5
© Copyright 2003 Aladdin Knowledge Systems, Ltd.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
2
Aladdin's eToken PRO
The eToken is a fully portable USB device the size of an average house key which offers a cost-
effective method for authenticating users when accessing a network and for securing electronic
business applications. The eToken PRO is only one of four lines in the eToken family that offers
security needs such as secure network logon, secure VPN's, secure email, and strong PKI
support.
The eToken PRO offers strong authentication and non-repudiation for sensitive applications such
as e-banking, stock trading, ecommerce and financial transactions.
The eToken PRO's secure, on-board RSA 1024-bit key operations enable seamless integration
into Public Key Infrastructure (PKI) architectures. The eToken can store users' personal
credentials, such as private keys, passwords and digital certificates, inside the protected
environment of the Smartcard chip itself. Private keys never leave the token.
The eToken PRO support the following features:
· On-board RSA 1024-bit authentication & digital signing.
· Highly secure, logical & physical smartcard level security, ITSEC E4 certified processor.
· Standard Crypto API connectivity (PKCS#11).
· Secure storage and robust file system.
· Tamper-evident and water-resistant shell. Hardened (HD) versions offer additional
physical security (compliant with FIPS 140-1 Level 3 requirements).
· Robust plug-and-play connectivity to mainstream PKI and security clients.
· Standard USB interface.
2.1
Cryptographic Modules
The eToken PRO is a USB device, incorporating a secure USB Micro controller and an off-the-
shelf smartcard chip to form a secure computing and storage device capable of symmetric and
asymmetric key operations. The eToken PRO offers identity-based authentication using securely
entered passwords and advanced cryptographic technology. All authentication objects stored
within the eToken PRO memory are physically and logically protected, can only be created and
accessed by authorized users, and cannot be read by any operator of the eToken PRO.
Cryptographic keys cannot be read under any circumstances, and can only be referenced by
applications within the secure environment of the eToken itself.
The eToken PRO has been tested for conformance to both level 2 and level 3 physical
requirements. The plastic shell is available in both transparent and opaque constructions, but for
FIPS 140-1 compliance, only the opaque token shall be used. The Level 3 module's internal
components are additionally encapsulated within a hard, opaque epoxy shell.