Unlike Chiasmus, GreenShield also supports asymmetric crypto algorithms and can also encrypt emails.

Frequently Asked Questions

Can classified information be exchanged digitally?
Yes, information with VS classification up to and including NfD (for official use only) can be exchanged in encrypted form. The data can be shared by e-mail or stored on a data carrier. In any case, the VSA (classified information directive) or the secrecy manual (for industries subject to secrecy) must be observed. In addition, only tools approved by the Federal Office for Information Security (BSI) may be used for encryption.
What is GreenShield?

GreenShield is a software by cv cryptovision GmbH for e-mail and file encryption at the highest security level. GreenShield is approved by the German Federal Office for Information Security (BSI) for the processing and transmission of VS-classified information up to NfD (for official use only), NATO- and EU-restricted. The software can be seamlessly integrated into standard e-mail clients (MS Outlook, Notes) and the operating system (MS Windows). Users can therefore use GreenShield immediately without training or familiarisation.

Where can I get the certificates?

The certificates for the so-called “approved operation mode” must fulfil certain security criteria (see VSA). Industry partners handling classified information can obtain these certificates e.g. via D-Trust GmbH. Ministeries and other official agencies receive their certificates e.g. via the “Informationsverbund Berlin-Bonn (IVBB)”, operated by the “Bundesanstalt für den Digitalfunk der Behörden und Organisationen mit Sicherheitsaufgaben (BDBOS)” or via their own sub-CA of the V-PKI (Bundeswehr).


What does GreenShield offer?
GreenShield Suite is a complete solution for encrypting and signing e-mails and files at the highest security level. End-to-end encryption is used for this purpose. GreenShield offers maximum data security and is intuitive to use.

GreenShield Suite consists of the products GreenShield File and the email add-in GreenShield Mail. With GreenShield File, files can be encrypted and securely stored in the familiar working environment. GreenShield Mail integrates into the respective e-mail systems and thus enables the secure processing of e-mails including attachments. Both components are based on the same BSI-approved security core, which allows the integration of defined security tokens.

Can GreenShield replace the Chiasmus file encryption software?

Yes. GreenShield has already had approval for the processing and transmission of information classified for VS-NfD since December 2018. This approval is regularly updated. The authorisation for Chiasmus ended by the end of June 2022 and was not renewed thereafter. Therefore, all services and the intelligence-led industry must replace Chiasmus with BSI VS-NfD-approved products, such as GreenShield.

Who uses GreenShield?
GreenShield is used in the sovereign and military sector as well as in the secretive industry.
How can GreenShield be licensed?
There are different licence models (user licence, company licence, etc.), about which we will be happy to inform you. Please use the form at the bottom of this page to contact us. We look forward to hearing from you!

Do you have any further questions?

Do not hesitate to contact us.

Data security
  • End-to-end encryption
  • VS-NfD-, NATO-restricted and EU-restricted approved
Focus on VS customer requirements
  • File and email security
  • Signature and verification
  • Encryption and decryption
  • Asymmetric and symmetric algorithms
  • Smart card, soft token or password
  • Chiasmus replacement depending on customer needs
  • S/MIME and OpenPGP support
High user-friendliness
  • No change of usual work: seamless integration as add-in in Microsoft Outlook and HCL (IBM) Notes
  • Only little user training required
  • Intuitive operation
  • Integrated online help
  • One-click helpdesk export
  • Support of S/MIME and OpenPGP standards
  • Compatible with GnuPG and all S/MIME-capable clients
  • Available for MS Outlook & HCL (IBM) Notes
  • Supports all smart cards that are common in VS environments
Central administration
  • Central control of certificates and trust states
  • Individual configuration on system/admin/user level possible
  • Easy installation
Flexible smartcard support
  • Crypto software „Made in Germany“
  • > 20 years of development and certification expertise
  • Dedicated development and consulting team
  • Extensive project experience in the public sector
  • Roadmap and support guarantee
Extensive support and implementation services
  • In-house user training
  • Innovative user support system
  • Unlimited first and second level support possible
  • Guaranteed SLAs for third-level support
  • Multi-tenant ticket system*
  • Integration support with respect to test environment, going productive and much more
  • Support in creation of operation and security policies
Proven standards and crypto algorithms
  • S/MIME
  • OpenPGP
  • X.509 certificates and revocation lists
  • PKCS#1, PKCS#10, PKCS#11 and PKCS#12
  • RSA, Diffie-Hellman, DSA, SHA-2, AES, Triple-DES and other crypto algorithms

* for larger operators

Product Sheet

Data Sheet (Mail)

Data Sheet (File)

Application examples (German)

File encryption
(Chiasmus replacement)

Symmetric file encryption
Symmetric file decryption
Asymmetric file encryption
Asymmetric file decryption

E-mail encryption

E-Mail signature and encryption
Receive encrypted mail with invalid signature
Receive encrypted and signed mail

Email security references



You’re interested in email and data security?

Request information without obligation. We will provide it to you in a timely manner.

Your data will not be passed on to third parties. You have the possibility to unsubscribe from the mailing list at any time. You can find information about privacy statement here.


Do you have a question? Contact us now!

Do you have any questions about one of our products or solutions? Don't hesitate to contact us. We'll give you expert advice.