Increasing Public Key Crypto Security with Handhelds
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Nov 28 08:13:52 CET 1999
Brian Ristuccia <brianr at debian.org> writes:
>I just came up with what I think may be a good way to increase the security
>of GNU Privacy Guard using a cheap handheld computer like the Palm III or
>the Handspring visor. I'm sure this has been proposed before with smartcard
>technology or something similar. I'm not a cryptographer, so I'm interested
>in hearing your comments.
This has already been done by implementing a PKCS #11 interface to a Palm
Pilot, the idea is that you use the Palm Pilot in place of a more usual crypto
token like a smart card or iButton. Unfortunately the only implementations I
know of are stuck behind the iron curtain (and even there they're not widely
circulated), so they're not accessible to non-US users.
The easiest way to handle this would be to take gpkcs11,
http://www.trustcenter.de/html/Produkte/TC_PKCS11/1494.htm, and port it to the
Palm Pilot so it can act as a PKCS #11 token. For handling the other side of
things, I hope to release my general-purpose PKCS #11 interface code before the
end of the year, this has been tested with a wide variety of tokens including
smart cards, iButtons, crypto hardware, datakeys, and other bits and pieces,
so you could use that to talk to the Palm Pilot.
Peter.
More information about the Gnupg-devel
mailing list