Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 445
  • Last Modified:

MiniSD card as smartcard?

I've never used smartcard technology but i'm interested in learning more. I have a CA in my microsoft domain and I was wondering if I am able to put my user certificate on a MiniSD card so I can use that to login on my workstation.  If I understand correctly, the only thing that defines a smartcard is a certificate assigned to the user. Since the computers have MiniSD card readers is this possible and is it as simple as putting my certificate on the MiniSD card?
0
OriNetworks
Asked:
OriNetworks
1 Solution
 
Dave HoweSoftware and Hardware EngineerCommented:
Pretty much. Smartcards are, well, smarter than that though, they actually carry out the cryptographic operations for you, and all would involve installing drivers for the appropriate APIs (PKCS #11 and #15 are applicable to smartcards) which, if you were rolling your own solution, you would need to write yourself.

the task isn't undoable - in fact, there is a perfectly good PKCS #11 "soft token" provider as part of the mozilla project which can be bent into service - but you would be looking at getting a skilled programmer to turn that into a windows service for you that read from the sd card the pkcs #15 store and did the cryptographic operations for you (I am not aware of any such service prewritten, but if anyone has one, I would be more than happy to be corrected). It would probably be faster/easier to write your own gina (there are sample implementations available) that checks the card for a user certificate, verifies it, extracts the user name, and then prompts for the domain password as normal.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now