On 10 Jun 2010, at 13:00, Emanuele Pucciarelli wrote: > What seems unlikely to me is mass storage encryption directly on the > device: I would guess that you need expensive hardware (at least, > expensive compared to ordinary smart cards) to perform decent > encryption at reasonable bitrates for a mass storage device, but I'm > not knowledgeable on this front and I certainly stand ready to be > corrected!
Not that unlikely: http://www.ironkey.com The Personal/Enterprise (but not Basic) models ship can act as a PKCS#11 token and come with a Windows PKCS#11 library which can access it. It provides space to store one user specified key/cert alongside an IronKey generated cert on the token. I believe it's main key, used for the flash encryption is generated when you initialise the device Am currently in conversation with them about when they might provide PKCS#11 support on the other platforms you can use these on (i.e. linux & OSX) - looks like they're possibly working on OSX but no word on linux yet. The main flash is hardware encrypted on the device. I presume the crypto hardware uses proprietary USB protocol... No connection, other than we've been evaluating one for use within our company. Stu _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
