[cryptography] -currently available- crypto cards with onboard key storage
Martin Paljak
martin at martinpaljak.net
Thu Oct 27 02:15:32 PDT 2011
Hello,
On Wed, Oct 26, 2011 at 21:12, Thor Lancelot Simon <tls at panix.com> wrote:
> I find myself needing a crypto card, preferably PCIe, with onboard
> key storage. The application is PGP,
I don't know about PGP(.com), but GnuPG is picky about hardware key
containers. Things like PKCS#11.
> As far as I know, the only current products that do this are the
> IBM 4765 and the BCM586x line of chips. There were more sources
> once-upon-a-time of course -- nCipher and NetOctave/NBMK/etc. but
> those products seem to be gone now (and have obsolete PCI host
> interfaces, as well).
I think there are plenty of PCI products from several vendors, incl
Thales(nCipher), SafeNet and others. But getting them "off the shelf"
might vary, depending on your budget and origin and whatnot.
> What, if anything, can I buy off-the-shelf in this space? I don't
> think a smartcard will work, since I need unattended operation
> within the chassis of a standard x86 rackmount server.
You have not described your requirements (ops/sec, FIPS/CC etc) but if
the volume is low, you could take USB CryptoStick(s)
(crypto-stick.org), which is supported by GnuPG and what can do up to
4096 bit onboard keys, unfortunately only one signature/decryption
pair usable through GnuPG. Probably you can also stack them up and
populate with the same key for load sharing.
Martin
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list