On Fri, Oct 28, 2011 at 4:10 AM, Martin Paljak mar...@martinpaljak.net wrote:
Now, the fact that there are both binary blob drivers that speak
PKCS#11 but also open source drivers (also free, in the sense of free
software vs open source software) is as good excuse to reject PKCS#11
as ruling
On 10/28/11 4:57 , Werner Koch wrote:
On Fri, 28 Oct 2011 11:10, mar...@martinpaljak.net said:
PKCS#11 but also open source drivers (also free, in the sense of free
software vs open source software) is as good excuse to reject PKCS#11
In 99% percent of all cases Open Source and Free
On Fri, Oct 28, 2011 at 12:10:46PM +0300, Martin Paljak wrote:
Taking into account the original request of getting something
off-the-shelf for PGP uses, this demand basically just rules out GnuPG
for some users and use cases.
GnuPG, sure - however:
[..] the hardware usually comes
On 29/10/11 10:09 AM, coderman wrote:
On Wed, Oct 26, 2011 at 11:12 AM, Thor Lancelot Simont...@panix.com wrote:
I find myself needing a crypto card, preferably PCIe, with onboard
key storage
...
i too would like to know what other options are available for HSM +
Accel in PCIe form
On Sat, Oct 29, 2011 at 08:10:38PM +1100, ianG wrote:
Is there any particular reason why PCI(e) is preferred as a hardware
interface?
Because that's the only thing server boards typically have.
Plus, PCIe is much preferable to PCI in terms of throughput
(not that makes a bottleneck for a
On Wed, Oct 26, 2011 at 7:12 PM, Thor Lancelot Simon t...@panix.com wrote:
I find myself needing a crypto card, preferably PCIe, with onboard
key storage. The application is PGP, so I really need hardware that
can use keys stored onboard to do arbitrary RSA operations -- rather
than a
On Fri, 28 Oct 2011 14:03, t...@panix.com said:
So this appears to be basically a smartcard and USB smartcard reader
built into the same frob. I can probably find a way to put it within
Right.
Unfortunately, it also appears to be unbuyable. I tried all three
sources listed on the
On Fri, 28 Oct 2011 11:10, mar...@martinpaljak.net said:
PKCS#11 but also open source drivers (also free, in the sense of free
software vs open source software) is as good excuse to reject PKCS#11
In 99% percent of all cases Open Source and Free Software describe
software distributed under the
Martin Paljak mar...@martinpaljak.net writes:
Taking into account the original request of getting something off-the-shelf
for PGP uses, this demand basically just rules out GnuPG for some users and
use cases.
At the risk of slight self-promotion, cryptlib,
Thor Lancelot Simon wrote:
On Thu, Oct 27, 2011 at 12:15:32PM +0300, Martin Paljak wrote:
You have not described your requirements (ops/sec, FIPS/CC etc) but if
the volume is low, you could take USB CryptoStick(s)
(crypto-stick.org), which is supported by GnuPG and what can do up to
4096 bit
Take a cheap Android, write the code you need for it, make it talk via USB, rip
out all antennas, put it in your box (wrap in a paper bag first), and connect
with USB cable to the internal USB port.
HW cost: $80
a Trojan. Security certification concerns put aside, the
architectural demands
Or pluk any old PC/laptop/notebook you have lying around and make it
talk over IP. Phones consume less energy though, nice idea. It's
arguably more secure than a CPU but I doubt it'd make a noticeable
difference (since the rest of the hardware needs to be secure also).
2011/10/28 Morlock Elloi
On Wed, Oct 26, 2011 at 11:12 AM, Thor Lancelot Simon t...@panix.com wrote:
I find myself needing a crypto card, preferably PCIe, with onboard
key storage
As far as I know, the only current products that do this are the
IBM 4765 and the BCM586x line of chips. There were more sources
On Wed, Oct 26, 2011 at 8:12 PM, Thor Lancelot Simon t...@panix.com wrote:
I find myself needing a crypto card, preferably PCIe, with onboard
key storage. The application is PGP, so I really need hardware that
can use keys stored onboard to do arbitrary RSA operations -- rather
than a
Alfonso De Gregorio a...@crypto.lo.gy writes:
For a past project, I've been engineering a cryptographic appliance running
with Bull TrustWay CC2000
http://support.bull.com/ols/product/security/trustway/c2000/cc2000.html
It is a full-length PCI with on-board key storage.
Can you provide a bit
Thor Lancelot Simon schrieb:
As far as I know, the only current products that do this are the
IBM 4765 and the BCM586x line of chips. There were more sources
once-upon-a-time of course -- nCipher and NetOctave/NBMK/etc. but
those products seem to be gone now (and have obsolete PCI host
On Thu, 27 Oct 2011 11:15, mar...@martinpaljak.net said:
I don't know about PGP(.com), but GnuPG is picky about hardware key
containers. Things like PKCS#11.
For the records: That is simply not true. We only demand an open API
specification for the HSM because we don't want to support binary
Hi Peter,
On Thu, Oct 27, 2011 at 10:45 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
Alfonso De Gregorio a...@crypto.lo.gy writes:
For a past project, I've been engineering a cryptographic appliance running
with Bull TrustWay CC2000
18 matches
Mail list logo