I am working on a project for which we plan to use the FIPS object
module and AES 256. While I expect that a software-only
implementation will work fine, I would like to know the feasibility
of using an external device through the "engine" interface to satisfy
the FIPS 140-2 Level 3 physical security requirement. The system is
an embedded module on a custom PCB (design not yet finalized) so the
ideal solution would be a chip with internal storage for the
encryption key and a keyloader interface, but if the only supported
devices are larger modules, I would consider them too.
Looking through the archives for this mailing list I found references
to the nCipher box, CryptoSwift cards, the cryptodev ENGINE aka
OCF-linux, and smart cards. Are there other devices I should also
research? Thanks for any suggestions.
Steve
---
Steve Strobel
Link Communications, Inc.
1035 Cerise Rd
Billings, MT 59101-7378
(406) 245-5002 ext 102
(406) 245-4889 (fax)
WWW: http://www.link-comm.com
MailTo:steve.stro...@link-comm.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
