[Cryptography] Kindle as crypto hardware
Mark Seiden
mis at seiden.com
Wed Dec 4 17:49:51 EST 2013
On Dec 4, 2013, at 10:58 AM, Hannes Frederic Sowa <hannes at stressinduktion.org> wrote:
...
>
> Btw. does someone know cheap HSMs? The cheapest one I found was the
> yubikey HSM and it doesn't have good support for x.509 key management.
>
just to add some possibly interesting grist to your mill, rick lamb recently has done some excellent engineering work
in making a cheap HSM for DNSSEC signing described incompletely in
TPM, The Poor Man's HSM – Richard Lamb, ICANN
early slides (2012):
http://ccnso.icann.org/file/32383/download/37379
later slides (2013) starting at page 10:
http://durban47.icann.org/meetings/durban2013/presentation-dnssec-set-forget-lamb-15jul13-en.pdf
https://twitter.com/Deploy360/status/357470380455256064
the device could comply with fips 140 level 4, if only anyone were willing to pay the $200k in certification
costs for a device that costs $50 in parts cost to make...
rick needs a low volume low cost engineering channel. (i suggested lady ada, for example, but i’m not sure
it can fit in an altoids box.) maybe this would be a good kickstarter project?
(i’m cc-ing him on this also as i don’t know about status more recent than 4 months ago and there may be
a more complete description of the device available at this point…)
> Greetings,
>
> Hannes
>
More information about the cryptography
mailing list