| |
_Public
Key Infrastructure (PKI)
The iKey 2000 Series Software for Windows Clients (Windows
98, ME, NT and 2000) uses iKey 2000 tokens in a PKI system
to process and store private cryptographic data.
The iKey 2000 token is capable of performing all private,
public, and secret key functions within the token. When
these critical operations are performed within the iKey
2000, a much higher level of information security is achieved
than can be provided by client-side software-only solutions.
However, performing all of cryptographic functions within
the token is not always practical or desirable. When used
in conjunction with the iKey 2000 Series Software, all
private key functions are performed within the iKey 2000’s
Cryptographic controller chip, including generation of
Digital Signatures. All public key functions are performed
within a Security Module embedded within the iKey 2000
Series Software. Secret key functions can be performed
both within the Cryptographic controller chip and/or within
the iKey 2000 software, depending upon the application
requesting the secret key function.
The iKey 2000 series can perform a variety of cryptographic
algorithms, including: DES in ECB and CBC modes, DESX,
triple-DES, RC2, RC4 and RC5. It fully supports PKI, e.g.
X.509 Digital Certificates and Public/Private keys, and
PGP Public/Private keys.
The iKey 2000 Security system provides an end-user pass
phrase authentication to perform sensitive functions in
the iKey 2000. These functions include Digital Signature
generation and unwrapping of session encryption keys,
i.e. those functions that require the use of the closely
guarded private key of the user's public key pair.
|
|
