third-party cryptographic certification?


[ Follow Ups ] [ BasicCard User Forum ]

Posted by jonathank (216.9.100.120) on October 06, 2009 at 12:39:13:

This question is directed to the Zeit team:

Has there been any independent third-party cryptographic analysis down against the Zeit cyrptocards by an ISO 17025 evaluator or some other well respected third party? For example, NIST FIPS 140-2 level 2, Common Criteria EAL4, or ITSEC? I'm especially interested in the ZC6.5 and ZC7.5 processors.

Failing that, are there large financial institutions that are using the ZC6.5 and ZC7.5?

I realize that NIST or Common Criteria certificate does not guarantee a product is secure (just look at Microsoft Windows XP and its EAL4+ rating), but to use the card in a production environment it is necessary to complete some level of due diligence. Since most agencies and companies lack the resources and skills to perform their own cryptanalysis of new devices, I need to rely upon the integrity of third parties.

many thanks
-jonathan



Follow Ups:


[ Follow Ups ] [ BasicCard User Forum ]