SanDisk TrustedSignins TrustedFlash Technology, Features and Advantages, Controller ISO Image

TrustedSignins is based on SanDisk's TrustedFlash technology. Every TrustedFlash device contains a unique readable electronic serial number, a device certificate, and an unknown random encryption key. A custom controller partitions memory and manages access from the host PC. A 32-bit cryptographic co-processor automatically encrypts and decrypts all data written

to and read from the device, protecting against information disclosure even if the components are directly targeted.

The host OS has no direct access to TrustedFlash memory. The device API supports strong authentication, including PKI, allowing authorized host processes to create and access their own information in the TrustedFlash partition while preventing access even by other processes authorized to access other information within the TrustedFlash partition. For example, the shared secret used to generate a one time password can be written and erased but not read from the device. Similarly, the device certificate can be used for authentication, verification, and signing but cannot be modified. The device certificate can be encapsulated in a PKCS#7 package, thus supporting PKI applications.

SanDisk USB flash drives can make 3 disk volumes available to the host PC; a read-only CD ROM image, a public volume, and a password-protected private volume.*

For more information on TrustedFlash technology or TrustedSignins and how they can increase security while lowering costs, please send an email to

Trustedsignins@sandisk.com

Features and Advantages

•Based on TrustedFlash™ Secure Storage Technology

•One device supports multiple virtual tokens and multiple algorithms

•OATH (Open Authentication) compliant

•Up to 4.0GB of password protected flash memory storage

*TrustedSignins and the private volume require Windows 2000 Service Pack 4 and later, Windows XP (all editions and service packs), and Windows Server 2003.