The CA keys are created in a cryptographic module, using RSA algorithm and random number generator. Created within a hardware module, the private key is stored inside without leakage. Moreover, certificate subscriber’s IC card is internally generated with FIPS 140-1 level 2 certification of the Card Center. The private key will not export after generation.