Skip to Main Content
Hardware security tokens are gradually gaining popularity as tools for strong online authentication and secure storage of personal information. The security services they offer protect online service providers as well as consumers. These tokens are small embedded systems that typically have little or no human interface themselves. They work with software on the host computer for human interface and for interaction with programs on the computer or over the Internet. Since these security tokens typically provide cryptographic services and secure storage, the security of communication between the token and the host computer is a critical piece of the overall security framework. The design of this piece is a challenging task. It requires solving multiple problems, such as ensuring that the hardware token only talks with a legitimate host application; exchanging encryption keys; and minimizing the impact on communication performance. This paper presents our solutions to these problems. These solutions are applicable in a variety of hardware security tokens.