USB
Evidence Enrolment Version
Th The USB Evidence Enrolment Version has the following external features:
A USB2 interface used to submit external documents for signature and the control the Evidence Enrolment device. The device is also powered by the USB interface.
Two audio inputs. Each audio input can to be configured either for an external microphone or to be a line input. Each channel has a 20Hz to 20KHz audio bandwidth.
Should the user enable both microphone channels they are summed before compression on to one channel.
We use ADPCM as the compression scheme. ADPCM is not the best compression scheme from a bandwidth perspective but it has excellent voice quality. The emotional tone of the conversation is clearly discernable. We support various sample rates. With an 8 KHz sample rate the device stores 16Mbytes per hour)
A 3.5 mm stereo headphone to allow the user to directly monitor the microphone inputs. (Channel1 appears on the left ear and channel 2 on the right ear).
An external button which if held in on power up will cause the Evidence Enrolment device to enter the loader mode.
A LED bezel to indicate the presence of power.
Our solution has the following security advantages:
The use of 'One Time' RSA keys locks the evidence immediately on enrolment.
There is no Secret RSA exponent to attack. Others have to try and show that it is difficult to find the key. We can easily prove to non technical (legal) people the strength of our products. We all know it is difficult to defend a static target.
The user cannot set the date and time in the device. It is cryptographically controlled.
Our product can operate completely off line. Once the session is complete the evidence is enrolled.
All RSA secret keys are generated up the device that uses it. There is no passing of secret information during personalisation.
A unique 2 out of 3 Cryptographic Token arming system for the control of the Evidence Enrolment devices.
Cryptographic control of the date and time.
Large RSA key sizes. The One Time RSA File Level Key pair's modulus is 1024 bits. The more senior keys are 1600 or 1536 bits.
Strong defence against preliminary known birthday attacks on SHA-1.
The ability to securely upgrade the firmware in the device using our secure boot loader.
The following documentation is available:
An Adobe flyer describing our Evidence Enrolment device.
A description of the Evidence Enrolment System: EvidenceEnrolment.pdf
A white paper setting out some properties an Evidence Enrolment System should have and showing how our system meets those requirements.
A PowerPoint presentation on the Evidence Enrolment System: EvidenceEnrolment.ppt
The iEnroll software for the Personal Computer can be downloaded from the Software Download page.
When
new versions of formware in the iEnroll USB Evidence Enrolment device become
available they will be added to the Software
Download page. The firmware is cryptographically secured using our Secure
Loader (You can find out more on the Secure
Loader page).
To enter the loader mode, simply hold the red button on the Ext File pannel in
and power the device on by pluging in the USB cable. The software will detect
that the Device is in Loader mode and allow you (using the now enabled Loader
botton) to select the new version (in the CypheRix/Download directory) and to
download it.
A report on the SHA-1 birthday attacks.
The control system is common for all our Evidence Enrolment technology. Please refer here for more details.