From: Pat_Barron@transarc.com
Date: Thu, 8 Apr 93 15:03:15 PDT
To: cypherpunks@toad.com
Subject: Re: Security Dynamics
In-Reply-To: <199304072203.AA02670@misc.glarp.com>
Message-ID: <ofl_2sj0Bwx29UQucJ@transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


At one point, I talked to Security Dynamics, and experienced the same
reaction as the original poster.  Additionally, I found it ludicrous
that the cards were programmed to self-destruct after a period of
time, that they keep their encryption scheme so secret (though they'll
sell you source code if you fork over sufficient bucks), and that
there was no way to reprogram/reset the cards in the field.

I also couldn't stomach their "well, you just have to trust us"
response to a lot of my objections about it being a closed proprietary
system, having them know all of my key data, and not being able to
reprogram the cards.

I had much better luck with Digital Pathways, and their "SecureNet
Key" product.  This is a small (about as long and wide as the SecurID
card, but about 2.5 times as thick) hand-held authenticator that's
meant to go with Digital Pathways' "Data Defender" secure
communications front-end, though they sell the SecureNet Keys
separately, and they're not very expensive.  They use DES, are
individually field-programmable, and Digital Pathways is only too
happy to give you as much info about them as you want - for free.
With the info they gave me, it was no problem towrite code that knows
how to use the SecureNet Key.

--Pat.