[10418] in cryptography@c2.net mail archive
RE: Welome to the Internet, here's your private key
daemon@ATHENA.MIT.EDU (Rick Smith at Secure Computing)
Thu Feb 7 14:21:45 2002
Message-Id: <5.1.0.14.0.20020206163055.01f3efd0@[192.168.12.25]>
Date: Wed, 06 Feb 2002 16:37:28 -0600
To: Bill Stewart <bill.stewart@pobox.com>,
cryptography@wasabisystems.com
From: Rick Smith at Secure Computing <rick_smith@securecomputing.com>
In-Reply-To: <5.0.2.1.1.20020204100214.030b6280@idiom.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 12:20 PM 2/4/2002, Bill Stewart wrote:
>A smartcard-only system probably _is_ too limited to generate keys,
>but that's the only realistic case I see.
Here are some manufacturer claims for the DataKey 330 smart card: average
of 23 seconds to generate a 1,024-bit RSA key, average of 3 minutes to
generate a 2,048-bit RSA key.
In practice this becomes one of those "installing something new" delays on
your computer. You stick the smart card into the reader and watch the watch
dial spin or the hourglass or whatever. Once it's done, the thing is
"installed" and you're ready to go. Unsophisticated users may worry that
they'll face the same delay the next time it's plugged in, but presumably
people will learn from experience.
Of course, you don't want to use such a key to protect a set of closely
held encryption keys that protect critical data, since you'll lose the data
if the smart card gets damaged or breaks down.
Rick.
smith@securecomputing.com roseville, minnesota
"Authentication" in bookstores http://www.visi.com/crypto/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
