[OpenAFS-devel] openafs - proposed cache security improvement

[Jim Rees]

I didn't understand most of your message.  But without tamper resistant
hardware, I don't see how you can protect the user key.  If I store the key
in my iPod, can't someone just copy the key?

Tamper resistant hardware allows you to use a private key if you know the
PIN, but does not allow you to read the key.  A couple of important
advantages are that a thief needs both the hardware and the PIN, and that
the theft is apparent because the physical device, not just the data
contained in it, must be stolen.