Re: pci hardware for secure crypto storage (OpenSSL/OpenBSD)

2004-09-16 Thread Werner Koch
On Wed, 15 Sep 2004 16:30:54 +0100, Ian Grigg said:

 There is a device that is similar to those characteristics:
 http://woudt.nl/epass-pgp/
 http://www.financialcryptography.com/mt/archives/000201.html

The advantage of the OpenPGP card is that is is a specification that
it is open and ready for everyone to implement.  No proprietary
strings attached as usual in the smartcard business.  So go write an
application according to the specs and it will, run with any card
compliant with the spec.  Any vendor may implement this spec on his
card.  Whether you do this on a slow 4 Euro chip or a fast 8 Euro chip
or on an iButton is up to you.  Our card is just one implementation of
the spec using an expensive chip.


  Werner

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


pci hardware for secure crypto storage (OpenSSL/OpenBSD)

2004-09-14 Thread Eugen Leitl

I'm looking for (cheap, PCI/USB) hardware to store secrets (private key) and
support crypto primitives (signing, cert generation). It doesn't have to be
fast, but to support loading/copying of secrets in physically secure environments, and
not generate nonextractable secret onboard. Environment is
OpenBSD/Linux/OpenSSL/gpg.

Any suggestions?

-- 
Eugen* Leitl a href=http://leitl.org;leitl/a
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgpFez8InSggV.pgp
Description: PGP signature


Re: pci hardware for secure crypto storage (OpenSSL/OpenBSD)

2004-09-14 Thread David Shaw
On Tue, Sep 14, 2004 at 10:31:11AM +0200, Eugen Leitl wrote:
 
 I'm looking for (cheap, PCI/USB) hardware to store secrets (private
 key) and support crypto primitives (signing, cert generation). It
 doesn't have to be fast, but to support loading/copying of secrets
 in physically secure environments, and not generate nonextractable
 secret onboard. Environment is OpenBSD/Linux/OpenSSL/gpg.

Since your environment includes GPG, then I think the OpenPGP
smartcard meets pretty well what you are requesting.  Combine it it
with a USB smartcard reader, and the card becomes USB, too ;)

http://www.silicon-trust.com/pdf/secure_8/48_ppc.pdf
http://www.g10code.de/p-card.html

David

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]