 Gemalto
.NET puts state of the art technology to the service of organizations
committed to take their IT Security and Identity & Access infrastructure to
the next level. Two-factor authentication (2FA) solutions help secure your
company's digital assets from end to end. Gemalto .NET comes equipped
with support for 2 different 2FA technologies: One Time Passwords (OTP)
and Digital Certificates (PKI). Choose the one that suits you best, or
combine both at once for different uses.
With Gemalto
.NET you will benefit from unparalleled level of integration with Microsoft's
platforms and solutions: Support for the Gemalto .NET Smart Cards and Tokens
is built into Windows Vista and Windows Server 2008, and available as a
Windows Update for Windows XP and Server 2003. Gemalto .NET is also fully
compatible with Forefront Edge, Microsoft's Identity Lifecycle Manager,
Active Directory Domain Services and Certificate Services. With Gemalto .NET
implementation of Two Factor Authentication, Encryption and Digital Signature
services becomes easier than ever.
Features and Benefits News
|
April 2009 |
|
|
March 2009 |
FIPS 140-2 level
3 Certification for .NET Smart Card achieved. See the
certificate
here
- Tokend v1.1 for
Mac OS X:
Released last Update of the PKCS11 & TokenD libraries for Mac OS X. This
update introduces v1.1 of the TokenD. |
|
January 2009 |
PKCS#11 User Guides:
User guides for the Gemalto .NET PKCS#11 libraries for
Windows,
Linux
and Mac.
The Userguide for Mac OS also includes information on Tokend.
|
|
November 2008 |
.NET Bio Launched during Cartes 2008:
.NET Bio is the latest
security solution for .NET devices, and has been presented during the
Cartes 2008 show in Paris. .NET Bio allows on card storage and
verification (Match-on-Card) of fingerprint credentials. With .NET bio
users can authenticate to the card by presenting their fingerprint on
fingerprint sensor rather than (or in addition to) presenting a PIN. For
more information on .NET Bio, you can download the
.NET Bio Brochure
|
|
July 2008 |
Now Available:
- PKCS#11
libraries v1.1 for Windows and Linux OS:
Install packages available
for
Windows XP,
Vista, Server 2003 & 2008 and 4 Linux distributions (Red
Hat v5,
Ubuntu v7.1,
Debian v4 R3 and
Suse v10). You can download them using the links above.
- PKCS#11 library
v1.1 & Tokend v1.0 for Mac OS X:
Tokend is the smart card
cryptography solution defined by Apple for Mac OS X and used as well by
Apple's own applications such as Safari and Mail. Also used by some 3rd
party applications. The Tokend combined with the PKCS#11 libraries
enable full cryptographic support for .NET cards on Mac OS 10.4 and 10.5
(Tiger and Leopard). Available for download
here. |
| May
2008 |
Joint
Press Release Gemalto - McAfee to announce the
integration of Gemalto .NET devices with McAffee Endpoint Encryption. |
Technical Specifications
|
Last Update: March 23rd 2009 |
.NET v2+ |
|
Chip characteristics |
Chip Manufacturer |
Infineon |
|
Chip Model |
SLE 88CFX4000P |
|
ROM Memory |
80KB |
|
EEPROM Memory |
400 KB |
|
RAM Memory |
16KB |
|
CPU |
Risc 32 bit |
|
Internal Clock |
66Mhz |
|
External Clock |
1 to 10Mhz |
|
Voltage Range |
1.62V - 5.5V |
|
Temperature Range |
-25C to +85C |
|
Technology |
CMOS 0.13 microns |
|
Memory Rewrite |
> 500K r/w cycles |
|
Data Retention |
>10 years |
|
Crypto Processor |
YES (1408 bit) |
|
Onboard Key Gen. |
YES |
|
TRNG |
YES |
Card OS
Characteristics |
OS Type |
.NET |
|
Free EEPROM (approx) |
65KB |
|
Max # of 1024 certs |
15 |
|
Max # of 2048 certs |
15 |
|
Max I/O Speed |
223 Kbps |
|
Communication Protocols |
T=0 / T=1 |
T=0 |
|
USB |
NO |
|
ISO 14443 T=CL |
NO |
|
RMI / Remoting |
Remoting |
|
SConnect |
YES |
Cryptographic
Algorithms
supported |
RSA |
YES (up to 2048 bit) |
|
Ellyptic Curves |
NO |
|
DES / TDES |
YES |
|
AES |
YES (256) |
|
Hash SHA1 / SHA2 |
YES |
|
Hash HMAC / MD5 |
YES |
|
Security Certifications |
COMMON CRITERIA |
CC EAL5+ (chip) |
|
FIPS 140-2 |
Level 3 |
|
IAS |
|
|
FIPS 201 (PIV) |
NO |
|
Standards |
ISO 7816 |
/1/2/3/4 |
|
Javacard |
NO |
|
Open Platform |
NO |
|
CWA14890 (Esign) |
|
|
CEN/TC 224 (IAS) |
NO |
|
Others |
ECMA 335 |
|
|
ISO/IEC 23271 |
Supported Crypto
Architectures |
CAPI |
Base CSP |
|
PKCS#11 for Windows |
YES (v.2.20) |
|
PKCS#11 for Linux |
YES (v.2.20) |
|
PKCS#11 for Mac |
YES (v.2.20) |
|
PKCS#11 for Unix |
NO |
|
One Time Password Support |
OATH OTP |
YES (Onboard) |
|
CAP OTP |
YES (Optional) |
|
Microsoft Minidriver |
VISTA SP1 |
v5 In the Box / v6 WHQL |
|
Vista Release |
v5 In the Box & WHQL |
|
XP SP1 & SP2 |
v5 Base CSP & WHQL |
|
Server 2008 |
v5 In the Box |
|
Server 2003 |
v5 Base CSP & WHQL |
Performance Cryptographic Operations
(seconds) |
Key Gen (CSP) |
3.4 |
|
Key Gen (P11) |
6.9 |
|
Import P12 (CSP) |
9.1 |
|
Import P12 (P11) |
7.4 |
|
Cashed WinLogon (CSP) |
1.5 |
|
Crypto (CSP) |
2.3 |
|
Crypto (P11) |
4.5 |
|
Enumeration (CSP) |
4.7 |
|
Enumeration (P11) |
4.2 |
|
Supported Certificate / Data Formats |
X509 |
YES (v3) |
|
PKCS12 / PFX |
YES |
|
PKCS#15 |
NO |
|
DER |
NO |
|
Available Form Factors |
Smart Card |
YES |
|
Converged Badge |
YES |
|
Dual Interface Card |
NO |
|
USB Token |
YES |
|
USB Token + OTP Display |
YES |
|
USB Token + Secure Mass Storage |
YES (SEG) |
|
USB Token + Secure Mass Storage + OTP Display |
NO |
|
Biometric MoC Reader + card |
NO |
|
Supported physical access Standards (Converged Badge) |
Mifare 1K & 4K |
YES |
|
HID Prox |
YES |
|
Hid iClass |
YES |
|
Legic |
YES |
|
Others |
YES |
|
Tools |
SDK |
YES |
|
Pin Mgmt |
YES (DAS /ILM) |
|
Remote Unblock |
YES (DAS / ILM) |
|
Admin Key Mgmt |
YES (DAS / ILM) |
|
Certificate Mgmt |
YES (ILM) |
Compatibility
Compatibility with third party solutions - Last Update: March 23rd 2009
|
SOLUTION TYPE |
PARTNER |
SOLUTION |
Version |
Smart card support through |
.NET v2+ |
Operating System
Log on |
Microsoft |
Windows Vista |
|
BaseCSP |
YES |
|
Microsoft |
Windows XP |
|
BaseCSP |
YES |
|
Microsoft |
Windows Server 08 |
|
BaseCSP |
YES |
|
Microsoft |
Windows Server 03 |
|
BaseCSP |
YES |
|
Microsoft |
Windows CE |
|
BaseCSP |
YES |
|
Apple |
Mac OS X |
|
Token D |
YES |
|
[Open Source] |
Linux |
|
P11 |
YES |
|
Debian |
Etch |
|
P11 |
YES |
|
Desktop Apps |
Microsoft |
Word |
|
BaseCSP |
YES |
|
Microsoft |
Excel |
|
BaseCSP |
YES |
|
Microsoft |
Powerpoint |
|
BaseCSP |
YES |
|
IBM |
Lotus Notes |
|
P11 |
YES |
|
Adobe |
Acrobat |
|
P11 |
YES |
|
[Open Source] |
Open Office |
|
P11 |
YES |
|
E-Mail Clients |
Microsoft |
Outlook |
|
BaseCSP |
YES |
|
Microsoft |
Outlook Express |
|
BaseCSP |
YES |
|
Microsoft |
Outlook Web Access |
|
OTP OATH |
YES |
|
Mozilla |
Thunderbird |
|
P11 |
YES |
|
Apple |
Mail App |
|
Token D |
YES |
E-mail Servers &
E-mail Security |
Microsoft |
Exchange |
|
BaseCSP |
YES |
|
Web Browsers |
Microsoft |
Internet Explorer |
|
BaseCSP |
YES |
|
Mozilla |
Firefox Windows |
|
P11 |
YES |
|
Mozilla |
Firefox Linux |
|
P11 |
YES |
|
Apple |
Safari Apple |
|
Token D |
YES |
|
SSO |
Citrix |
Password Mgr |
|
BaseCSP |
YES |
|
Evidian |
ESSO |
|
BaseCSP |
YES |
|
Passlogix |
v-Go |
|
BaseCSP |
YES |
|
Quest |
QSSO |
|
BaseCSP |
YES |
|
Media Encryption & Preboot Authentication |
Utimaco |
SafeGuard Enterprise |
|
P11 |
YES |
|
McAfee (Safeboot) |
Endpoint Encryption |
|
BaseCSP |
YES |
|
Becrypt |
Disk Protect |
|
|
YES |
|
Winmagic |
SecureDoc |
|
|
YES |
|
Safenet |
ProtectDrive |
|
|
Q2'09 |
|
VPN |
Citrix |
Access Gateway |
|
BaseCSP |
YES |
|
Checkpoint |
VPN-1 SecureClient |
NGX R60 |
BaseCSP |
YES |
|
Cisco |
VPN |
|
BaseCSP |
YES |
|
Juniper |
UAC / OAC (Odyssey) |
|
BaseCSP |
YES (OTP) |
|
Microsoft |
VPN |
|
BaseCSP |
YES |
|
Thin Client/ Remote Access |
Citrix |
Presentation Server |
|
BaseCSP |
YES |
|
Sun Microsystems |
Sunray |
|
|
YES |
|
Wyse |
WTOS Thin Client |
|
|
Q2'09 |
|
Microsoft |
Remote Desktop |
|
BaseCSP |
YES |
|
Bio Match on Card |
Precise Biometrics |
Biomatch |
|
BaseCSP |
YES |
|
Innovatrix |
|
|
BaseCSP |
YES |
|
Certificate Authority |
Microsoft |
CA Cert Srv |
|
BaseCSP |
YES |
|
Verisign |
UA PKI |
|
BaseCSP |
YES |
|
Entrust |
Authority |
v.8 |
BaseCSP |
YES |
|
Keynectics |
|
|
P11 |
YES |
|
|
Centrify |
Direct Control |
v.4.2 |
Tokend |
YES |
|
CMS |
Microsoft |
ILM |
|
BaseCSP |
YES |
|
Passlogix |
v-GO Credential Mgr |
|
BaseCSP |
YES |
|
File Encryption |
Microsoft |
EFS |
|
BaseCSP |
YES |
Virtual Desktop |
Citrix |
XENDesktop |
v.3 |
|
YES |
Useful Links:
- .NET
Utilities A set of online tools that allow you to manage samples of
Gemalto .NET smart cards
- .NET
Forum A moderated forum for exchange of information about
programming, features and uses of Gemalto .NET smart cards
Exclusive Information for Gemalto Enterprise Partners
Additional information about this product is available exclusively to
Gemalto Enterprise Partners. Click here
to access it through the Enterprise Partner Portal.
|