On Tue, Aug 03, 2004 at 03:36:45AM +1200, Peter Gutmann wrote:
G&D produce (or help produce) things like banknotes and passports (and have been doing so for more than a century), the secrecy comes with the territory.
I have no smart card background, unfortunately. I've heard G&D ignores requests from open source developer people, though. Are keywords like STARCOS SPK2.3 (Philips P8WE5032 chip), ITSEC E4 certification (with StarCert v 2.2.) etc. associated with a good security track? Features * ISO/IEC compatible * Secure messaging * Hierarchical ISO file system * DES, 3DES * State machine * Logical Channels support * Deletion of files (EF) and applications (DF) * Enhanced hardware security * High performance * Implementation of various access controls (authentication) * Data encryption with asymmetric RSA keys up to a key length of 1,024 * bits * Generation and verification of digital signatures with RSA and DSA * On-card RSA key generation up to a key length of 1,024 bits * The digital signature application StarCert is ITSEC E4 high certified STARCOS SPK2.3 is available on a Philips chip with 32 kByte. Symmetric (DES, 3DES) as well as asymmetric (DSA, RSA) cryptograhic methods are supported. For further information please contact: Industry & Government Team Phone: +49 (0)89 4119-1957 Fax: +49 (0)89 4119-2802 indgov.cards@de.gi-de.com -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]