Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Thom space
Database server
Internet chess server
List of ZX80/81 clones
Versus programming...
DAYTIME
Künneth theorem
recommendation
compare webbrowser
Freenet DSL
Who's Online
5 user(s) are online (5 user(s) are browsing encyclopedia)

Members: 0
Guests: 5

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

Security token

A security token (or sometimes a hardware token or cryptographic token) is a physical device that an authorized user of computer services is given to aid in authentication. Tokens are typically small enough to be carried in a pocket or purse and often are designed to attach to the user s keychain. They can also store cryptographic keys and biometric data. Better designs feature tamper resistance packaging, and some include small keypads, allowing entry of a personal identification number (PIN).

One type of security token (e.g. RSA s SecurID) displays a number which changes every so often (typically every minute). The user enters that number along with a PIN when Logon to a computer system. The token contains a time of day clock and a unique seed value. The number displayed is a cryptographic hash of the seed, the time of day and perhaps a PIN. The computer also knows the time of day and the user s seed and PIN, so it can verify the entry. The computer can be instructed to accept values a few minutes off to allow for clock error. Another type (e.g. CryptoCard) produce a value each time a button is pressed. The computer system will accept several forward values in case the button is pressed more than once by accident.

Other security tokens connect directly to the computer through various input/output ports such as PC card (e.g. Fortezza), USB, Smartcard or Bluetooth. Some use a special purpose interface (e.g. the crypto ignition key deployed by the United States National Security Agency). Tokens can also be used as a photo ID card. Cell phones and Personal digital assistant can also serve as security tokens with proper programming.

USB tokens have the advantage of being self-contained since they can be plugged directly to a computer s USB port and therefore do not need a separate reader. From the operating system s point of view such a token is a USB-connected smartcard reader with one nonremovable smartcard present.

Security tokens provide the what you have component in Authentication#Multifactor_authentication.

= Usage =

The simplest security tokens do not need any connection to the computer. The user simply enters the number displayed on his or her token, usually along with a PIN, when asked to do so. Others connect to the computer using wireless techniques, such as Bluetooth. Still others plug into the computer. For these one must:

# Connect the token to the computer using an appropriate reader or port # Enter the PIN code if necessary Depending on type of the token the computer operating system will now either

  • read the key from token and perform cryptographic operation on it or
  • ask the token s firmware to perform this operation

    • = See also =

  • Two-factor authentication
    • *Software token

    = References =

    # PKCS -- The RSA standards PKCS #11 and PKCS #15 define software interfaces. # [http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.pdf Specification for Integrated Circuit(s) Cards Interface Devices]