Cryptographic devices
Users’ identification within the PKI architecture occurs through such cryptographic devices as the USB like smartcard or token. Both devices contain a cryptographic chip enabling keys generation and cryptographic algorithms implementation (RSA, DES, 3-DES and SHA1).

The USB Smartcards and tokens are positively necessary to obtain and use the qualified certificates, the ones destined to code signing and those for trusted encryption. Such devices have small dimensions and may stay in the pocket or attached as an ornament to the house or car keys.

Smartcard .
certSIGN recommends the SafeNet 330 smartcard

This type of smartcard is provided with software and hardware protection against the cryptographic attacks called „differential power” and „timing attacks”.

Features:
  • ISO 7816 compliant format;
  • SCCOS operation system;
  • 32K EEPROM memory for a safe storage of the keys, passwords, certificates and data in general;
  • DES processor for symmetrical encryption.
Cryptographic functions:
  • DSA (1024-bits) keys generation;
  • RSA (1024-bits and 2048-bits) keys generation;
  • RSA algorithm for the electronic signature;
  • DSA algorithm for the electronic signature;
  • RSA algorithm for key exchange;
  • Diffie-Hellman key exchange;
  • SHA-1 algorithm;
  • DES/3DES algorithm for encryption/decryption;
A smartcard is a plastic card similar to a credit card, with an embedded cryptographic chip.

The Smartcard needs a reader that connects to the USB ports, serial or PCMCIA. There are keyboards and laptops with embedded reader. The reader has to observe the PC/SC standard.

USB Token .
certSIGN recommends the following tokens:


iKey 2032

It is an USB Token with a 2-factor-based authentication ("something that you hold " + " something that you know") in order to grant the maximal security.

Features:
  • 8-bits processor;
  • 32K memory
  • USB 1.1/2.0 connectivity
  • 1.5Mbits/sec transfer
Cryptographic Functions:
  • (RSA) asymmetrical pairs of keys generation;
  • (DES, 3DES) symmetrical keys generation;
  • hardware secured administration and storage of the key;
  • electronic signature.
Cryptographic Performance:
  • operations with 1024-bits and 2048-bits RSA keys;
  • key generating: less than 90 seconds, inclusively the key checking;
  • electronic signature: less than 1 second.
Cryptographic algorithms:
  • encrypting with RSA 1024-bits, RSA 2048-bits asymmetrical key;
  • algorithms with DES, 3DES symmetrical key;
  • RSA 1024-bits, RSA 2048-bits electronic signature;
  • Hash Digest SHA-1 algorithm;
  • support for other types of algorithm, as well.

Cryptoflex E-Gate

It is useful either as a smartcard, when a reader is needed or as a token, with no need of a reader.

Features:
  • 32K memory ;
  • cryptographic processor;
  • USB v1.1smartcard type technology without reader
Cryptographic functions:
  • RSA keys generation (keys length 512, 768, 1024 and 2048 bits)
  • RSA electronic signature;
  • SHA-1 algorithm;
  • DES or 3DES symmetrical encryption
  • DES and 3DES MAC
  • DES keys generation (keys length 56, 112 bits)
  • DES and 3DES Chain Block Cipher (keys length 56 and 112 bits)
It offers a higher degree of autonomy. The necessity of a reader is eliminated, as it integrates both the cryptographic processor and the reader.
Products
Cryptographic devices
uti
Copyright 2007 certSIGN. All rights reserved.
Certification Practice Statement (pdf) | Certification Policy (pdf) | Terms | Sitemap