Smartcards promise to answer the problems of where to securely store private keys and how the user can seamlessly access them. Although some suggest storing private keys in the directory itself, this solution relies on the directory's access controls and the existence of a secure directory access protocol. Also, it doesn't prevent multiple copies of the private key from being made.

An alternative is for users to store private keys in a protected database on disk. These passphrase-protected "key rings" are only as secure as the encryption of their contents and can easily be copied to another medium, making it easy to crack them offline.

At present, per-seat costs of smartcards are rather high. Of the major smartcard vendors we spoke with, a single seat, including a serial port reader (approximately $60), cryptocard ($20 to $30) and desktop software totals $140. However, the vendors were quick to point out that this is a single seat price--and that lots of 100 or 1,000 seats are available at substantial discounts.

Smartcards at Work Until network operating systems incorporate public key authentication systems, smartcards are most useful for intranet services and S/MIME (Secure/MIME) secure messaging clients. Through its plug-in to Netscape Communicator, Litronic's NetSign smartcard product enables both certificate-based Web authentication and S/MIME. Netscape supports PKCS#11, while Microsoft is spearheading PC/SC, which is aimed specifically at supporting smartcards. By creating these APIs, smartcard interfaces promise to become plug-and-play devices, supported by various applications and operating systems.

Litronic's NetSign is an external smartcard reader/writer, connected to the workstation's serial port. It also supplies a keyboard pass-through plug for power. NetSign installs card testing and initialization utilities, as well as a cryptographic service provider for Netscape's Communicator. Once initialized, Litronic's smartcard is assigned a user name and a default passphrase. Certificate enrollment and key generation on the smartcard is similar to a standard Web-based certificate enrollment using Communicator's key database, except the user is prompted for a location to store the key once generated--the Communicator database or the smartcard's user name.

In our lab, we use smartcards as a convenient and secure way to administrate our Xcert Sentry CA (certificate authority). Controlled via an HTML interface, protected by certificate-authenticated secure HTTP, access to the CA's administrative menu is normally restricted to a workstation with an administrative certificate. But, using the smartcard, we can store a single administrative certificate on a portable smartcard instead of leaving in the Communicator certificate database on various workstations. Organizations that rely on CAs to protect intranet services can take advantage of smartcard portability and copy protection.

When validating certificate requests, we inserted the smartcard containing the administrative certificate into the workstation's smartcard reader and logged into the CA's administrative Web interface. When prompted for a user certificate, the certificate contained on the smartcard appears along with any certificates in Netscape's key database.

Tough Little Cards Smartcards are more than just memory chips. They are fully functional computers. In the case of cryptocards like the Schlumberger Cryptoflex card used in Litronic's solution, the card includes its own RSA crypto-engine. This means that the user's key never leaves the card. For instance, when computing a message signature in S/MIME, the mail client downloads the message hash to the card over its serial interface, where it is signed. Likewise, encryption and decryption happens on the card. For instance, when decrypting an S/MIME message, the encrypted session key is downloaded to the card for decryption. Since public key encryption is a very processor-intensive operation, most file encryption is done using conventional symmetric key cryptography.

This method of performing actual encryption on the card is a security feature. The user's private key never leaves the card, so there is no possibility of a virus or trojan horse on the user's desktop getting access to the key. The smartcard will not let anyone read the stored private key, making it nearly impossible for the user (or an unauthorized party) to copy the private key. In addition, smartcards are protected with a user name and password and will lock after a predetermined number of consecutive incorrect passwords. They also have an administrative account to unlock or reinitialize the card.

Smartcards also are more resilient than standard magnetic media like magnetic stripe cards or disks. We tested Litronic's claim by exposing the smartcards we tested to strong magnets (strong enough to wipe standard disks). This is an important feature for use in industrial environments or hospitals, where strong magnetic fields (like those from MRI scanners) erase standard magnetic media.