Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread Werner Koch
On Fri, 28 Oct 2011 14:03, t...@panix.com said: So this appears to be basically a smartcard and USB smartcard reader built into the same frob. I can probably find a way to put it within Right. Unfortunately, it also appears to be unbuyable. I tried all three sources listed on the

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread Werner Koch
On Fri, 28 Oct 2011 11:10, mar...@martinpaljak.net said: PKCS#11 but also open source drivers (also free, in the sense of free software vs open source software) is as good excuse to reject PKCS#11 In 99% percent of all cases Open Source and Free Software describe software distributed under the

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread Peter Gutmann
Martin Paljak mar...@martinpaljak.net writes: Taking into account the original request of getting something off-the-shelf for PGP uses, this demand basically just rules out GnuPG for some users and use cases. At the risk of slight self-promotion, cryptlib,

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread Thierry Moreau
Thor Lancelot Simon wrote: On Thu, Oct 27, 2011 at 12:15:32PM +0300, Martin Paljak wrote: You have not described your requirements (ops/sec, FIPS/CC etc) but if the volume is low, you could take USB CryptoStick(s) (crypto-stick.org), which is supported by GnuPG and what can do up to 4096 bit

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread Morlock Elloi
Take a cheap Android, write the code you need for it, make it talk via USB, rip out all antennas, put it in your box (wrap in a paper bag first), and connect with USB cable to the internal USB port. HW cost: $80 a Trojan. Security certification concerns put aside, the architectural demands

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread lodewijk andré de la porte
Or pluk any old PC/laptop/notebook you have lying around and make it talk over IP. Phones consume less energy though, nice idea. It's arguably more secure than a CPU but I doubt it'd make a noticeable difference (since the rest of the hardware needs to be secure also). 2011/10/28 Morlock Elloi

[cryptography] Further evidence of Certificate Authority break-ins

2011-10-28 Thread jd.cypherpunks
http://www.h-online.com/security/news/item/Further-evidence-of-Certificate-Authority-break-ins-1367856.html -Michael ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] -currently available- crypto cards with onboard key storage

2011-10-28 Thread coderman
On Wed, Oct 26, 2011 at 11:12 AM, Thor Lancelot Simon t...@panix.com wrote: I find myself needing a crypto card, preferably PCIe, with onboard key storage As far as I know, the only current products that do this are the IBM 4765 and the BCM586x line of chips.  There were more sources