|
|
ePass1000ND - New driverless token
|
|
|
ePass1000ND is a fully portable, driverless
and low cost device .
ePass1000ND is the ideal solution for user authentication
and access control functions. Applications can benefit from ePass1000ND’s
built-in MD5-HMAC algorithm unit which provides a powerful challenge/response
mechanism for authentication services.
The challenge/response authentication model is more secure than
the traditional user-name & password model because in challenge/response
the “shared secret” information is never exposed during
the authentication process.
ePass1000ND is also a perfect solution for portable
storage of sensitive information. Digital certificates,
private keys, passwords, credit card numbers and other
security credentials may be safely and conveniently stored on
ePass1000ND and taken with you. |
|
Information for ePass1000ND Developers
System developers who want to use the low level API interface of
ePass1000ND to add access control and entity authentications
to their programs, and manage memory inside ePass1000ND
to store sensitive information.
ePass1000ND has a hierarchical file system similar
to those found on PCs, except that the ePass1000ND
file management system is more specific regarding classifications
of permission and security.
Each ePass1000ND unit has a unique hardware serial
number. The serial number may serve as a unique identifier for ePass1000ND
enabled applications or administrative functions.
ePass1000ND uses the MD5 Hash algorithm to protect
passwords and other security information. The hash algorithm, as
implemented in ePass1000ND, makes it possible for
the user password (or other security information) to never leave
the security of ePass1000ND. Instead, ePass1000ND
will pass a calculation involving the password and a random character
string to the application for comparison.
|
| Cryptographic Services: |
|
Random Number Generator
ePass1000ND can generate random numbers in hardware.
Random numbers may be used when creating authentication digest
code as well as seed for other cryptographic functions.
|
| |
MD5 algorithm
The MD5 algorithm is an industry standard hashing
algorithm that takes a message of arbitrary length as input
and produces a 128-bit message digest as output. The output
digest is believed non-reversible, meaning that no one can
figure out the input data from the output MD5 digest.
|
| |
MD5 HMAC
Although much more reliable than simple checksum
methods, MD5 does not provide a data integrity check because
anyone can alter the input data and generate a corresponding
output digest. Obviously, the hashed value needs to be protected.
That is the target of the Hashed Message Authentication Code
(HMAC). HMAC can be used with the MD5 hash algorithm and a
secret key to authenticate a message or collection of data.
ePass1000ND supports this industry standard method to provide
a secure way for end users or applications to be authenticated
without exposing their secret keys.
|
| |
TEA
TEA is an excellent encryption algorithm. This algorithm
is more simple than DES(Data Encryption Standard). TEA has
high anti analyze ability and it’s faster than DES.
The encryption key can be 128 bits for 64 bits data. TEA is
so secure.
|
| ePass1000ND Technical
Specification |
| Supported Operating Systems |
Windows98SE/ME/2000/XP/Vista; Mac OS 10.3 ; Linux 2.6 above |
| Memory Size |
8K |
| On-Board Security Algorithms |
MD5, TEA |
| Chip Security Level |
Secured and Encrypted Data Storage |
| Power Dissipation |
< 250 mW |
| Operating Temperature |
0 C to 70 C (32 F to 156 F) |
| Storage Temperature |
-40 C to 85 C (-40 F to 185 F) |
| Humidity Rating |
0 to 100% without condensation |
| Connector Type |
USB type A (Universal Serial Bus) |
| Casing |
Hard Molded Plastic, Tamper Evident |
| Memory Data Retention |
At least 10 years |
| Memory Cell Rewrites |
At least 100,000 |
|
|
ePass
token 
