The use of SATSA-CRYPTO should follow the same general guidelines as used for MIDP. One of the considerations is that cryptographic operations may take a while, in particular for the family of low-power devices addressed by MIDP. Because of this, it is advisable to run cryptographic operations in a separate thread; otherwise the user interface may block.
Since SATSA-CRYPTO only gives access to cryptographic operations and it does not access any sensitive data like passwords or security elements, the API does not require any MIDP 2.0 permissions. Other parts of SATSA, like SATSA-PKI, do access security elements contained, for example, in a SIM card. Therefore, they need to acquire MIDP permissions and it is recommended to sign the MIDlets to properly obtain them.
Notice that SATSA-CRYPTO gives access to the basic cryptographic algorithms but the proper use of them has to come from the design of your application. It is recommended to study thoroughly the security properties of the different algorithms to find one that is appropriate for the application at hand in terms of strength and speed.