NCipher Takes Hardware Security To Network Level
R. A. Hettinga
rah at shipwright.com
Mon Oct 6 13:38:13 EDT 2003
--- begin forwarded text
Status: U
Date: Mon, 06 Oct 2003 12:40:41 -0400
From: Somebody
To: "R. A. Hettinga" <rah at shipwright.com>
Subject: Re: NCipher Takes Hardware Security To Network Level
Don't identify me, since I'm not sure what parts of my NDA are still in
force now that they've announced it.
It's really pretty clever. All the expensive key-management is moved
off to their centralized server. As each low-cost HSM (the things that
go into your server) comes up, it sends its "card identity" to the
server. The server responds with the necessary keys, sent in 3DES
(maybe AES? I forget details). Their cards can now be fairly simple
accelerators, and need less key protection, less NVRAM, etc.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list