Goldkey Hardware Encryption Token
I recently took delivery of a goldkey hardware encryption token. What sets these little devices apart is that all key management is performed “in hardware” on special goldkey tokens called Master or Grand Master tokens (depending on how many levels you of authority you want) which has the benefit of making the solution platform independent (Mac and Windows).
The token software installs easily and in minutes I was encrypting files and sharing them between my Mac and windows machine. On Windows and Mac the Goldkey software integrates neatly with the shell allowing you to right click on any file and encrypt a file. Whenever you encrypt or decrypt a file it asks you for your PIN providing two factor authentication.
Unfortunately the device is not supported under Linux and there is not much technical documentation of how the device actually works (I do know that it uses macfuse on OSX) but then again I guess Wideband (the co. that makes the device) don’t really want to share their trade secrets. The key also seems to get a tad hot when plugged in – that makes me wonder if the key is encrypting the data or if the software is encrypting the data ? I assume the key is encrypting the data otherwise having a hardware key would be of no use.
I think the key to this device taking off is it’s software. The software does a good job of creating encrypted volumes and encrypted files but can’t really do anything else. It would be great if you could use it to create a hash or a public key to use to authenticate to ssh servers or allow it to unlock mac keychains or even a particular part of a mac keychain (for example a certificate). This is obviously where a traditional smart card would provide better security but nonetheless the Goldkey is an excellent tool to protect data at rest and in transit.
leave a comment