On Fri, Jan 24, 2003 at 09:51:46PM +0100, Thomas Shaddack wrote: > DEFINITELY TRUE! > > ... > > The device should be able to perform the encryption/decryption services on > its own (hence the cryptographic CPU). Eg, you have an untrusted computer. > You plug the device to its port, move a document from the untrusted > machine to device's directory "Cleartext", authorize yourself to the > device with fingerprint and PIN, select the "Encrypt" function (which can > be done eg. by a suffix to the PIN). In few seconds, you should then find > the encrypted document in the device's directory "Ciphertext". Similarly, > the device should support write-only directory, to which you could write > files freely but won't be able to retrieve them without authorization > (this could allow using the device for data couriers who would be able > to pick data but won't be able to read them along the way). > > ...
Good points. I've thought a lot about the possibility of such devices (I suppose they are kind of obvious/inevitable to crypto-minded people). One comment: One the of the primary uses for such a device would be in protocols requiring digital signatures. If the device is to be used for this, it would seem necessary to also include a small display on it so the user can view what the untrusted computer wants signed and authorize the signature. Of course, with a screen, it's going to be more like a PDA and less like a key-chain sized device. One of these days, I might build a little device that stores a private key and does on-board encryption using a microcontroller. I would do it just for fun, since it is pretty useless if the infrastructure to support it is not out there. John Bethencourt