Alon Alon Bar-Lev wrote: > ... > > In terms of security, there is no point of using a device that store keys > only to be extracted by applications. > In order to secure your identity you must use a device that cannot be > duplicated. > This can be implemented only if the device does not allow the private key to > be extracted from it.
This is the case for the ikey 1000. The device _should_ not allow duplication. > In order to make use of this none extractable key, the device must perform > the cryptographic operations and not the software. Which implies that you send cleartext to the device and get cyphertext back. So the easiest way to tamper the message is to intercept it at the smartcard driver level :-) and modify it on the fly. If someone is smart enough to fetch the key contents from memory while it is being used by the crypto software, he is smart enough to intercept the cleartext message. > > What you describe is somewhat like putting the private key on USB Storage > device... This is very low security level. This device at least protects its contents against tampering, and does not yield the key without authentication. And this authentication is done on the device itself. cheers Erich
