--- begin forwarded text
Status: U Date: Mon, 06 Oct 2003 12:40:41 -0400 From: Somebody To: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: Re: NCipher Takes Hardware Security To Network Level Don't identify me, since I'm not sure what parts of my NDA are still in force now that they've announced it. It's really pretty clever. All the expensive key-management is moved off to their centralized server. As each low-cost HSM (the things that go into your server) comes up, it sends its "card identity" to the server. The server responds with the necessary keys, sent in 3DES (maybe AES? I forget details). Their cards can now be fairly simple accelerators, and need less key protection, less NVRAM, etc. --- end forwarded text -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]