Getting open hardware is not that easy.
The only real open hardware I know is the crypto stick.
http://shop.crypto-stick.com/e...
Of course you can buy it but all plans are open. But it is relativle expensive.
You can use this as a smartcard to do certificate/public-private-Keypair authentication.
You could however use the Yubikey. Please note, that the Yubkey Neo (wich is about 50€) can also work as a smartcard.
If you want to use one time passwords you can use the standard yubikey (~25€).
Yubico is rather open but it is no open hardware!
The good thing about the yubikey is that it can be initialized, i.e. your secret key, that is used to generated the OTP is not know to the hardware vendor.
Recently I saw another authentication device, the "authentiKator" (http://www.authentikator.com), which similar to the yubikey but will cost only ~8€.
Anyway, if you can not make up your mind at the moment, that is no problem.
There is an open authentication service, which is derived from OTP authentication which supports HOTP tokens, TOTP tokens, smartphones apps, OTP via SMS or Email, the old mOTP token (which can be used on your old feature phone - maybe you want to use a crappy old nokia phone in Offline mode).
You can also use cool smartdisplayer cards, in the form factor of a credit card with an eInk display!
But also the yubikey can be enrolled. New token types can be added by writing a small new python module.
Take a look at http://www.privacyidea.org/ which is also hosted at github.
You receive a whole bunch of answers and I am curious for your decision.
Kind regards
Cornelius
Slashdot Mirror
Getting open hardware is not that easy. The only real open hardware I know is the crypto stick. http://shop.crypto-stick.com/e... Of course you can buy it but all plans are open. But it is relativle expensive. You can use this as a smartcard to do certificate/public-private-Keypair authentication. You could however use the Yubikey. Please note, that the Yubkey Neo (wich is about 50€) can also work as a smartcard. If you want to use one time passwords you can use the standard yubikey (~25€). Yubico is rather open but it is no open hardware! The good thing about the yubikey is that it can be initialized, i.e. your secret key, that is used to generated the OTP is not know to the hardware vendor. Recently I saw another authentication device, the "authentiKator" (http://www.authentikator.com), which similar to the yubikey but will cost only ~8€. Anyway, if you can not make up your mind at the moment, that is no problem. There is an open authentication service, which is derived from OTP authentication which supports HOTP tokens, TOTP tokens, smartphones apps, OTP via SMS or Email, the old mOTP token (which can be used on your old feature phone - maybe you want to use a crappy old nokia phone in Offline mode). You can also use cool smartdisplayer cards, in the form factor of a credit card with an eInk display! But also the yubikey can be enrolled. New token types can be added by writing a small new python module. Take a look at http://www.privacyidea.org/ which is also hosted at github. You receive a whole bunch of answers and I am curious for your decision. Kind regards Cornelius