Crypto hardware

Jurgen Botz jurgen at botz.org
Thu Jul 12 14:09:24 EDT 2001 

Kent Crispin wrote:
> A couple of years ago at the RSA conference one of the vendors was 
> exhibiting a tamperproof that would keep a secret key and perform 
> encryptions/signatures using the key.  Since the key never left the 
> box, in theory security reduced to physical security around the box.  
> The intended use of the box was as a master for a CA.  I thought the 
> vendor was GTE, but I didn't find anything definitive on their site.

Others have responded with specific products which may be what Kent
originally saw, but it occurs to me that this description also 
applies to crypto smart cards, USB dongles, iButtons, and other
such devices.

The idea with these devices is exactly that the secret key of a 
private/public key pair is stored in a tamper proof device and
never leaves this device (and the device can generate the key
pair so that the secret key need not ever have existed outside
the device).  The device performs RSA (or other public key)
encryption using its stored secret key... since in pratical
crypto applications the thing that's actually RSA encrypted is
small (a session key, auth challenge, or fingerprint) the device
need not be particularly fast and can use a low-bandwith interface
to the application.

Set up a PC with CA software and a smart card reader and put
your CA cert/key on a smart card and you have your tamperproof
CA master... the only weak link in the certificate generation
process is the CA's secret key, so that's really the only thing
you need to protect.  From a security standpoint everything
else should be as transparent as possible, so ideally you want
a box running open source software rather than a proprietary
appliance and isolate the critical part of the process to 
something that can be made very tamperproof and has well known
specs/intefaces... i.e. a smart card.

I've been playing with smart cards and iButtons, and I think
they are very cool.  I'm puzzled why they aren't seeing wider
use already, but I suspect/hope they will get a lot more popular
soon.  Opinions?

--jurgen






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list