[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Increasing Public Key Crypto Security with Handhelds

Brian Ristuccia <brianr@debian.org> writes:

>I just came up with what I think may be a good way to increase the security
>of GNU Privacy Guard using a cheap handheld computer like the Palm III or
>the Handspring visor. I'm sure this has been proposed before with smartcard
>technology or something similar. I'm not a cryptographer, so I'm interested
>in hearing your comments.

This has already been done by implementing a PKCS #11 interface to a Palm
Pilot, the idea is that you use the Palm Pilot in place of a more usual crypto
token like a smart card or iButton.  Unfortunately the only implementations I
know of are stuck behind the iron curtain (and even there they're not widely
circulated), so they're not accessible to non-US users.  

The easiest way to handle this would be to take gpkcs11,
http://www.trustcenter.de/html/Produkte/TC_PKCS11/1494.htm, and port it to the
Palm Pilot so it can act as a PKCS #11 token.  For handling the other side of
things, I hope to release my general-purpose PKCS #11 interface code before the
end of the year, this has been tested with a wide variety of tokens including
smart cards, iButtons, crypto hardware, datakeys, and other bits and pieces, 
so you could use that to talk to the Palm Pilot.


Reply to: