athey@LORIEN.OCF.LLNL.GOV (Charles L. Athey III) (02/20/91)
Does anyone know of any companies which manufacture Smart Cards that either work with Public Key encryption or Kerberos?
cjr@UUNET.UU.NET (Chris Riddick) (02/21/91)
Charles Athey asked if anyone knew of any companies which manufacture Smart Ca Cards that either work with Public Key encryption or Kerberos. First of all, there are many vendors of smart cards and readers. In fact, Europe is a very big market for smart cards at this time. There are some very sophisticated cards out there that are programmable and provide onboard support for encryption. I am aware of several vendors who provide support for DES. I know that some are working on public key, but I don't know where they stand on the development or how performance is impacted. There is an excellent conference held annually in Washington, D.C. called SCAT/ASIT '91 (May 28-31) that addresses smart cards and security and id technology. I would recommend attending that if possible. They are planning a whole session on smart card related security algorithms, including public key. We are using smart cards for storing the user password required by kerberos. The smart card provides protection of the password with a Personal Identification Number (PIN) that is used to encrypt the password on the card. To access your password, you must first respond to a challenge from the card and enter you PIN. The password is used to get your initial TGT from kerberos, and then it is removed from memory to limit exposure. The specific card we are using is from a vendor called GEMPLUS. Although many of the cards are ISO conformant with respect to the physical format and interface, they do not use a common command set for manipulating data on the card. Chris Riddick UUNET: uunet!nss1!cjr Internet: nss1!cjr@UUNET.UU.NET USSnail: Simpact Associates, Inc. 12007 Sunrise Valley Drive Reston, Virginia 22091 Phone: 703-758-0190 x2156 FAX: 703-758-0941