Today, tokens are increasingly used. But despite this, many people do not understand what kind of devices they are. Next, we will talk about why tokens are used, what such an application gives. USB devices connected to a PC will be considered.
Token Information Storage
I would like to immediately explain that this device is not a flash drive. Undoubtedly, a small amount of information can be stored on it , but it is limited, for example, to 64 kilobytes. There are also tokens that contain a few gigabytes of memory. But the data in this memory is stored using the same technology as on a conventional memory card. For this reason, the data storage function can be considered secondary or secondary. What are tokens for? What does the device do?
The original purpose is the non-removable storage of some key information. It is immediately noticeable that there is little in common with a memory card. Non-recoverable storage is one in which the token code does not get anywhere from the device. It cannot be extracted, for example, into the computer's RAM. There are options when this happens, but in encrypted form. There is an option to export the key in the clear, but even this is much safer than storing it on a USB flash drive. Why is it so more reliable to store a key? The token assumes knowledge of the PIN code for export, but the flash drive does not.
In addition, even if you save the key on a removable drive and encrypt it, the cracker will be able to make countless attempts to decrypt. The authorization token is blocked after three unsuccessful attempts to enter the code.
It follows from this that even with the simplest security settings, it is better to store keys on the token.
Other functions
Key storage is the main thing tokens are for. What can a device do besides this? Here are the other features:
- Self encryption and decryption.
- Encryption key generation.
- Formation and verification of EDS.
- Data hashing.
The token is a kind of black box at the time when cryptographic operations are carried out. So, the data goes to the input, with the help of the key is converted and sent to the output. You can compare the token with a microcomputer: information is input and output via USB, there is an own processor, operational, as well as long-term memory.
Password Comparison
For most, it has become standard that passwords are used everywhere. This is a modern classic. A person wants to log into a social network or buy something - uses a password. Their main advantage is ease of use. But at the same time, there are aspects that put some operations that are important from a security perspective into question. This can be forgetfulness, password transmission over an insecure channel, typing on the keyboard, predictability.
Tokens are quite capable of solving absolutely all those tasks for which passwords are used today. And solve them more safely and efficiently.
Data encryption
Data is usually encrypted with a cryptographic key, which, in turn, is encrypted with a password. And the security of such a scheme completely depends on the password, which is not complicated in all cases, can be typed on the keyboard or forgotten. When using a token, there are two solutions:
- The key is on the token and does not leave it. This method is suitable only for small amounts of information, since the decryption speed with the token is not high. The intruder cannot extract the key.
- The key is on the token, but in the process of encryption it gets into the computer’s RAM. This method is used, for example, to encrypt and decrypt a volume completely. The key is possible to extract, but not very easy. Password stealing is much easier.
Conclusion
We can confidently say that it will be possible to avoid a variety of unpleasant situations when using and the prevalence of solutions based on tokens. Password theft will be eliminated, and the level of security will increase in a global sense. It is for security that tokens are used. What does use give? Only benefits and reliability. Even if you completely abandon passwords in favor of tokens, the advantages are obvious. After all, even if you lose the key, no one can use it.