views:

231

answers:

1

Hi all! Someone could explain me how the USB token works? I have to implement that secure layer in a java application, but i don't know very well how it works!

I know only the mecanism of a normal token key generator!

Thanks a lot!

+1  A: 

It's not clear which USB token you are talking about.

Some tokens such as the Aladdin ones can provide one-time-password features and/or cryptographic (public key encryption, signing, symmetric encryption, hashing) functions like a smart card.

Vendors will typically offer at least a library, or more often a software development kit (the Aladding one is here) that help you write the software.

For a one-time password system, you can read the token (either the computer can read it via USB, or the user can read the screen) to get the password. This password and a username or other identifier, and usually a private PIN are sent to an authentication server where the verification occurs. The server will reply that the person is successfully authenticated with that username, or not.

For a cryptographic token, the token will typically need to be "unlocked" by providing it with the appropriate PIN. Then, you can send different types of data and commands to the token, to make it encrypt/decrypt/sign/hash the data etc. It can also verify signatures and certificates.

The specifics depend on the particular manufacturer and model of the token.

John
In addition, the Sun Java platform supports PKCS#11 keystores (and a number of cryptographic tokens such as the Aladdin ones provide a PKCS#11 library, which can be used from Java this way).
Bruno