You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The latest SmartCard-HSM implements the concept of a key domain, in which a designated group of devices can share a group key.
I'd be interested to evaluate, how this mechanism could be used to gain access to a file share encrypted with gocryptfs.
Initially we could try to get that integrated with an external program that tunnels the password or master key into gocryptfs. The next level of integration would be to use a PKCS#11 interface to derive the encryption key from a master key stored on the device, but ideally (from the user's perspective) the code would directly interact with the device in order to obtain the master key.
Is support for hardware token on the list of planned features already ?
Andreas
The text was updated successfully, but these errors were encountered:
The latest SmartCard-HSM implements the concept of a key domain, in which a designated group of devices can share a group key.
I'd be interested to evaluate, how this mechanism could be used to gain access to a file share encrypted with gocryptfs.
Initially we could try to get that integrated with an external program that tunnels the password or master key into gocryptfs. The next level of integration would be to use a PKCS#11 interface to derive the encryption key from a master key stored on the device, but ideally (from the user's perspective) the code would directly interact with the device in order to obtain the master key.
Is support for hardware token on the list of planned features already ?
Andreas
The text was updated successfully, but these errors were encountered: