pci hardware for secure crypto storage (OpenSSL/OpenBSD)
Eugen Leitl
eugen at leitl.org
Wed Sep 15 11:56:04 EDT 2004
On Wed, Sep 15, 2004 at 04:30:54PM +0100, Ian Grigg wrote:
> There is a device that is similar to those characteristics:
>
> http://woudt.nl/epass-pgp/
"If you loose or damage your token: you loose your private key and any data
encrypted to it. Because the key is generated inside the token and cannot
leave it, it is not possible to make a backup of the private key." is a
knockout criterium, though.
Also an interactive PIN entry for each interaction is a no-no, if the machine
is in a rack at the host.
H4x0rs may break in and sign a few stray blobs, but they won't be able to
steal the private key itself.
> http://www.financialcryptography.com/mt/archives/000201.html
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20040915/0bf64316/attachment.pgp>
More information about the cryptography
mailing list