Eutronsec - Token authentication products

CryptoIdentity - CryptoIdentity 2048 - FOCUS

CryptoIdentity 2048 è un dispositivo di sicurezza in formato chiave USB che abbina la funzione di una smart card crittografica con quella del suo lettore.
CryptoIdentity 2048 nasce per la memorizzazione sicura delle credenziali dell'utente (profili personali, certificati digitali X.509). La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta dal Titolare che ne è responsabile, proteggendone l'accesso tramite un PIN personalizzabile: il possesso del dispositivo hardware CryptoIdentity 2048 e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
CryptoIdentity 2048 consente la generazione della coppia di chiavi di crittografia al suo interno e l’applicazione della firma digitale. Dispone di meccanismi di sicurezza che impediscono l’esportazione e la copia della chiave privata al di fuori del dispositivo in cui è stata generata.

Principali plus del modello 2048:

Plus1 -- Prezzo di ingresso

Plus2 -- RSA 2048 bit

Plus3 -- Chip smart card con 64KB

CryptoIdentity - CryptoIdentity 2048 - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private couple of RSA cryptographic keys up to 2048 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access: the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.

Standards used: the device supports the following standards: ISO 7816 3-4, PKCS#11 v2.11, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 2048 bit, AES, DES, 3DES, SHA1, MD2, MD5

Memory: 64KB

Chip specifications: chip ATMEL AT90SC6464C with Algorithmic Research mask, able to ensure the secure storage of files and directories within a multilevel hierarchic structure.

Portability: it does not require additional reader, cables or supply batteries.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, light grey tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x7 mm

CryptoIdentity - CryptoIdentity 2048 - TECH SPECS

Interface: USB 2.0 full speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Certifications: FCC/CE, UL upon request
Polycarbonate housing; tamper-evident (water-, dust- e shockproof - IEC60529 IP67) housing upon request

CryptoIdentity - CryptoIdentity 2048 - SYSTEM REQUIREMENTS

Hardware requirements: PC IBM or 100% compatible, Desktop/Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

SO requirements: Windows 98/ME/2000/XP

Application requirements: CryptoCombo 2048 can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all those applications complying with the supported standards. Main product certifications and supported applications: Microsoft, IBM Lotus Notes, CA, Adobe, Novell, Betrusted, Cryptomathic, Verisign, Thawte, Evidian, Checkpoint VPN, Cisco VPN, PGP, Dekart, Citrix.

CryptoIdentity - CryptoIdentity 2048 - APPLICATION AREAS

Need	Supported applications	Description
Strong Authentication	Network and Smart Card Logon	Logon to PC, network or applications through digital certificates stored on a secure device and strong authentication mechanisms.
	VPN authentication	Storage of IPSEC certificate on a secure device, thus enabling to increase security when accessing the VPN connection, thanks to a strong authentication mechanism.
	SSL3 web authentication	Access to web site restricted areas through multi-factor authentication with client-side digital certificates on a secure device
	Wireless authentication	IEEE802.1x XP wireless client authentication.
	Firewall authentication	Authentication to firewall connections through digital certificates stored on a secure device, suitable for ensuring strong authentication.
	SSO	Authentication to applications through Single Sign On mechanisms
PKI solutions	Release and management of digital certificates	Facilities for Certification Authority that carry out the generation of RSA key pairs for digital certificates directly on devices equipped with smart card chip.
Digital signature	Applications designed for digital signature	Applications implementing digital signature mechanisms through certificates, with possible legal validity, that are stored on secure devices.
E-mail protection	E-mail clients	The most widespread e-mail clients natively support the S/MIME signature of e-mail messages through certificates stored on secure devices.
Cryptography	Disk and file encryption	Encoding of data present on disks, files or folders through coding mechanisms based on digital certificates stored on secure devices.
Cryptography	Hard disk encryption	Protection of a whole disk through on-the-fly encoding/decoding mechanisms; when combined to preboot authentication mechanisms; only the user who manages the USB token can allow access to the disk resident data.

According to the key models there could be some differences between the applications reported in the table and those actually supported; check the compatibility matrix with Eutronsec Technical Assistance.

CryptoIdentity - CryptoIdentity ITSEC-I - FOCUS

CryptoIdentity ITSEC-I CryptoIdentity ITSEC-I è un dispositivo di sicurezza in formato chiave USB che abbina la funzione di una smart card crittografica con quella del suo lettore.
CryptoIdentity ITSEC-I nasce per la memorizzazione sicura memorizzazione sicura delle credenziali dell'utente (profili personali, certificati digitali X.509). La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta dal Titolare che ne è responsabile, proteggendone l'accesso tramite un PIN personalizzabile: il possesso del dispositivo hardware CryptoIdentity ITSEC-I e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
CryptoIdentity ITSEC-I consente la generazione della coppia di chiavi di crittografia al suo interno e l’applicazione della firma digitale. Dispone di meccanismi di sicurezza che impediscono l’esportazione e la copia della chiave privata al di fuori del dispositivo in cui è stata generata.

Il livello di certificazione ITSEC/Common Criteria del chip crittografico e del sistema operativo CardOS installati a bordo di CryptoIdentity ITSEC-I, la rendono conforme alla normativa che regolamenta la firma elettronica qualificata.

Principali plus del modello ITSEC-I:

Plus1 -- Dispositivo per firma digitale a norma

Plus2 -- Compatibile con le principali soluzioni di Hard Disk Encryption

Plus3 -- Supporto Linux (*)

(*) Solo con API Charismathics

CryptoIdentity - CryptoIdentity ITSEC-I - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private couple of RSA cryptographic keys up to 2048 bit (1). The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access: the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer

Standards used:the device supports the following standards: ISO 7816 3-4, PKCS#11 v2.11, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 1024/2048 bit (2048 bit is available only with some CardOS releases in combination with specific APIs)

Memory: 32KB

Chip specifications:chip of the Infineon SLE66CX family (SLE66CX322P) CC EAL 5+ certified with CardOS M4.3B operating system (CC EAL 4+ certified); options: CardOS M4.01A (ITSEC E4 High certified) or CardOS M4.2B (CC EAL 4+ certified).

Portability: it does not require additional reader, cables or supply batteries.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing:Transparent plastic material, blu tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x7 mm

CryptoIdentity - CryptoIdentity ITSEC-I - TECH SPECS

Interface: USB 2.0 full speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Certifications: FCC/CE, UL upon request
Polycarbonate housing; tamper-evident (water-, dust- e shockproof - IEC60529 IP67) housing upon request

CryptoIdentity - CryptoIdentity ITSEC-I - SYSTEM REQUIREMENTS

Hardware requirements:
PC IBM or 100% compatible, Desktop/Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

SO requirements:
Windows 2000/XP/2003/Vista, Linux

Application requirements:
CryptoCombo ITSEC-I can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all those applications complying with the supported standards. Main product certifications and supported applications: Microsoft, IBM Lotus Notes, CA, Adobe, Novell, Betrusted, Cryptomathic, Verisign, Thawte, Evidian, Checkpoint VPN, Cisco VPN, PGP, Dekart, Citrix.

CryptoIdentity - CryptoIdentity ITSEC-I - APPLICATION AREAS

Need	Supported applications	Description
Strong Authentication	Network and Smart Card Logon	Logon to PC, network or applications through digital certificates stored on a secure device and strong authentication mechanisms.
	VPN authentication	Storage of IPSEC certificate on a secure device, thus enabling to increase security when accessing the VPN connection, thanks to a strong authentication mechanism.
	SSL3 web authentication	Access to web site restricted areas through multi-factor authentication with client-side digital certificates on a secure device
	Wireless authentication	IEEE802.1x XP wireless client authentication.
	Firewall authentication	Authentication to firewall connections through digital certificates stored on a secure device, suitable for ensuring strong authentication.
	SSO	Authentication to applications through Single Sign On mechanisms
PKI solutions	Release and management of digital certificates	Facilities for Certification Authority that carry out the generation of RSA key pairs for digital certificates directly on devices equipped with smart card chip.
Digital signature	Applications designed for digital signature	Applications implementing digital signature mechanisms through certificates, with possible legal validity, that are stored on secure devices.
E-mail protection	E-mail clients	The most widespread e-mail clients natively support the S/MIME signature of e-mail messages through certificates stored on secure devices.
Cryptography	Disk and file encryption	Encoding of data present on disks, files or folders through coding mechanisms based on digital certificates stored on secure devices.
Cryptography	Hard disk encryption	Protection of a whole disk through on-the-fly encoding/decoding mechanisms; when combined to preboot authentication mechanisms; only the user who manages the USB token can allow access to the disk resident data.

CryptoIdentity - CryptoIdentity ITSEC-I/64 - FOCUS

CryptoIdentity ITSEC-I/64 è un dispositivo di sicurezza in formato chiave USB che abbina la funzione di una smart card crittografica con quella del suo lettore; rispetto al modello ITSEC-I, monta un chip crittografico con 64KB di memoria interna.
CryptoIdentity ITSEC-I/64 nasce per la memorizzazione sicura memorizzazione sicura delle credenziali dell'utente (profili personali, certificati digitali X.509). La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta dal Titolare che ne è responsabile, proteggendone l'accesso tramite un PIN personalizzabile: il possesso del dispositivo hardware CryptoIdentity ITSEC-I/64 e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
CryptoIdentity ITSEC-I/64 consente la generazione della coppia di chiavi di crittografia al suo interno e l’applicazione della firma digitale. Dispone di meccanismi di sicurezza che impediscono l’esportazione e la copia della chiave privata al di fuori del dispositivo in cui è stata generata.
Il livello di certificazione Common Criteria del chip crittografico e del sistema operativo CardOS M4.3B installati a bordo di CryptoIdentity ITSEC-I/64, la rendono conforme alla normativa che regolamenta la firma elettronica qualificata.

Principali plus del modello ITSEC-I/64:

Plus1 -- Dispositivo per firma digitale a norma

Plus2 -- RSA 2048 bit

Plus3 -- Chip smart card con 64KB

CryptoIdentity - CryptoIdentity ITSEC-I/64 - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private couple of RSA cryptographic keys up to 2048 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access:the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.

Standards used: the device supports the following standards: ISO 7816 3-4, PKCS#11 v2.11, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 2048 bit

Memory: 64KB

Chip specifications: chip of the Infineon SLE66CX family (SLE66CX642P) Common Criteria EAL 5+ certified, with CardOS M4.3B Common Criteria EAL 4+ certified.

Portability: iit does not require additional reader, cables or supply batteries.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, blu tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x7 mm

CryptoIdentity - CryptoIdentity ITSEC-I/64 - TECH SPECS

Interface: USB 2.0 full speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Certifications: FCC/CE, UL upon request
Polycarbonate housing; tamper-evident (water-, dust- e shockproof - IEC60529 IP67) housing upon request

CryptoIdentity - CryptoIdentity ITSEC-I/64 - SYSTEM REQUIREMENTS

Hardware requirements:
PC IBM or 100% compatible, Desktop/Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

SO requirements:
Windows 2000/XP/2003/Vista, Linux

Application requirements:
CryptoCombo ITSEC-I/64 can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all those applications complying with the supported standards. Main product certifications and supported applications: Microsoft, IBM Lotus Notes, CA, Adobe, Novell, Betrusted, Cryptomathic, Verisign, Thawte, Evidian, Checkpoint VPN, Cisco VPN, PGP, Dekart, Citrix.

CryptoIdentity - CryptoIdentity ITSEC-I/64 - APPLICATION AREAS

Need	Supported applications	Description
Strong Authentication	Network and Smart Card Logon	Logon to PC, network or applications through digital certificates stored on a secure device and strong authentication mechanisms.
	VPN authentication	Storage of IPSEC certificate on a secure device, thus enabling to increase security when accessing the VPN connection, thanks to a strong authentication mechanism.
	SSL3 web authentication	Access to web site restricted areas through multi-factor authentication with client-side digital certificates on a secure device
	Wireless authentication	IEEE802.1x XP wireless client authentication.
	Firewall authentication	Authentication to firewall connections through digital certificates stored on a secure device, suitable for ensuring strong authentication.
	SSO	Authentication to applications through Single Sign On mechanisms
PKI solutions	Release and management of digital certificates	Facilities for Certification Authority that carry out the generation of RSA key pairs for digital certificates directly on devices equipped with smart card chip.
Digital signature	Applications designed for digital signature	Applications implementing digital signature mechanisms through certificates, with possible legal validity, that are stored on secure devices.
E-mail protection	E-mail clients	The most widespread e-mail clients natively support the S/MIME signature of e-mail messages through certificates stored on secure devices.
Cryptography	Disk and file encryption	Encoding of data present on disks, files or folders through coding mechanisms based on digital certificates stored on secure devices.
Cryptography	Hard disk encryption	Protection of a whole disk through on-the-fly encoding/decoding mechanisms; when combined to preboot authentication mechanisms; only the user who manages the USB token can allow access to the disk resident data.

CryptoIdentity - CryptoIdentity FIPS - FOCUS

CryptoIdentity FIPS è un dispositivo di sicurezza in formato chiave USB che abbina la funzione di una smart card crittografica con quella del suo lettore.
CryptoIdentity FIPS nasce per la memorizzazione sicura delle credenziali dell'utente (profili personali, certificati digitali X.509). La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta dal Titolare che ne è responsabile, proteggendone l'accesso tramite un PIN personalizzabile: il possesso del dispositivo hardware CryptoIdentity FIPS e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
CryptoIdentity FIPS consente la generazione della coppia di chiavi di crittografia al suo interno e l’applicazione della firma digitale. Dispone di meccanismi di sicurezza che impediscono l’esportazione e la copia della chiave privata al di fuori del dispositivo in cui è stata generata.

Principali plus del modello FIPS:

Plus1 -- Certificazione FIPS

Plus3 -- Tecnologia AET/G&D

CryptoIdentity - CryptoIdentity FIPS - PRODUCT FEATURES

strong>RSA Keys: "on board" generation of the public/private pair of RSA cryptographic keys up to 1024 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access: the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.

Standards used: the device supports the following standards: ISO 7816 3-4, PKCS#11 v2.11, PKCS#15, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 1024 bit

Memory: 32KB

Chip specifications: Philips P8WE5032 chip, ITSEC E4+ certified, with Giesecke & Devrient StarCOS SPK 2.4 operating system, FIPS 140-2 level 2 certified

Portability: it does not require additional reader, cables or supply batteries.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing:Transparent plastic material, blu tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Compact size: 62x17x7 mm

CryptoIdentity - CryptoIdentity FIPS - TECH SPECS

Interface: USB 2.0 full speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Certifications: FCC/CE, UL upon request
Polycarbonate housing; tamper-evident (water-, dust- e shockproof - IEC60529 IP67) housing upon request

CryptoIdentity - CryptoIdentity FIPS - SYSTEM REQUIREMENTS

Hardware requirements: PC IBM or 100% compatible, Desktop/Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

OS requirements: Windows 98/ME/2000/XP. For the sole flash memory component on-board the device, access is possible without installing any drivers on all Windows operating systems, except for 98 and 98SE.

Application requirements: CryptoCombo FIPS can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all those applications complying with the supported standards. Main product certifications and supported applications: Microsoft, IBM Lotus Notes, CA, Adobe, Novell, Betrusted, Cryptomathic, Verisign, Thawte, Evidian, Checkpoint VPN, Cisco VPN, PGP, Dekart, Citrix.

CryptoIdentity - CryptoIdentity FIPS - APPLICATION AREAS

Need	Supported applications	Description
Strong Authentication	Network and Smart Card Logon	Logon to PC, network or applications through digital certificates stored on a secure device and strong authentication mechanisms.
	VPN authentication	Storage of IPSEC certificate on a secure device, thus enabling to increase security when accessing the VPN connection, thanks to a strong authentication mechanism.
	SSL3 web authentication	Access to web site restricted areas through multi-factor authentication with client-side digital certificates on a secure device
	Wireless authentication	IEEE802.1x XP wireless client authentication.
	Firewall authentication	Authentication to firewall connections through digital certificates stored on a secure device, suitable for ensuring strong authentication.
	SSO	Authentication to applications through Single Sign On mechanisms
PKI solutions	Release and management of digital certificates	Facilities for Certification Authority that carry out the generation of RSA key pairs for digital certificates directly on devices equipped with smart card chip.
Digital signature	Applications designed for digital signature	Applications implementing digital signature mechanisms through certificates, with possible legal validity, that are stored on secure devices.
E-mail protection	E-mail clients	The most widespread e-mail clients natively support the S/MIME signature of e-mail messages through certificates stored on secure devices.
Cryptography	Disk and file encryption	Encoding of data present on disks, files or folders through coding mechanisms based on digital certificates stored on secure devices.
Cryptography	Hard disk encryption	Protection of a whole disk through on-the-fly encoding/decoding mechanisms; when combined to preboot authentication mechanisms; only the user who manages the USB token can allow access to the disk resident data.

CryptoCombo - CryptoCombo ITSEC-I - FOCUS

CRYPTOCOMBO ITSEC-I è un dispositivo di sicurezza in formato chiave USB che nasce come evoluzione di CryptoIdentity (www.cryptoidentity.Eutronsec.it), in quanto combina le funzionalità di una smart card crittografica e di una memoria partizionabile fino a 4GB:

smart card + memoria flash partizionabile

CryptoCombo sfrutta la tecnologia smart card per la memorizzazione sicura delle credenziali utente (profili personali, certificati digitali); la memoria flash a bordo della chiave è partizionabile (opzioni: CD-ROM con funzione autorun, memoria flash crittografata con AES 256 bit, mass storage tradizionale) e offre spazio sufficiente per il trasporto di dati e applicativi.
La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta all'interno del chip crittografico, proteggendone l'accesso tramite un PIN personalizzabile e, se generata internamente al chip, non può essere esportata o duplicata. Il possesso del dispositivo hardware e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
Il livello di certificazione ITSEC/Common Criteria del chip crittografico e del sistema operativo CardOS installati a bordo di CryptoCombo ITSEC-I, la rendono conforme alla normativa che regolamenta la firma elettronica qualificata.

Principali plus del modello ITSEC-I:

Plus1 -- Dispositivo per firma digitale a norma

Plus2 -- Compatibile con le principali soluzioni di Hard Disk Encryption

Plus3 -- Supporto Linux (*)

(*) Solo con API Charismathics

CryptoCombo - CryptoCombo ITSEC-I - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private pair of RSA cryptographic keys up to 2048 bit (1). The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access:the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.
If set, the user can access the partition encrypted with AES 256bit using the same PIN code of the CryptoCombo smart card component.

Standards used: the device supports the following standards ISO 7816 3-4, PKCS#11 v2.11, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 2048 bit (2048 bit is available only with some CardOS releases in combination with specific APIs)

Cryptographic chip memory: 32KB

Flash memory: partitionable and available in the range 256MB - 512MB -1GB - 2GB - 4GB. Through the PicoUpdate technology one can handle and update the flash memory from remote.

Cryptographic chip specifications: chip of the Infineon SLE66CX family (SLE66CX322P) CC EAL 5+ certified with CardOS M4.3B operating system (CC EAL 4+ certified); options: CardOS M4.01A (ITSEC E4 High certified) or CardOS M4.2B (CC EAL 4+ certified).

Portability: it does not require additional reader, cables or supply batteries. Moreover thanks to the flash memory, the CDROM for installation of the application as well as the application itself can reside on the USB token.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, light grey tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x10 mm

CryptoCombo - CryptoCombo ITSEC-I - TECH SPECS

USB 2.0 full speed (USB 1.1 compatible)
USB 2.0 high speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Flash reading rate: up to 18 MB/s
Flash writing rate: up to 11 MB/s
Certifications: FCC/CE, UL upon request
Polycarbonate housing

CryptoCombo - CryptoCombo ITSEC-I - SYSTEM REQUIREMENTS

Hardware requirements: PC IBM or 100% compatible, Desktop/Notebook/Sub-Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

OS requirements: Windows 2000/XP/2003/Vista, Linux .

Application requirements: CryptoCombo ITSEC-I can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all other applications using supported standards.

CryptoCombo - CryptoCombo ITSEC-I - APPLICATION AREAS

Request	Applications supported	Solutions
Strong Authentication.	Network and Smart Card Logon.	Citrix Metaframe XP. CryptoGram Secure Login and SSO. Entrust solutions. Eutronsec ControlSphere Master Soft KeyID e DialWays. Microsoft Windows 2000/XP Smart Card logon. Novell NMAS. Solutions RAS Dialup / RADIUS. Kammatech Portable Security.
	Authentication VPN.	CheckPoint VPN-1 Securemote. CISCO VPN. F-Secure VPN+. Microsoft VPN. Netasq VPN. RSA SecureID.
	Authentication Wireless.	IEEE802.1x XP wireless client authentication. Master Soft KeyID e DialWays.
	Firewall solutions.	Netasq Firewall. Any solution supporting the technology standards PKCS#11 and/or MS CAPI.
Solutions PKI.	Infrastructure for the issue and management of digital certificates.	Add Trust PKI. AEC TrustPort CA. Baltimore Technologies UniCERT. Cryptomathic INCA. cv Cryptovision CA. Entrust Authority PKI. GlobalSign CA. Microsoft CA. TC TrustCenter CA. Thawte CA. VeriSign PKI. Any PKI supporting the generation of certificates on Smart card devices.
Digital signing.	Applications for digital signing.	AEC Trust Mail. Digitaltrust Sign'ncrypt. Eutronsec SecIdentity Key-Sign. InfoCamere Dike Kelyan Signo. Master Soft SignAll. Siemens Smart Signer. Siemens SecureDocs. Any solution supporting the technology standards PKCS#11 and/or MS CAPI.
Email protection.	Email clients.	Cryptovision cv act s/mail. Lotus Notes. Microsoft Outlook/Outlook Express & Internet Explorer. Mozilla. Netscape Messenger. PGP 8.0. Any mail client supporting Smart Card devices.
Encryption.	Disk and file encryption.	AEC Trust Mail. CryptoGram Folder. Eutronsec ControlSphere PGP 8.0. SecureStar DriveCrypt. Siemens SecureDocs. Siemens Smart Cypher. Kammatech Portable Security. Any solution supporting the technology standards PKCS#11 and/or MS CAPI.

Combo technology transforms your security device into a portable "virtual workspace".

Combo technology transforms a security device – the operation of which used to depend on external software applications – into a portable "virtual workspace", by pre-loading on-board the software necessary for its own working, the authentication applications that are used in connection with the device and a series of utilities that make the tool absolutely autonomous from the PC it is connected to.

The most outstanding feature is the possibility to use the device straightaway and on any PC, being guaranteed that no traces are left on the computer, as the flash component contains all the software that the user needs for activating the device and for operating it subsequently.

Thanks to an intelligent profiling system, the devices provided with Combo technology become highly customized tools which can safely store the user’s password, personal profiles and digital credentials.

Download the combo technology brochure

CryptoCombo - CryptoCombo ITSEC-I/64 - FOCUS

Cryptocombo ITSEC-I/64 è un dispositivo di sicurezza in formato chiave USB che nasce come evoluzione del token crittografico CryptoIdentity (www.cryptoidentity.Eutronsec.it), in quanto combina le funzionalità di una smart card e di una memoria partizionabile fino a 4GB; rispetto al modello ITSEC-I, monta un chip crittografico con 64KB di memoria interna:

smart card + memoria flash partizionabile

CryptoCombo sfrutta la tecnologia smart card per la memorizzazione sicura delle credenziali utente (profili personali, certificati digitali); la memoria flash a bordo della chiave è partizionabile (opzioni: CD-ROM con funzione autorun, memoria flash crittografata con AES 256 bit, mass storage tradizionale) e offre spazio sufficiente per il trasporto di dati e applicativi.
La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta all'interno del chip crittografico, proteggendone l'accesso tramite un PIN personalizzabile e, se generata internamente al chip, non può essere esportata o duplicata. Il possesso del dispositivo hardware e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
Il livello di certificazione Common Criteria del chip crittografico e del sistema operativo CardOS M4.3B installati a bordo di CryptoCombo ITSEC-I/64, la rendono conforme alla normativa che regolamenta la firma elettronica qualificata.

Principali plus del modello ITSEC-I/64:

Plus1 -- Dispositivo per firma digitale a norma

Plus2 -- RSA 2048 bit

Plus3 -- Chip smart card con 64KB

CryptoCombo - CryptoCombo ITSEC-I/64 - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private pair of RSA cryptographic keys up to 2048 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access: the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.
If set, the user can access the partition encrypted with AES 256bit using the same PIN code of the CryptoCombo smart card component. Standards used: the device supports the following standards ISO 7816 3-4, PKCS#11 v2.11, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 2048 bit

Cryptographic chip memory: 64KB

Flash memory: partitionable and available in the range 256MB - 512MB -1GB - 2GB - 4GB.
Through the PicoUpdate technology one can handle and update the flash memory from remote.

Cryptographic chip specifications: chip of the Infineon SLE66CX family (SLE66CX642P) CC EAL 5+ certified with CardOS M4.3B operating system (CC EAL 4+ certified).

Portability: it does not require additional reader, cables or supply batteries. Moreover thanks to the flash memory, the CDROM for installation of the application as well as the application itself can reside on the USB token.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, light grey tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x7 mm

CryptoCombo - CryptoCombo ITSEC-I/64 - TECH SPECS

USB 2.0 full speed (USB 1.1 compatible)
USB 2.0 high speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Flash reading rate: up to 18 MB/s
Flash writing rate: up to 11 MB/s
Certifications: FCC/CE, UL upon request
Polycarbonate housing

CryptoCombo - CryptoCombo ITSEC-I/64 - SYSTEM REQUIREMENTS

Hardware requirements:
PC IBM or 100% compatible, Desktop/Notebook/Sub-Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

OS requirements:
Windows 2000/XP/2003/Vista, Linux

Application requirements:
CryptoCombo ITSEC-I/64 can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all other applications using supported standards. Main certification of products and supported applications: Microsoft, IBM Lotus Notes, CA, Adobe, Novell, Betrusted, Cryptomathic, Verisign, Thawte, Evidian, Checkpoint VPN, Cisco VPN, PGP, Dekart, Citrix.

CryptoCombo - CryptoCombo ITSEC-I/64 - APPLICATION AREAS

Combo technology transforms your security device into a portable "virtual workspace".

Download the combo technology brochure

CryptoCombo - CryptoCombo ITSEC-P - FOCUS

CRYPTOCOMBO ITSEC-P è un dispositivo di sicurezza in formato chiave USB che nasce come evoluzione di CryptoIdentity (www.cryptoidentity.Eutronsec.it), in quanto combina le funzionalità di una smart card crittografica e di una memoria partizionabile fino a 4GB:

smart card + memoria flash partizionabile

CryptoCombo sfrutta la tecnologia smart card per la memorizzazione sicura delle credenziali utente (profili personali, certificati digitali); la memoria flash a bordo della chiave è partizionabile (opzioni: CD-ROM con funzione autorun, memoria flash crittografata con AES 256 bit, mass storage tradizionale) e offre spazio sufficiente per il trasporto di dati e applicativi.
La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta all'interno del chip crittografico, proteggendone l'accesso tramite un PIN personalizzabile e, se generata internamente al chip, non può essere esportata o duplicata. Il possesso del dispositivo hardware e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".
La certificazione ITSEC E4 high del chip crittografico e del sistema operativo G&D StarCOS SPK 2.3 installati a bordo di CryptoCombo ITSEC-P, la rendono conforme alla normativa che regolamenta la firma elettronica qualificata.

Principali plus del modello ITSEC-P:

Plus1 -- Dispositivo per firma digitale a norma

Plus2 -- Supporto Linux

Plus3 -- Tecnologia AET/G&D

CryptoCombo - CryptoCombo ITSEC-P - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private pair of RSA cryptographic keys up to 1024 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access:the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.
If set, the user can access the partition encrypted with AES 256bit using the same PIN code of the CryptoCombo smart card component.

Standards used: the device supports the following standards ISO 7816 3-4, PKCS#11 v2.11, PKCS#15, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 1024 bit

Cryptographic chip memory: 32KB

Flash memory: partitionable and available in the range 256MB - 512MB -1GB - 2GB - 4GB. Through the PicoUpdate technology one can handle and update the flash memory from remote.

Cryptographic chip specifications: Philips P8WE5032 chip, with Giesecke & Devrient StarCOS SPK 2.3, both ITSEC E4 high certified

Portability: it does not require additional reader, cables or supply batteries. Moreover thanks to the flash memory, the CDROM for installation of the application as well as the application itself can reside on the USB token.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, light grey tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing Small size: 62x17x10 mm

CryptoCombo - CryptoCombo ITSEC-P - TECH SPECS

USB 2.0 full speed (USB 1.1 compatible)
USB 2.0 high speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Flash reading rate: up to 18 MB/s
Flash writing rate: up to 11 MB/s
Certifications: FCC/CE, UL upon request
Polycarbonate housing

CryptoCombo - CryptoCombo ITSEC-P - SYSTEM REQUIREMENTS

Hardware requirements: PC IBM or 100% compatible, Desktop/Notebook/Sub-Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

OS requirements: Windows 98/ME/2000/XP and Linux

Only for the on-board flash memory, the access is possible without any need to install a driver on all Windows operating systems, except for Windows 98 and 98SE.
Application requirements: CryptoCombo ITSEC-P can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all other applications using supported standards.

CryptoCombo - CryptoCombo ITSEC-P - APPLICATION AREAS

Request	Applications supported	Solutions
Strong Authentication.	Network and Smart Card Logon.	Citrix Metaframe XP Server Digitronic Authentication Entrust Entelligence: Desktop Manager, E-mail Plug-in, File Plug-in, Web Plug-in Entrust Entelligence: Security Provider Entrust TruePass Entrust SSO Eutronsec ControlSphere Protocom SecureLogin SSO Protocom SecureLogin Advanced Authentication RSA SecurID Windows 2003 Terminal Server SSH Tectia client (Secure Shell for Workstations) Microsoft Windows 2000/XP Smart Card logon
Strong Authentication.	Authentication VPN.	CheckPoint VPN CISCO VPN client Microsoft VPN NCP VPN/PKI client SafeNet SoftRemote VPN client Any solution supporting the technology standards PKCS#11, PKCS#15 e/o MS CAPI
Solutions PKI.	Infrastructure for the issue and management of digital certificates.	Baltimore UniCERT CA Baltimore MailSecure Entrust Authority (Security Manager e Self-Administration Server) Computer Associates eTrust PKI GlobalSign CA Microsoft PKI RSA Keon PKI SafeGuard PKI Safelayer KeyOne product family Verisign Key-Manager, Managed PKI Manager and Public/Private CA Verisign Managed PKI Manager Verisign Public/Private CA Any PKI supporting the generation of certificates on Smart card devices.
Digital signing.	Applications for digital signing.	E-Lock Prosigner SafeGuard Sign&Crypt for Office SafeGuard Transaction client Any solution supporting the technology standards PKCS#11, PKCS#15 and/or MS CAPI.
Email protection.	Email clients.	Baltimore MailSecure IBM Lotus Notes Microsoft Outlook/Outlook Express & Internet Explorer Mozilla Mail e Navigator Netscape Messenger e Navigator Novell Groupwise 6.0 client SafeGuard Sign&Crypt for Outlook SafeGuard Sign&Crypt for Lotus Notes Any mail client supporting Smart Card devices
Encryption.	Disk and file encryption.	PGP Corporate Desktop Eutronsec ControlSphere SafeGuard Private Disk Any solution supporting the technology standards PKCS#11, PKCS#15 and/or MS CAPI.

Combo technology transforms your security device into a portable "virtual workspace".

Download the combo technology brochure

CryptoCombo - CryptoCombo FIPS - FOCUS

CRYPTOCOMBO FIPS è un dispositivo di sicurezza in formato chiave USB che nasce come evoluzione di CryptoIdentity (www.cryptoidentity.Eutronsec.it), in quanto combina le funzionalità di una smart card crittografica e di una memoria partizionabile fino a 4GB:

smart card + memoria flash partizionabile

CryptoCombo sfrutta la tecnologia smart card per la memorizzazione sicura delle credenziali utente (profili personali, certificati digitali); la memoria flash a bordo della chiave è partizionabile (opzioni: CD-ROM con funzione autorun, memoria flash crittografata con AES 256 bit, mass storage tradizionale) e offre spazio sufficiente per il trasporto di dati e applicativi.
La chiave privata utilizzata per la firma dei documenti informatici viene conservata in maniera sicura e segreta all'interno del chip crittografico, proteggendone l'accesso tramite un PIN personalizzabile e, se generata internamente al chip, non può essere esportata o duplicata. Il possesso del dispositivo hardware e la conoscenza del PIN sono i due elementi alla base del meccanismo di autenticazione "a due fattori".

Principali plus del modello FIPS:

Plus1 -- Certificazione FIPS

Plus3 -- Tecnologia AET/G&D

CryptoCombo - CryptoCombo FIPS - PRODUCT FEATURES

RSA Keys: "on board" generation of the public/private pair of RSA cryptographic keys up to 1024 bit. The private key is never exposed to external environment and cannot leave the device. All the public key-based operations are carried out on the token. The public key can be exported at any time.

User Access: the device is equipped with alphanumeric PIN and PUK, to control the access to data and private keys stored in the cryptographic chip memory. In case of several failed access procedures, the user’s PIN is stopped and the token cannot be used any longer.
If set, the user can access the partition encrypted with AES 256bit using the same PIN code of the CryptoCombo smart card component

Standards used: the device supports the following standards ISO 7816 3-4, PKCS#11 v2.11, PKCS#15, PC/SC, Microsoft CAPI, S/MIME, IPSec/IKE, X.509 v3, CCID.

Algorithms supported: RSA up to 1024 bit

Cryptographic chip memory: 32KB

Flash memory: partitionable and available in the range 256MB - 512MB -1GB - 2GB - 4GB. Through the PicoUpdate technology one can handle and update the flash memory from remote.

Cryptographic chip specifications: Philips P8WE5032 chip with ITSEC E4+ certification, coming with FIPS 140-2 level 2 certified Giesecke & Devrient StarCOS SPK 2.4 operating system

Portability:it does not require additional reader, cables or supply batteries. Moreover thanks to the flash memory, the CDROM for installation of the application as well as the application itself can reside on the USB token.

Optionals: Customization options are available as for the shell colour and any inscriptions and matchable accessories, from the key ring to the neck strap, from the USB connector cap to customized document printing.

Casing: Transparent plastic material, light grey tamper evident, mechanical- and electromagnetic- shock resistant

Customization: With customized labels and/or different color of the casing

Small size: 62x17x10 mm

CryptoCombo - CryptoCombo FIPS - TECH SPECS

USB 2.0 full speed (USB 1.1 compatible)
USB 2.0 high speed (USB 1.1 compatible)
Transfer rate to cryptographic module: 115 Kbps
Flash reading rate: up to 18 MB/s
Flash writing rate: up to 11 MB/s
Certifications: FCC/CE, UL upon request
Polycarbonate housing

CryptoCombo - CryptoCombo FIPS - SYSTEM REQUIREMENTS

Hardware requirements: PC IBM or 100% compatible, Desktop/Notebook/Sub-Notebook/Laptop with USB port (Pentium 100 Mhz or higher)

OS requirements: Windows 98/ME/2000/XP and Linux
Only for the on-board flash memory, the access is possible without any need to install a driver on all Windows operating systems, except for Windows 98 and 98SE.

Application requirements: CryptoCombo FIPS can interoperate, especially with Netscape Communicator Suite, Microsoft Internet Explorer, Microsoft Outlook, Lotus Notes 6.x, Acrobat 6 or higher and all other applications

CryptoCombo - CryptoCombo FIPS - APPLICATION AREAS

Request	Applications supported	Solutions
Strong Authentication.	Network and Smart Card Logon.	Citrix Metaframe XP Server Digitronic Authentication Entrust Entelligence: Desktop Manager, E-mail Plug-in, File Plug-in, Web Plug-in Entrust Entelligence: Security Provider Entrust TruePass Entrust SSO Eutronsec ControlSphere Protocom SecureLogin SSO Protocom SecureLogin Advanced Authentication RSA SecurID Windows 2003 Terminal Server SSH Tectia client (Secure Shell for Workstations) Microsoft Windows 2000/XP Smart Card logon
Strong Authentication.	Authentication VPN.	CheckPoint VPN CISCO VPN client Microsoft VPN NCP VPN/PKI client SafeNet SoftRemote VPN client Any solution supporting the technology standards PKCS#11, PKCS#15 e/o MS CAPI
Solutions PKI.	Infrastructure for the issue and management of digital certificates.	Baltimore UniCERT CA Baltimore MailSecure Entrust Authority (Security Manager e Self-Administration Server) Computer Associates eTrust PKI GlobalSign CA Microsoft PKI RSA Keon PKI SafeGuard PKI Safelayer KeyOne product family Verisign Key-Manager, Managed PKI Manager and Public/Private CA Verisign Managed PKI Manager Verisign Public/Private CA Any PKI supporting the generation of certificates on Smart card devices.
Digital signing.	Applications for digital signing.	E-Lock Prosigner SafeGuard Sign&Crypt for Office SafeGuard Transaction client Any solution supporting the technology standards PKCS#11, PKCS#15 and/or MS CAPI.
Email protection.	Email clients.	Baltimore MailSecure IBM Lotus Notes Microsoft Outlook/Outlook Express & Internet Explorer Mozilla Mail e Navigator Netscape Messenger e Navigator Novell Groupwise 6.0 client SafeGuard Sign&Crypt for Outlook SafeGuard Sign&Crypt for Lotus Notes Any mail client supporting Smart Card devices.
Encryption.	Disk and file encryption.	PGP Corporate Desktop Eutronsec ControlSphere SafeGuard Private Disk Any solution supporting the technology standards PKCS#11, PKCS#15 and/or MS CAPI.

Combo technology transforms your security device into a portable "virtual workspace".

Download the combo technology brochure