Hi, Douglas E. Engert ...
On Sat, 2 Dec 2000, Douglas E. Engert wrote:
> Naomaru Itoi wrote:
> >
> > Hello,
> >
> > I have been talking with Markus Friedl
> > <[EMAIL PROTECTED]> in the OpenSSH developers
> > group about possible smartcard integration to OpenSSH. That is, to
> > store an RSA key pair on a smartcard and carry out RSA operation
> > there.
>
> We have done something similar, in the Globus project, and demonstrated
> the use of Smartcards at Super Computing 98, in December 1998.
>
> We defined sc_RSA_eay_private_encrypt sc_RSA_eay_private_decrypt
> which use PKCS#11 to talk to the smartcard. We effect generate a new method:
[...]
> The modulus and exponent are also retrieve from the smart card,
> and stored in the RSA structure at this time.
does this mean that the secret information (the private key) is retrieved
from the smart card to carry out the computation in the computer as in
conventional ways?
i think the main advantage of a smart card should be that the private
information will never leave it, so the computation should be carried out
on the smart card. this way, the used computer does not need to be
trusted as much as when i hand over the private key directly.
do i get that right?
Alfe
-- / _|__ __ __ __| __ __ SECURE INTERNET TECHNOLOGIES
`/ | ( __) / | | | | ) /__\ http://www.xtradyne.com
/ \ | | (__| \._| (__| | | \._, Alexander Fetke, Developer
' Technologies AG --' [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
