In this article, I discuss our experience of integrating a hardware cryptographic token under Linux, using another open-source project known as OpenSSL. Public Key Infrastructure (PKI) is a critical technology in today's computer oriented world. Without it there would be . . .
In this article, I discuss our experience of integrating a hardware cryptographic token under Linux, using another open-source project known as OpenSSL. Public Key Infrastructure (PKI) is a critical technology in today's computer oriented world. Without it there would be no secure e-commerce transactions or secure connections. Remember the days when clear-text passwords regularly flew across the Net? That's history now due to the increasing diligence of "bad people" sniffing the Net, looking for potential security loopholes to exploit. These days, paranoia is the normal state for computer security, and PKI plays a role in helping to ease that paranoia.

PKI provides a high level of protection by allowing the signing of e-mails, encryption of sockets and other cryptographic functions. A large standards base has evolved around PKI, and the open-source domain has taken on the task of implementing those standards to a high degree. PKI is based on the now well known public/private key-pair interaction. In this interaction a public/private key-pair is generated, and the public-key is used by external entities to verify data signed or encrypted by the private key. The private-key is held securely by the owner. The key can be held secure by a passphrase on either an encrypted file or a hardware token.

The link for this article located at Linux Journal is no longer available.