User's Manual

ManualsBrandsBeijing WatchSmart Technologies ManualsElectronicsUSB Token

WatchKEY USB Token User manual

Watchdata Technologies Pte Ltd

Admirax 8 Admiralty Street #02‐07/08,

Singapore 757438

www.watchdata.com

1. Introduction

1.1. Cryptographic Smart Card

 TIMECOS

 Employ 32‐bit microprocessor security chip design capable of making USB communications.

 FIPS140‐2(US Federal Information Processing Standards) compatible.

 Highly secured, supports 1024‐bit and 2048‐bit RSA asymmetrical encryption algorithm, and

generates RSA key pairs inside card.

 Supports with the ability to produce 1024‐bit and 2048‐bit RSA signature, verify, encryption,

decryption.

 Provides multiple Security Algorithms: DES, 3DES, MAC, SHA‐1, SHA‐256 , AES optional.

 Supports 64KB EEPROM

 Complies to USB1.1 standard and USB 2.0 full speed

1.2. Software/Middleware

 Support X.509V3 certificate format

 Supports ISO7816 part4 file structures: transparent, linear fixed, linear variable, cyclic.

 Supports ISO7816 part8/9 security related interindustry commands and security attributes.

 Supports PC/SC protocol or USB Mass Storage.

 Supports Microsoft CAPI2.0, PKCS#11 v2.11, PKCS#1,7,8,10 and12, PKCS#15

 Supports Windows98/2000/XP/2003/Vista/Win7 environment.

 Supports Internet Explorer 5 or above, Mozilla Firefox and Netscape.

1.3. Specifications

Supported operating systems

Windows 2000/XP/Vista/2003/Windows 7

Supported browsers

Internet Explorer 5.0+; Firefox 3.0+ ; Netscape

Summary of content (9 pages)

PAGE 1
WatchKEY USB Token User manual 1. Introduction 1.1. Cryptographic Smart Card         TIMECOS Employ 32‐bit microprocessor security chip design capable of making USB communications. FIPS140‐2(US Federal Information Processing Standards) compatible. Highly secured, supports 1024‐bit and 2048‐bit RSA asymmetrical encryption algorithm, and generates RSA key pairs inside card. Supports with the ability to produce 1024‐bit and 2048‐bit RSA signature, verify, encryption, decryption.
PAGE 2
WatchKEY USB Token User manual API & standards support Memory Size On board security algorithms Security certifications ISO specification support Operating temperature Storage temperature Humidity rating Connector Memory data retention Memory cell rewrites Weight and Size PKCS#11 v2.01, Microsoft CAPI 2.0, PC/SC, X.
PAGE 3
WatchKEY USB Token User manual Figure 2.1.1 WD Ukey User Tool auto‐installation 2.2 Uninstall WatchSAFE ND 3.4 There’re two methods for uninstalling the tool: 1. In ‘Control Panel’, using ‘Add/Remove Programs’ to delete ‘WD Ukey Tool v3.4 User’. 2. Using the ‘Uninstall’ option in the subcategory of ‘Start’ ‐> ‘All Programs’ ‐> ‘WD Ukey Tool v3.4’. Step 1: upon select ‘uninstall’, a window like figure 2.2.1 appears. Figure 2.2.
PAGE 4
WatchKEY USB Token User manual Figure 2.2.2 Complete uninstalled 3. WatchSAFE ND 3.4 user’s tool WatchSAFE ND 3.4 user’s tool is mainly used to achieve the following functions:  Modify UKey password  Check system  Modify UKey Label  Show certificate  Register certificate  Unregister certificate In this chapter, the operations to implement the above functions will be illustrated. 3.1 Start WatchSAFE ND 3.4 user’s tool WatchSAFE ND 3.4 user’s tool can be started by click ‘WD UKey User Tool v3.
PAGE 5
WatchKEY USB Token User manual Figure 3.1.1 running label of WatchSAFE ND 3.4 user’s tool 3.2 Exit WatchSAFE ND 3.4 user’s tool Click the ‘close’ button at upper right corner to exit WatchSAFE ND 3.4 User Interface. 3.3 The use of WatchSAFE ND 3.4 user’s tool 3.3.1 Multi-Key operation When more than one USBKeys plugged in, you can select a device as you need. It is illustrated in figure 3.3.1.1 that there are two available USBKeys: WatchSAFE_UKEYa and WatchSAFE_UKEY. Figure 3.3.1.
PAGE 6
WatchKEY USB Token User manual Figure 3.3.2.1 the UI of change password For example, the PIN of USBKey is initially set as ‘111111’. But, for security purpose, it should be changed into a secret PIN which is only known by the user. If wrong PIN is entered, a prompt will appear and display the number of available PIN retry times. If PIN is retried more than the maximum, the USBKey will be automatically locked. Then, the USBKey can only be unlocked by the issuer. 3.3.
PAGE 7
WatchKEY USB Token User manual 3.3.4 Modify UKey Label The function of change label is designed for help users identify USBKey. Figure 3.3.4.1 the UI of Modify UKey label 3.3.5 Show Certificate After an USBKey is selected, WatchSAFE ND 3.4 user’s tool will list all the available certificates. Choose a certificate and press ‘Show Cert’ button, a new window like figure 3.4.6.1 will display the certificate’s details which include issuer name, valid date and so on.
PAGE 8
WatchKEY USB Token User manual Figure 3.3.5.1 certificate information 4. Benefits      Simple: Plug and play simplicity for users, with no end‐point software installation Strong Security: Certificate‐based authentication with onboard smartcard Interactive: LED light displays power and communication status Conveniently: small and portable, easy to use.
PAGE 9
WatchKEY USB Token User manual    Public Key Infrastructure based Application PKCS#11 & CSP‐compliant software applications Customized applications 6. Compliance Statement 15.19(a)(3) This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. 15.