On Fri, Jan 24, 2003 at 09:51:46PM +0100, Thomas Shaddack wrote:
DEFINITELY TRUE!
...
The device should be able to perform the encryption/decryption services on its own (hence the cryptographic CPU). Eg, you have an untrusted computer. You plug the device to its port, move a document from the untrusted machine to device's directory "Cleartext", authorize yourself to the device with fingerprint and PIN, select the "Encrypt" function (which can be done eg. by a suffix to the PIN). In few seconds, you should then find the encrypted document in the device's directory "Ciphertext". Similarly, the device should support write-only directory, to which you could write files freely but won't be able to retrieve them without authorization (this could allow using the device for data couriers who would be able to pick data but won't be able to read them along the way).
...
Good points. I've thought a lot about the possibility of such devices (I suppose they are kind of obvious/inevitable to crypto-minded people). One comment: One the of the primary uses for such a device would be in protocols requiring digital signatures. If the device is to be used for this, it would seem necessary to also include a small display on it so the user can view what the untrusted computer wants signed and authorize the signature. Of course, with a screen, it's going to be more like a PDA and less like a key-chain sized device. One of these days, I might build a little device that stores a private key and does on-board encryption using a microcontroller. I would do it just for fun, since it is pretty useless if the infrastructure to support it is not out there. John Bethencourt