Symmetric Encryption Algorithm Support
Every CSP of type PROV_RSA_FULL or PROV_RSA_SIG must provide an implementation of the RC2 block cipher and the RC4 stream cipher. These algorithms are used by the session keys to perform the encryption and decryption of bulk data.
The Microsoft RSA Base Provider uses 40-bit session keys, with 88 bits of salt (128 bits total). Your CSP is free to use larger keys, although this can make exporting your CSP rather difficult (see Chapter 4).
If your CSP does use session keys larger than 40-bits, this will tend to make key exchange between your CSP and the Microsoft RSA Base Provider rather difficult, unless your CSP is willing to "dumb down."