>>I am in the unfortunate situation of having to run a server in a
>>machineroom which I don't completely trust.
At 05:20 PM 7/18/00 -0900, Paul Holman wrote
>Some folks at the Cypherpunks meetings have been working on projects
>using the Dallas Semi iButton, which is a cheap FIPS140-1 Level 1
>certified hardware security device. You can get them, load your keys
>in them, and rig your OS/Apps to use this thing. An alternative
>would be to use an nCipher device. These protections would keep
>people from copying the keys, but it is certainly conceivable they
>could make off with the device entirely. That's why you'd want to
>incorporate some kind of remote authentication as well.
Matt Blaze did a paper a while back on using smartcards (or equivalent
slow-but-relatively-secure processors) in conjunction with a main CPU
to support encrypted filesystems without having to shove all the data
through the smartcard. You may want to do something similar here.
(And obviously you want to use encrypted filesystems, because even if
the attackers don't stick logic probes on your backplane,
they might take your disk drive out and plug it in their own machine.)
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
