I’m looking for USB token device supporting following features simultaneously:
- Holds x509 certificate for TLS communication.
- Holds 2048 bit RSA key for TLS communication.
- Holds 256 bit AES key for file encryption.
The device would be connected to a computer in a non-secure physical environment, meaning that it could get stolen. Hence, I need some sort of permission management to never allow decryption with AES key.
Reading almost all of your product briefs I believe I can’t achieve my tasks with NitroKey products. None of your products support on-module AES encryption/decryption and no permission management is available. (NitroKey Pro 2 is the closest to my needs, however it doesn’t have AES functionality except storing one AES key)
Can you confirm this?