[16165] in cryptography@c2.net mail archive
Re: pci hardware for secure crypto storage (OpenSSL/OpenBSD)
daemon@ATHENA.MIT.EDU (Eugen Leitl)
Wed Sep 15 13:43:05 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 15 Sep 2004 17:56:04 +0200
From: Eugen Leitl <eugen@leitl.org>
To: Ian Grigg <iang@systemics.com>,
Cryptography List <cryptography@metzdowd.com>
In-Reply-To: <4148602E.3020502@systemics.com>
--SVB8Yls9VVq4v7gO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Sep 15, 2004 at 04:30:54PM +0100, Ian Grigg wrote:
> There is a device that is similar to those characteristics:
>=20
> http://woudt.nl/epass-pgp/
"If you loose or damage your token: you loose your private key and any data
encrypted to it. Because the key is generated inside the token and cannot
leave it, it is not possible to make a backup of the private key." is a
knockout criterium, though.
Also an interactive PIN entry for each interaction is a no-no, if the machi=
ne
is in a rack at the host.
H4x0rs may break in and sign a few stray blobs, but they won't be able to
steal the private key itself.
> http://www.financialcryptography.com/mt/archives/000201.html
--=20
Eugen* Leitl <a href=3D"http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
--SVB8Yls9VVq4v7gO
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQFBSGYUdbAkQ4sp9r4RAuHJAKCK88oshu025vnGq66yaqoUp3v61wCgnGHG
jno1Mcge2HBVGNDPpHB7BeY=
=DiRb
-----END PGP SIGNATURE-----
--SVB8Yls9VVq4v7gO--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
