| This thread seems like a valid place to ask a long-standing question of mine. Are there any projects aiming for a hardware security token with the following properties? 1) Open hardware running open software. 2) Support for many and long keys. 3) Relatively fast signing on-board - i.e. keys are inaccessible to the host computer. (Obviously, I'm not expecting it to be feasible to sign gigabytes using a USB dongle). 4) Some PIN-entry-like low-grade security obsticle to delay an attacker that physically steals the dongle. I am aware of CryptoStick [1], but the current version is sold out and also does not satisfy 3 and 4 (and only partially 2, since it only takes three RSA keys and there's no support for EC, as far as I can tell). I really want to move away from passwords, but it seems very hard to do without a device satisfying 1-4 above. [1] https://www.crypto-stick.com/ |