I have recently been introduced to CryptoStick and its really impressive.
I do have a question though, Has anyone done some sort of a comparative analysis of cryptostick vs the other ‘commercially’ available security tokens in the market. For instance one by Gemalto, or SafeNet Aladin etokenPro, or RSA SecureID.
I understand that these do not support GPG. They are more of a smart card based/javacard based PKCS#11 supported crypto tokens. But, having said that, is there any comprehensive analysis as to how cryptostick stacks up against these tokens?
APologies, if the question should not have been directed at this forum.
I’m not aware of any such comparison. You already mentioned the main point. In addition, the Crypto Stick in beta stage supports One Time Passwords and contains an encrypted storage. Obviously the commercial tokens aren’t open source. RSA SecurID has been hacked and isn’t compatible to Google etc.
You may be interested in the last section here: crypto-stick.com/en/introduction
Thanks for your inputs.
I had gone through the link earlier and it is indeed very informative. I did a small comparison myself and did not find anything that a commercially available token can do but and cryptostick cannot.
Some small outliers that I did find were around interfaces supported (for instance MS-CAPI, PKCS#15 etc), Plug n Play drivers for windows, Windows Authentication over ACtive Directory(not sure?), and the algos supported…(I think ECC is in pipeline…)
What are your thoughts?
P.S. I do believe a small comparison might help a lot of users like myself (functional but “not-so-technical” ).
Its a great endeavor and I would love to contribute to the community in whatever small way I can.
One of Crypto Stick’s focus is on open interfaces. This results in pretty easy plug-n-play driver installation on all operating systems. There are two different PKCS#11 and Windows MiniDrivers available. ECC is on the roadmap too.
Without specific requirements or use case from your side, its difficult to elaborate.