EviPass NFC HSM: contactless and passwordless password management technology
Passwords are one of the most common and widely used ways to authenticate to online accounts and services. However, they have many disadvantages and limitations. For example :
  • They are vulnerable to theft, phishing, brute force attacks, and other common threats.
  • They are difficult to remember and manage, especially when users have multiple accounts and passwords.
  • They are inconvenient and time-consuming to enter, especially on mobile devices or public computers.
  • They are not secure enough against quantum attacks, which could break encryption and verification methods based on traditional cryptography.
To overcome these challenges, Freemindtronic has developed a new innovative touchless, hardware-based password management solution. It works without a server, without a database, without the need to know, memorize, enter a password, or to know the user name or identifier or to identify the equipment used to connect without contact in multi-factor authentication: EviPass NFC HSM.
EviPass NFC HSM is a secure, decentralized password management technology that uses contactless, passwordless authentication and post-quantum encryption to protect users’ online accounts and secrets. Users can access their accounts online or offline without entering, remembering, knowing, or viewing passwords or secrets. Users can also manage their passwords and secrets on their computer with EviPass NFC HSM technology using the EviCore NFC HSM web browser extension. EviPass NFC HSM is compatible with all NFC websites and Android phones. EviPass NFC HSM can work on Android NFC systems online, offline or in LAN, including command line with EviKeyboard BLE technology USB Bluetooth virtual keyboard.

How does EviPass NFC HSM work?

EviPass NFC HSM is a password management solution that uses the NFC HSM to protect your online or offline accounts and secrets. It allows you to generate or import passwords based on different bases and options. You can also access and manage your passwords and secrets with a simple NFC scan of your smartphone.

Password generation

EviPass NFC HSM allows you to generate passwords based on the 95 printable ASCII characters or on the hexadecimal base 16, 58, 64 or 85. You can choose the length and complexity of the password according to your needs. A password based on the 95 printable ASCII characters can have up to 60 characters, which is equivalent to 395 bits. A password based on the hexadecimal base 16, 58, 64 or 85 can have up to 51 characters, which is equivalent to 329.6 bits. These passwords offer a very high level of security and are hard to crack.

You can also customize your password by selecting or deselecting certain types of characters from the ASCII table, such as lowercase characters, uppercase characters, numbers, or symbols. This allows you to meet many cases of constraint related to the compatibility of online account management, offline, other proprietary software accounts and command line where certain characters should not be used since used for other specific functions. Here is a table that explains each option and gives an example:

Characters Description Example
lowercase characters Lowercase characters are the 26 letters of the English alphabet in lowercase. a, b, c, …, z
uppercase characters Uppercase characters are the 26 letters of the English alphabet in uppercase. A, B, C, …, Z
numbers Numbers are the 10 digits from 0 to 9. 0, 1, 2, …, 9
symbols Symbols are the 33 characters that are not letters or numbers. !, @, #, …, ~

Generate a random password

This function allows you to create a random password up to 51 characters long, based on the 95 printable ASCII characters, which is equivalent to a key of about 336 bits. You can choose the length and complexity of the password according to your needs.

Password management functions

EviPass NFC HSM allows you to store your passwords and secrets on your EviPass NFC HSM compatible device. The device encrypts the data using post-quantum encryption algorithms based on lattice problems, such as learning with errors (LWE) or ring learning with errors (RLWE). These problems are hard to solve, even for quantum computers, and their security is proven to reduce to the worst case. LWE and RLWE are also efficient and compatible with existing communication protocols and networks.

You can access and manage your passwords and secrets on your EviPass NFC HSM compatible device using the EviPass Web Browser Extension on your computer or phone. The extension allows you to access your online accounts without entering or memorizing any passwords or secrets. Here is a table that lists all the functions of EviPass NFC HSM:

Function Description
Create Create a new secret in RSA-4096 on your NFC HSM device. You can choose the type of secret (password, cryptocurrency, IOTA, encryption key, identification card, bank account, recovery phrase, phone number, or secret note) and enter the required information. You can also generate a random password or a QR code for your secret.
Read Read an existing secret from your NFC HSM device. You can scan the QR code of your secret or select it from the list of stored secrets on your device. You can also copy the secret to the clipboard or send it to another application.
Modify Modify an existing secret on your NFC HSM device. You can change the type, name, logo, color, or label of your secret. You can also modify the information of your secret, such as the password, address, key, or note.
Delete Delete an existing secret from your NFC HSM device. You can scan the QR code of your secret or select it from the list of stored secrets on your device. You can also delete all secrets from your device at once.
Duplicate Duplicate an existing secret on your NFC HSM device. You can scan the QR code of your secret or select it from the list of stored secrets on your device. You can also choose a new name, logo, color, or label for your duplicated secret.
Clone Clone an existing secret from one NFC HSM device to another NFC HSM device. You can scan the QR code of your secret or select it from the list of stored secrets on your source device. You can also choose a new name, logo, color, or label for your cloned secret on your destination device.
Share Share an existing secret from your NFC HSM device with another user who has an NFC HSM device using Freemindtronic® technology. You can scan the QR code of your secret or select it from the list of stored secrets on your device. You can also set a time limit for sharing your secret and a trust level for encrypting your secret.

The number of bits in a password is calculated by taking the logarithm base 2 of the number of possible combinations, which is the size of the character set raised to the power of the password length. For example, a password of 51 characters based on 95 printable ASCII characters has 95^51 possible combinations, which is approximately 2^336. Therefore, the number of bits in this password is log2​(95^51) = 336.

For example, a hexadecimal password of 8 characters has 8 x 4 = 32 bits. A hexadecimal password based on base 58, 64 or 85 uses more characters than the standard base 16, which means it can encode more bits per character. For example, a base 58 password of 51 characters has 51 x log2​(58) = 266.5 bits. A base 64 password of 51 characters has 51 x log2​(64) = 306 bits. A base 85 password of 51 characters has 51 x log2​(85) = 329.6 bits.

How to customize your password with the ASCII table options

EviPass NFC HSM allows you to customize your password by choosing which types of characters you want to include or exclude from the ASCII table. The ASCII table is a standard that defines 128 characters, including letters, numbers, symbols, and control codes. Each character has a corresponding decimal number, from 0 to 127, and a binary code, from 00000000 to 11111111.

The EviPass NFC HSM technology uses the 95 printable ASCII characters, from 32 to 126, to generate passwords. These characters are divided into different types, such as lowercase characters, uppercase characters, numbers, symbols, etc. You can select or deselect each type of character by using the options in the EviPass NFC HSM app or the EviPass NFC HSM Browser Extension.

To help you understand the different types of characters that you can select or deselect from the ASCII table, here is a table that explains each option and gives an example:

Characters Description Example
lowercase characters Lowercase characters are the 26 letters of the English alphabet in lowercase. a, b, c, …, z
uppercase characters Uppercase characters are the 26 letters of the English alphabet in uppercase. A, B, C, …, Z
numbers Numbers are the 10 digits from 0 to 9. 0, 1, 2, …, 9
& This character is the symbol of the logical operator AND. &
“^`, :;.!?; These characters are punctuation marks or special symbols. ^, `, :, ;, ., !, ?, ;
@ This character is the symbol of the at sign or the commercial sign. @
() [] {} / These characters are parentheses or bars. (, ), [, ], {, }, /,
$~#-+*=%_ These characters are monetary signs, mathematical symbols or dashes. $, ~, #, -, +, *, =, %, _,
space Space is the white character that separates words.  
<> These characters are angle brackets. <, >

With the EviPass NFC HSM technology, you can customize your password by choosing which types of characters you want to include or exclude. For example, if you want to generate a password without space or angle brackets, you can disable these two options. The generated password will only contain the other characters from the ASCII table.

How to calculate the number of bits in a password

The number of bits in a password is a measure of its strength and security. The more bits a password has, the harder it is to guess or crack. The number of bits in a password is calculated by taking the logarithm base 2 of the number of possible combinations, which is the size of the character set raised to the power of the password length. For example, a password of 51 characters based on 95 printable ASCII characters has 95^51 possible combinations, which is approximately 2^336. Therefore, the number of bits in this password is log2​(95^51) = 336.

Here is a formula that you can use to calculate the number of bits in a password:

Number of bits = log2​(character set size^password length)

Here is a table that shows some examples of passwords and their number of bits, based on different character sets and lengths:

Password Character set size Password length Number of bits
12345678 10 (digits from 0 to 9) 8 26.6
abcdefgh 26 (lowercase letters from a to z) 8 37.6
ABCDEFGH 26 (uppercase letters from A to Z) 8 37.6
AbCdEfGh 52 (lowercase and uppercase letters) 8 45.7
Ab1dEf3h 62 (lowercase and uppercase letters and digits) 8 47.6
Ab!dEf3h 95 (printable ASCII characters) 8 52.6
Ab!dEf3h@# 95 (printable ASCII characters) 10 65.8
Ab!dEf3h@#%$^&*()_+ 95 (printable ASCII characters) 20 131.5
Ab!dEf3h@#%$^&*()_+QwErTyUiOpAsDfGhJkLzXcVbNm 95 (printable ASCII characters) 40 263.1
Ab!dEf3h@#%$^&*()_+QwErTyUiOpAsDfGhJkLzXcVbNm1234567890 95 (printable ASCII characters) 50 328.9
Ab!dEf3h@#%$^&*()_+QwErTyUiOpAsDfGhJkLzXcVbNm1234567890-=|[]{};’:”,./<>? 95 (printable ASCII characters) 80 526.2
Ab!dEf3h@#%$^&*()_+QwErTyUiOpAsDfGhJkLzXcVbNm1234567890-=|[]{};’:”,./<>?~` 95 (printable ASCII characters) 81 529.8

As you can see, the number of bits in a password increases as the character set size and the password length increase. A password with more bits is more secure and harder to crack than a password with fewer bits. However, a password with more bits may also be harder to remember and type. Therefore, you need to balance the security and usability of your password. With EviPass NFC HSM, you can generate and store your passwords securely and access them easily with a simple NFC scan of your smartphone.

Generate a hexadecimal password

This function allows you to create a random hexadecimal password, based on base 16, 58, 64 or 85. You can choose the length and base of the password according to your needs. A hexadecimal password is a password that uses only the 16 digits from 0 to 9 and from A to F. The number of bits in a hexadecimal password is equal to the length of the password multiplied by 4.

This table provides a comprehensive view of the advanced features for contactless management and use of secrets stored in the NFC HSM. It allows users to create, read, modify, delete, duplicate, clone, share, encrypt and decrypt their secrets securely and conveniently.

The number of bits in a password is calculated by taking the logarithm base 2 of the number of possible combinations.

For example, a hexadecimal password of 8 characters has 8 x 4 = 32 bits. A hexadecimal password based on base 58, 64 or 85 uses more characters than the standard base 16, which means it can encode more bits per character. For example, a base 58 password of 51 characters has 51 x log2​(58) = 266.5 bits. A base 64 password of 51 characters has 51 x log2​(64) = 306 bits. A base 85 password of 51 characters has 51 x log2​(85) = 329.6 bits.

Hexadecimal password generator functions of EviPass NFC HSM

EviPass NFC HSM allows you to generate hexadecimal passwords based on different bases and options. You can choose the number of bytes between 4 and 48, and the base between 16, 58, 64 or 85. You can also customize your password by selecting or deselecting certain types of characters from the ASCII table. Here is a table that summarizes the functions of the hexadecimal password generator of EviPass NFC HSM:

Tableau

 
Base Options Description
16 Uppercase or lowercase Generates a hexadecimal password using only the 16 digits from 0 to 9 and from A to F. You can choose the letter case.
58 None Generates a hexadecimal password using only the 58 characters that are not easily confused, such as 0, O, I, l.
64 No padding, no wrap, CRLF, URL safe, no close Generates a hexadecimal password using the 64 characters of the Base64 encoding scheme. You can choose some options to modify the output.
85 None Generates a hexadecimal password using the 85 characters of the Ascii85 encoding scheme.

With the EviPass NFC HSM technology, you can generate and store your hexadecimal passwords securely and access them easily with a simple NFC scan of your smartphone.

Use cases

Hexadecimal passwords can be useful for various purposes, such as encryption, authentication and hashing. Here are some examples of use cases where you can use EviPass NFC HSM to generate and store your hexadecimal passwords:

  • AES (Advanced Encryption Standard): AES is a symmetric encryption algorithm that uses hexadecimal keys to encrypt and decrypt data. AES can use keys of 128, 192 or 256 bits, which correspond to 32, 48 or 64 hexadecimal characters. For example, a 256-bit AES key can be: 0E329232EA6D0D73 99029D908C00D204 66E94BD4EF8A2C3B 884CFA59CA342B2E. With EviPass NFC HSM, you can generate and store your AES keys securely and access them easily with a simple NFC scan of your smartphone.
  • WEP (Wired Equivalent Privacy): WEP is a security protocol for wireless networks that uses hexadecimal keys to authenticate users and encrypt communications. WEP can use keys of 40 or 104 bits, which correspond to 10 or 26 hexadecimal characters. For example, a 104-bit WEP key can be: 0123 4567 89AB CDEF 0123 45. With EviPass NFC HSM, you can generate and store your WEP keys securely and access them easily with a simple NFC scan of your smartphone.
  • SHA (Secure Hash Algorithm): SHA is a family of hash functions that produce hexadecimal fingerprints from any data. SHA can use fingerprints of 160, 224, 256, 384 or 512 bits, which correspond to 40, 56, 64, 96 or 128 hexadecimal characters. For example, a SHA-256 fingerprint can be: 68E656B251E67E83 1B8E8B5579A68B9D D42A90D5E78E8DA1 5E6BEEE39E930CE5. With EviPass NFC HSM, you can generate and store your SHA fingerprints securely and access them easily with a simple NFC scan of your smartphone.
  • TETRA: TETRA is a digital radio standard for public safety and security organizations. It uses hexadecimal keys to encrypt and decrypt radio communications. With EviPass NFC HSM, you can generate and store your TETRA keys securely and easily.

How to generate a random hexadecimal key of 10 bytes (80 bits) with EviPass NFC HSM

To generate a random hexadecimal key of 10 bytes (80 bits) with EviPass NFC HSM, follow these steps:

  • Launch the hexadecimal password generator on your EviPass NFC HSM compatible device.
  • Choose the number of bytes, 10 for a 80-bit key.
  • Choose the hexadecimal base, 16 by default.
  • Choose the letter case, uppercase in this example.
  • Press the “Generate” button to get a random hexadecimal key.
  • You will get a 10-byte (20-hexadecimal character) key composed of digits from 0 to 9 and letters from A to F. For example, you may get 3F 8A 6B 4C 9D 1E 7F 2A 5B 0C.
  • Write the hexadecimal key in uppercase, separated by spaces. You will get 3F 8A 6B 4C 9D 1E 7F 2A 5B 0C.

Here is the hexadecimal key of 10 bytes (80 bits) generated randomly in base 16:

3F 8A 6B 4C 9D 1E 7F 2A 5B 0C

This is how you can generate a hexadecimal key for TETRA with EviPass NFC HSM.

Other use cases of hexadecimal passwords

Hexadecimal passwords can be useful for various purposes, such as encryption, authentication and hashing. Here are some examples of use cases where you can use EviPass NFC HSM to generate and store your hexadecimal passwords:

  • AES (Advanced Encryption Standard): AES is a symmetric encryption algorithm that uses hexadecimal keys to encrypt and decrypt data. AES can use keys of 128, 192 or 256 bits, which correspond to 32, 48 or 64 hexadecimal characters. For example, a 256-bit AES key can be: 0E329232EA6D0D73 99029D908C00D204 66E94BD4EF8A2C3B 884CFA59CA342B2E. With EviPass NFC HSM, you can generate and store your AES keys securely and access them easily with a simple NFC scan of your smartphone.
  • WEP (Wired Equivalent Privacy): WEP is a security protocol for wireless networks that uses hexadecimal keys to authenticate users and encrypt communications. WEP can use keys of 40 or 104 bits, which correspond to 10 or 26 hexadecimal characters. For example, a 104-bit WEP key can be: 0123 4567 89AB CDEF 0123 45. With EviPass NFC HSM, you can generate and store your WEP keys securely and access them easily with a simple NFC scan of your smartphone.
  • SHA (Secure Hash Algorithm): SHA is a family of hash functions that produce hexadecimal fingerprints from any data. SHA can use fingerprints of 160, 224, 256, 384 or 512 bits, which correspond to 40, 56, 64, 96 or 128 hexadecimal characters. For example, a SHA-256 fingerprint can be: 68E656B251E67E83 1B8E8B5579A68B9D D42A90D5E78E8DA1 5E6BEEE39E930CE5. With EviPass NFC HSM, you can generate and store your SHA fingerprints securely and access them easily with a simple NFC scan of your smartphone.
  • TETRA: TETRA is a digital radio standard for public safety and security organizations. It uses hexadecimal keys to encrypt and decrypt radio communications. With EviPass NFC HSM, you can generate and store your TETRA keys securely and easily.

EviPass NFC HSM is an advanced hexadecimal generator that offers you the highest level of security and convenience.

Cybersecurity and safety of EviCore NFC HSM implemented in EviPass NFC HSM technology

EviPass NFC HSM is a password management solution that uses EviCore NFC HSM technology to store and manage your secrets securely and conveniently. EviCore NFC HSM is a technology that combines encryption from an HSM and NFC communication protocols to protect your keys and secrets. Learn about the cybersecurity and security aspects of EviCore NFC HSM and how it keeps your secrets safe and private.

Cybersecurity of EviCore NFC HSM

EviCore NFC HSM offers a high level of cybersecurity for your secrets, as it employs several mechanisms and features to prevent unauthorized access, duplication, or modification of your secrets. Some of these mechanisms and features are:

  • EVI protocol: EVI (Encrypted Virtual Interface) is a proprietary protocol developed by Freemindtronic for communication with NFC HSM devices, offering an exceptional level of security for sensitive data. This protocol is considered a Zero Knowledge Proof (ZKP) protocol, as it uses encryption keys and authentication processes that are generated with a high degree of randomness and remain confidential. It also uses cryptographic signatures and timestamps to verify the authenticity and freshness of your secrets. EVI is resistant to various types of attacks, such as replay attacks, modification attempts, and interception.
  • Anti-cloning and anti-replay mechanisms: EviCore NFC HSM has anti-cloning and anti-replay mechanisms that block any unauthorized access or duplication of your secrets. These mechanisms use cryptographic signatures and timestamps to verify the authenticity and freshness of your secrets. They also use a salting system to counteract keyloggers, which adds characters at predetermined positions known only to the user, which are subsequently removed during password entry.
  • Segmented key authentication system: EviCore NFC HSM has a patented segmented key authentication system that allows you to define up to 9 trust criteria for encrypting your secrets, such as geolocation, BSSID, password, or fingerprint. These criteria increase your security and convenience by allowing you to access your secrets only with the required information. They also use a dynamic key generation system, which generates a new key for each encryption or decryption operation, making it impossible to reuse the same key.
  • Wireless access control system: EviCore NFC HSM has a patented wireless access control system that lets you define two different access profiles: administrator and users. The administrator can create, modify, delete, and share secrets, while the users can only read and use them. The administrator and the users cannot access each other’s secrets without their permission. This system also allows you to set a time limit for sharing your secrets and a trust level for encrypting your secrets.

Safety of EviCore NFC HSM

EviCore NFC HSM also offers a high level of safety for your secrets, as it employs several mechanisms and features to ensure the integrity and availability of the device and the data stored in it. Some of these mechanisms and features are:

  • Power supply monitoring and protection device with black box: EviCore NFC HSM has a patented power supply monitoring and protection device with black box that guarantees the integrity and availability of the device. This device detects and prevents any power failure or tampering that could damage the device or the data stored in it. It also records the events that occur in the device, such as the number of accesses, the type of operations, or the errors encountered.
  • EEPROM memory: EviCore NFC HSM has an EEPROM memory that can store up to 64 KB of data. The data stored in the memory are encrypted without contact from the EviCore NFC HSM application which performs encryption and decryption operations using state-of-the-art algorithms, such as AES 256 bits and RSA 4096 bits. The EEPROM memory is resistant to physical attacks, such as heat, cold, or radiation, and can retain the data for up to 10 years without power.
  • NFC communication: EviCore NFC HSM uses NFC communication protocols to communicate with the Android phone serving as the HSM terminal and IHM. The NFC communication is powered by the NFC signal of the phone, which means that the device does not need any battery or external power source. The NFC communication is also fast and convenient, as it only requires a simple contact or proximity between the device and the phone.

EviCore NFC HSM is a technology that provides cybersecurity and safety for your secrets. It uses hardware encryption and NFC communication protocols to protect your cryptographic keys and secrets. It is the core technology behind EviPass NFC HSM, which adds more features and functions for password management. To learn more about EviPass NFC HSM, visit our website.

 

EviPass NFC HSM Technical Sheet

EviPass NFC HSM is a secure and decentralized password management solution that uses contactless passwordless authentication and post-quantum encryption to protect users’ online accounts and secrets. Here is a summary of its main features and specifications:

Feature Value
Product name EviPass NFC HSM
Product description A password management solution that encrypts passwords from end to end from an NFC HSM device. Users can log in to websites without entering or remembering passwords or secrets.
Product features
  • Passwordless authentication: Users can log in to websites with a physical device, such as a smartphone or a security key, that communicates wirelessly with the system they want to access.
    Contactless authentication: Users do not have to touch the device or the system to authenticate themselves. They just need to tap or wave their device near the system.
  • Multi-factor authentication: Users can confirm their identity with several factors of physical origin authentication, such as a password, a fingerprint, a geographic area, a hexadecimal key segment by QR Code or Bar code, a BSSID or a phone ID.
    Serverless and databaseless authentication: Users do not need to be connected to a server or use a database to authenticate themselves. Everything is done in real time in volatile memory.
  • Post-quantum encryption: Users’ passwords and secrets are encrypted with algorithms that resist quantum attacks, based on lattice-based problems such as learning with errors (LWE) or ring learning with errors (RLWE).
  • Physical origin trust criterion: Users’ data are encrypted and decrypted with a criterion that depends on the physical origin of the device or the biometric feature used for authentication.
  • Segmented key authentication: Users’ keys are split into two or more segments that can be held by different parties who need to be reunited to reconstruct the key.
  • Compatibility with all websites: Users can log in to any intranet or internet website in the world that uses a web browser, without requiring the website to be compatible with the EviCore NFC HSM technology.
  • Compatibility with Android NFC phones: Users can log in contactlessly directly with their Android NFC phone via the NFC HSM without having to enter their credentials and password.
Product compatibility EviPass NFC HSM uses the EviCore NFC HSM Technology and EviCore NFC HSM Browser Extension compatible with the NFC HSM. For more information about the NFC HSM compatible with EviPass NFC HSM.

As you can see, EviPass NFC HSM offers many advantages over traditional password management solutions, such as security, convenience, privacy and compatibility.

Data sheet of EviCore NFC HSM for EviPass

Contactless message encryption via EviCypher card white gold smartphone Android NFC hands from Freemindtronic jpg
NFC HSM Stealth Advertising Pen by Q Development from Freemindtronic Andorra
NFC HSM Stealth Cufflink by Q Development from Freemindtronic Andorra
NFC HSM Stealth fake USB Stick by Q Development from Freemindtronic Andorra
NFC HSM Stealth Rule by Q Development from Freemindtronic Andorra
NFC HSM Tuxedo Button by Q Development from Freemindtronic Andorra

Here is a table that provides some technical specifications of EviCore NFC HSM:

Specification Value
Dimensions Consult the technical documents
Weight Consult the technical documents
Operating temperature -40°C to +85°C
Storage temperature -65°C to +150°C
Humidity 5% to 95% non-condensing and resin-coating free
Shock resistance Up to 1000 G and resin-coating free
Vibration resistance Up to 20 G and resin-coating free
NFC frequency 13.56 MHz
NFC range Up to 10 cm
NFC data rate Up to 424 kbps
NFC ISO/IEC 14443 Type A/B, ISO/IEC 15693, ISO/IEC 18092 (NFCIP-1), ISO/IEC 21481 (NFCIP-2), ISO/IEC 18000-3 Mode 1/2/3
Secure element (SE) ST M24LR64E-R NFC EEPROM
Memory size (SE) Up to 64 KB EEPROM
EviCore NFC HSM cryptographic algorithms AES, RSA, ECC, DES/3DES, SHA, HMAC, CRC, LWE, RLWE
EviCore NFC HSM cryptographic standards FIPS PUB 197, FIPS PUB 186-4, FIPS PUB 180-4, FIPS PUB 198-1, ISO/IEC 9797-1 MAC Algorithm 3 (Retail MAC), ISO/IEC 9797-1 MAC Algorithm

EviKeyboard BLE and EviPass NFC HSM: Contactless & Wireless Virtual Keyboard Technology

EviKeyboard by Freemindtronic is a new and special virtual keyboard. It is better than other virtual keyboards because of its security, convenience, and compatibility. This article tells you why EviKeyboard is amazing.

FEATURE EVIKEYBOARD BY FREEMINDTRONIC
Security Highly secure: Utilizes NFC communication with a pairing system. The virtual keyboard does not store secrets and operates in real-time contactless mode.
Convenience Highly convenient: Requires no installation or configuration. Everything is automated and supported by EviCore NFC HSM. Simply bring your phone close to the device to activate and utilize secrets from an NFC HSM.
Compatibility Highly compatible: Works with any device supporting USB HID keyboards and any application that accepts keyboard input.

EviKeyboard BLE: A Secure Bluetooth Keyboard with EviPass NFC HSM

EviKeyboard Ble Virtual keyboard Bluetooth USB

EviKeyboard BLE is a device that allows you to use your phone or tablet as a wireless keyboard for your computer. It uses Inputstick technology to connect to your computer’s USB port and EviCore NFC HSM technology to secure your keystrokes. You can use the EviKeyboard app on your phone or tablet to choose the keyboard language and type passwords or cryptographic information.
Why EviKeyboard BLE?

EviKeyboard BLE has several advantages over other wireless keyboards, such as:

Eliminate the risk of theft, interception or corruption of keystrokes, by using Bluetooth encryption and random order of keystrokes
Simplify the user experience, by not requiring installation or configuration on the computer, and by starting automatically when plugged in
Improve the security and privacy of users, by using state-of-the-art encryption and verification methods that resist quantum attacks
Enable faster and more convenient access to online and offline systems and services, by using your phone or tablet as a wireless keyboard for your computer
Be compatible with any computer and any application that requires keyboard input. You can use it with Windows, Linux, Mac OS X and many other platforms.

How to use EviKeyboard BLE?

To use EviKeyboard BLE, you need a device compatible with EviPass NFC HSM technology and an EviKeyboard BLE device. You also need the EviKeyboard app on your phone or tablet. Here is what you need to do:

Connect your device compatible with EviPass NFC HSM technology to your phone or tablet with NFC.
Open the EviKeyboard app and choose the language of the virtual keyboard from the list.
Plug your EviKeyboard BLE device into your computer’s USB port.
Tap on “Connect” in the app and enter the encryption key.
Type on your phone or tablet and see the text on your computer screen.

You can also use the app to get user info, password info, crypto info, IOTA info or secret note info from your device compatible with EviPass NFC HSM technology. You can copy them or send them to your computer.

Read more

EviKeyboard NFC: A Secure Contactless Keyboard with EviPass NFC HSM

EviKeyboard NFC the Virtual keyboard contactless compatible with all computers work with EviCore NFC HSM Technology

EviKeyboard NFC is a device that allows you to use your phone or tablet as a contactless keyboard for your computer. It uses EviCore NFC HSM technology to secure your keystrokes. You can use the EviKeyboard app on your phone or tablet to choose the keyboard language and type passwords or cryptographic information.

Why EviKeyboard NFC?

EviKeyboard NFC is very secure. It uses NFC communication with a pairing system. The virtual keyboard does not store secrets and works in real-time contactless mode. This protects users from hackers or unauthorized access.

EviKeyboard NFC is very convenient. It does not require installation or configuration. Everything is automatic and supported by EviCore NFC HSM. It starts by bringing your phone close to the device and lets you use secrets from an NFC HSM.

EviKeyboard NFC is very compatible. It works with any device that supports USB HID keyboards and any application that takes keyboard input. You can use it with Windows, Linux, Mac OS X and many other platforms.

EviKeyboard NFC is a new and special virtual keyboard that is secure, convenient and compatible. It is a great way to use your phone as a contactless keyboard for your computer.

How to use EviKeyboard NFC?

To use EviKeyboard NFC, you need a device compatible with EviPass NFC HSM technology and an EviKeyboard NFC device. You also need the EviKeyboard app on your phone or tablet. Here is what you need to do:

Connect your device compatible with EviPass NFC HSM technology to your phone or tablet with NFC.
Open the EviKeyboard app and choose the language of the virtual keyboard from the list.
Plug your EviKeyboard NFC device into your computer’s USB port.
Bring your phone close to the EviKeyboard NFC device to activate the virtual keyboard.
Type on your phone or tablet and see the text on your computer screen.

You can also use the app to get user info, password info, crypto info, IOTA info or secret note info from your device compatible with EviPass NFC HSM technology. You can copy them or send them to your computer.

Read more

How does EviPass compare to other password managers?

EviPass is a unique technology that allows you to manage your passwords and secrets in a secure and decentralized way, but also centralizable in air gap. It stands for Encrypted Virtual Interface – Near Field Communication – Hardware Security Module. It differs from other password managers in several ways:

Security and privacy

Unlike virtual password managers, such as those integrated into web browsers or software applications, EviPass does not store your passwords on your phone, your computer or your cloud. Instead, it stores them in a NFC HSM via the EviPass technology. Your passwords are never exposed to hackers or third-party services. Even if your phone or computer is compromised, your passwords are always safe in a NFC HSM via the EviPass technology.

Convenience and durability

Unlike hardware password managers, such as those that use USB keys or smart cards, EviPass does not require any battery, connector, screen or cable. It works by using NFC technology to transmit your passwords wirelessly from your device to your phone or computer. You do not have to worry about charging or connecting your device. You can use EviPass with any device that has an NFC reader, such as Android phones, Windows PCs, Macs and Linux computers.

Versatility and innovation

EviPass can store and protect without contact not only passwords, but also other sensitive information such as identification or access control data. It also has a management and a generator of codes for digicodes.

EviPass uses a patented system that allows you to exchange passwords between remote NFC HSM using an RSA-4096 key that can be generated at will without contact stored encrypted in aes-256, non-extractable, non-displayable. This key also allows you to generate a public key that can be shared via a QR Code encrypted in RSA-4096.

This QR Code can be transmitted by any existing means of communication securely including in air gap. It can be stored on any support including online or shared between remote or nearby NFC HSM devices.

This system also offers the possibility of centralizing passwords through a physically decentralized contactless hardware password management system.

EviPass also allows you to manage an RSA-4096 key that can be generated at will to perform encrypted backups of your passwords on any type of fixed, removable or online storage support even via an email or sms. Advantageously, the use of the public key of the RSA-4096 key allows you to share passwords between remote or nearby HSM via a QR code encrypted in RSA-4096. As a result, this also offers a simple solution for centralizing passwords that can be further secured with the addition of trust criteria.

EviPass is the ultimate technology for managing your passwords and secrets in all types of computer, phone, information and communication systems including proprietary digital and hardware systems such as access control via the bios of a motherboard for example or the TMP2.0.

EviPass is a contactless hardware password manager that uses NFC technology to provide security, privacy, convenience, versatility and innovation for your passwords and secrets.

How does EviPass NFC HSM contactless hardware password manager compare to FIDO-based solutions?

Passwordless authentication is important for online security and privacy. It eliminates the need to remember or enter passwords, which can be stolen, forgotten or compromised. However, passwordless authentication also faces some challenges, such as compatibility, usability and scalability. How do EviPass NFC HSM and FIDO-based solutions address these challenges? Let’s compare them. FIDO (Fast Identity Online) is a set of standards for passwordless authentication. FIDO-based solutions use public key cryptography to verify users and devices. They include FIDO U2F, FIDO UAF and FIDO2. EviPass NFC HSM is an alternative technology that encrypts password usage from end to end. It is compatible with a device that uses EviPass NFC HSM technology. It has some similarities with FIDO-based solutions, such as passwordless and contactless authentication, and multi-factor authentication. However, it also has some differences and advantages, such as:

Serverless and databaseless authentication

EviPass NFC HSM does not need any server or database to authenticate users. It does everything in real time in volatile memory. It does not store or expose any information on the computer or phone terminal. This makes it independent of the security of these terminals. FIDO-based solutions, on the other hand, need a server or database to store and verify the public keys.

For example

Imagine you want to log in to your email account. With EviPass NFC HSM, you just need to click on a button that appears in the login and password fields. Then, you need to tap your NFC-enabled Android phone to receive a request that invites you to present your NFC HSM device to your phone, which only serves as a terminal. The fields will be automatically filled in and you will be automatically logged in, without having to display, know or memorize your credentials. All these operations are encrypted in real time from end to end from the NFC HSM device without ever saving anything, neither in the computer, nor in the phone. With FIDO-based solutions, you need to register your device with the email server first. The device will generate a public key and send it to the email server. The email server will store the public key and associate it with your account. Then, when you want to log in, the device will generate a signature and send it to the email server. The email server will verify the signature with the public key and grant you access. The public key is stored and exposed on the email server.

Post-quantum encryption

EviPass NFC HSM uses standard AES-256 post-quantum symmetric encryption via segmented keys from an NFC HSM. The attack of an AES 256 encryption is an impossible problem to solve, even for quantum computers. It also has a native system of encryption of local network communication protocols (wifi or adhoc shared access point on an Android NFC phone) that uses single-use keys per session. This prevents any attempt at interception by a man-in-the-middle attack. This technology, which works only on a local network from an HSM, also makes a remote attack impossible. It is thanks to the EviCore NFC HSM and EviCore NFC HSM Browser Extension technologies that the EviPass NFC HSM technology is effective and compatible with all existing protocols and networks. FIDO-based solutions use ECC or RSA cryptography, which are vulnerable to quantum attacks. For example, imagine you want to protect your data from hackers who have access to quantum computers. With EviPass NFC HSM, you can encrypt your data with a key that is based on a segmented key from an NFC HSM. Even if a hacker has a quantum computer, they will not be able to break the encryption. Even if they try to intercept the key on the local network, it is for single use. With FIDO-based solutions, you can encrypt your data with a key that is based on ECC or RSA. However, if a hacker has a quantum computer, they can use an algorithm called Shor’s algorithm to factor the key and break the encryption.

Physical origin trust criterion

EviPass NFC HSM encrypts and decrypts data using a criterion that depends on the physical origin of the device or the biometric feature. This adds an extra layer of security and privacy to user data. FIDO-based solutions do not use this criterion.

For example

Imagine you want to share a file with a friend. With EviPass NFC HSM, you can encrypt the file with a key that is based on the physical origin of your device or your biometric feature. Only your friend, who has the same device or biometric feature, can decrypt the file. With FIDO-based solutions, you can encrypt the file with a key that is based on a public key. However, anyone who has the corresponding private key can decrypt the file.

Segmented key authentication

EviPass NFC HSM splits the key into two or more segments that can be held by different parties. They need to be reunited to reconstruct the key. This allows more flexibility and control over key management and distribution. FIDO-based solutions do not use this feature.

For example

Imagine you want to access a secure system. With EviPass NFC HSM, you can split the key into two segments. One segment is held by you, and the other segment is held by the system administrator. You need to combine both segments to access the system. This way, you can prevent unauthorized access or misuse of the key. With FIDO-based solutions, you have a single key that is held by you. You can access the system with your key, but you also risk losing or compromising your key.

Compatibility with all websites

EviPass NFC HSM is compatible with all websites that use a web browser. It does not require the website to be compatible with EviCore NFC HSM technology. Users can log in to any website using their device and the web browser extension. FIDO-based solutions, on the other hand, require the website to comply with FIDO standards.

For example

Imagine you want to log in to a website that does not support FIDO. With EviPass NFC HSM, you can do it easily. You just need to install the web browser extension and use your device to log in. The extension will fill in your credentials and password for you. With FIDO-based solutions, you cannot do it. You need to use a different method to log in, such as a password or a one-time code.

Compatibility with Android NFC phones

EviPass NFC HSM contactless hardware password manager is compatible with Android NFC phones. Users can log in contactlessly with their phone via the device. They do not have to enter their credentials and password. FIDO-based solutions are not compatible with Android NFC phones.

For example

Imagine you want to log in to an app on your phone. With EviPass NFC HSM, you can do it quickly and conveniently. You just need to tap your phone on your device. The device will encrypt your password and send it to the app. The app will decrypt it and grant you access. With FIDO-based solutions, you cannot do it. You need to use a different device, such as a USB key or a Bluetooth device, to log in.

No USB connector

EviPass NFC HSM does not use a USB connector to connect to systems. It uses wireless NFC communication, which is more secure and convenient. The device does not need to be plugged in or recharged. It can be used with any device that has an NFC antenna. FIDO-based solutions use a USB connector, which can be compromised for attacks. Moreover, some companies do not allow USB devices, which limits their use.

For example

Imagine you want to log in to a computer at work. With EviPass NFC HSM, you can do it safely and easily. You just need to tap your device on the computer. The device will encrypt your password and send it to the computer. The computer will decrypt it and grant you access. With FIDO-based solutions, you need to plug in a USB device to the computer. The USB device will generate a signature and send it to the computer. The computer will verify the signature and grant you access. However, the USB device can be stolen, lost or hacked. Moreover, some companies do not allow USB devices for security reasons.

No reliance on third-party services

EviPass NFC HSM does not depend on any third-party service or provider for authentication. Users have full control and ownership of their data and keys. FIDO-based solutions, on the other hand, may rely on third-party services or providers for authentication, such as Google, Microsoft or Facebook. This may pose privacy and security risks.

For example, imagine you want to log in to a social media platform.

With EviPass NFC HSM, you can do it independently and privately. You just need to use your device to log in. The device will encrypt your password and send it to the platform. The platform will decrypt it and grant you access. With FIDO-based solutions, you may need to use a third-party service or provider to log in, such as Google, Microsoft or Facebook. The third-party service or provider will verify your identity and grant you access. However, the third-party service or provider may collect, store or share your data without your consent.

Theft of HSM FIDO and NFC HSM EviPass devices

Another aspect to consider when comparing EviPass NFC HSM and FIDO-based solutions is the risk of theft of the devices. Both types of devices are designed to protect the user’s private keys and data, but they have different levels of security and resilience against theft. FIDO-based devices, such as USB keys, are vulnerable to physical theft and hacking. A thief can steal the device and try to access the user’s accounts or data. A hacker can also compromise the device by exploiting the USB port or a third-party service. Moreover, some FIDO-based devices do not have a biometric authentication system, which makes them easier to use by anyone who has them. EviPass NFC HSM devices, such as cards or bracelets, are more secure and resistant to theft. A thief cannot use the device without the user’s consent, because it has more than 5 authentication factors, such as password, fingerprint, geolocation, barcode, BSSID or UID of the Android NFC phone with which the NFC HSM is paired. A hacker cannot access the device remotely, because it works only on a local network from an HSM. A hacker cannot break the encryption, because it uses AES-256 post-quantum encryption with segmented keys. A hacker cannot intercept the communication, because it uses single-use keys per session. A hacker cannot tamper with the device, because it has a physical origin trust criterion.

For example

Imagine you want to prevent your device from being stolen or hacked. With EviPass NFC HSM, you can use a device that is more secure and resistant to theft than FIDO-based devices. You can choose a device that suits your preferences, such as a card or a bracelet. You can also customize the authentication factors, such as adding a password or a fingerprint. You can also use your Android NFC phone as a terminal to communicate with your device. With FIDO-based solutions, you have to use a device that is more vulnerable to theft and hacking, such as a USB key. You have to plug the device into a USB port, which can be compromised. You also have to rely on a third-party service or provider, which can pose privacy and security risks. Therefore, EviPass NFC HSM devices are more secure and resistant to theft than FIDO-based devices. They offer a higher level of protection and privacy to the user’s data and keys.

Summary table of the comparison

Here is a summary table of the comparison between EviPass NFC HSM and FIDO-based solutions:

Feature EviPass NFC HSM FIDO-based solutions
Serverless and databaseless authentication Yes No
Post-quantum encryption Yes No
Physical origin trust criterion Yes No
Segmented key authentication Yes No
Compatibility with all websites Yes No
Compatibility with Android NFC phones Yes No
No USB connector Yes No
No reliance on third-party services Yes No
Security and resistance to theft Yes No

In conclusion, EviPass NFC HSM is an innovative and secure solution for passwordless authentication. It offers many advantages over FIDO-based solutions, such as serverless and databaseless authentication, post-quantum encryption, physical origin trust, segmented key authentication, compatibility with all websites and NFC Android phones, the absence of a USB connector, the absence of dependence on third-party services, and security and resistance to theft.

EviPass NFC HSM: A contactless and passwordless password management technology

EviPass NFC HSM (Encrypted Virtual Interface – Near Field Communication – Hardware Security Module) is a groundbreaking technology that seeks to overcome the challenges associated with passwords, one of the most common and widely used methods for online accounts and services authentication. Despite their ubiquity, passwords come with a myriad of drawbacks and limitations, such as:

  • They are vulnerable to theft, phishing, brute force attacks and other common threats.
  • They are hard to remember and manage, especially when users have multiple accounts and passwords.
  • They are inconvenient and time-consuming to enter, especially on mobile devices or public computers.
  • They are not secure enough against quantum attacks, which could break the encryption and verification methods based on traditional cryptography.

To overcome these challenges, Freemindtronic has developed a new innovative hardware-based contactless password management solution with passwordless function. It works without a server, without a database, without the need to know, memorize, enter a password, or know the username or its identifier or identify the equipment used to connect without contact in multi factors authentication: EviPass NFC HSM.

EviPass NFC HSM is a secure, decentralized password management technology that uses contactless, passwordless authentication and post-quantum encryption to protect users’ online accounts and secrets. Users can access their accounts online or offline without entering, remembering, knowing or viewing passwords or secrets. Users can also manage their passwords and secrets on their computer with EviPass NFC HSM technology using the EviCore NFC HSM Browser Extension web browser extension. EviPass NFC HSM is compatible with all NFC websites and Android phones. EviPass NFC HSM can work on Android NFC computer or phone systems online, offline or in LAN including command line with EviKeyboard BLE virtual USB Bluetooth keyboard technology.

Patented technologies behind EviPass NFC HSM

EviPass NFC HSM relies on Freemindtronic’s international patented technology, a company based in Andorra, which designed and developed several inventions in the field of computer security and access control. These inventions are the system of wireless access control to a device protected by pre-set authentication factors and the system of segmented key authentication for a computer application. These inventions are the system of wireless access control to a device protected by pre-set authentication factors (WO2017129887) and the system of segmented key authentication for a computer application (WO2018154258).

EviPass contactless technology combines these two inventions to offer a secure and decentralized contactless hardward password management solution but also centralized via an innovative end-to-end encrypted air gap sharing system in RSA 4096 between two NFC HSMs.

EviPass does not store your passwords on your computer or phone, but encrypts and decrypts them on the fly thanks to an NFC HSM device compatible with EviPass, such as a smartphone or a security key. EviPass does not ask you to enter your passwords, but transmits them wirelessly and without password using NFC. EviPass uses post-quantum encryption, which resists attacks from quantum computers.

With EviPass, you benefit from the advantages of NFC HSM:

  • You enjoy a high level of security, using secret keys and multiple authentication factors.
  • You simplify the authentication process, avoiding complex passwords or one-time codes.
  • You easily manage your permissions, configuring the authentication factors and tokens associated.
  • You adapt your solution to different types of devices or applications protected, using controllable switches.

EviPass works with two technologies EviCore NFC HSM or EviCore HSM OpenPGP from Freemindtronic, which implement these two patents among others. These technologies are secure hardware modules (HSM) that allow you to generate, store and use cryptographic keys securely. They comply with international standards, such as NFC, Bluetooth, AES 256 bits, RSA 4096 bits, IEC/ISO 15639, IEC/ISO 7816:2020, IEC/ISO 8859-1:1998, IEC/ISO 13157-2:2016 and IEC/ISO 15408-1:2022 .

EviPass is also compatible with a new technology of authentication by segmented key in two levels (people), requiring the proximity of two people to use the services of the HSM NFC technology of EviCore. This means that to access a protected device or application, you need two NFC HSM mobile devices and two segments, which are held by two different people. It is mandatory to present both NFC HSM containing each one segment to reconstitute the password that can exceed 256 bits. This segmented key authentication by tiers is already compatible with the EviCore HSM OpenPGP technology by segmenting AES-256 OpenPGP encryption key.

This technology of authentication by segmented key in two levels offers a high level of security, requiring the physical presence and cooperation of two people to access a protected system from a computer or phone system using identification and/or password. It also significantly reduces the risks of password corruption in case of loss or theft, by dividing them into two distinct parts and entrusting them to two different people who only know their segment.

NFC hardware password manager EviPass is the ultimate solution for wireless access control to protected devices or applications.

Conclusion

EviPass NFC HSM is a secure and decentralized password management solution that uses contactless passwordless authentication and post-quantum encryption to protect users’ online accounts and secrets. It offers several advantages over traditional password-based authentication, such as:

Eliminating the risk of theft, phishing, brute force attacks and other common threats, by not storing or exposing any password or secret on the computer or phone terminal.
Simplifying the user experience and reducing the cognitive load of remembering and managing multiple passwords, by allowing users to log in to their online accounts without entering or remembering passwords or secrets.
Increasing the security and privacy of users, by using strong encryption and verification methods that resist quantum attacks, by using a physical origin trust criterion and by splitting the key into multiple segments.
Enabling faster and more convenient access to online and offline systems and services, by using a physical device for contactless authentication.
Being compatible with all websites and Android NFC phones. EviPass NFC HSM can work on online or offline or local network Android NFC computer or phone systems.
Not relying on any third-party service or provider for authentication. Users have full control and ownership of their data and keys.

EviPass NFC HSM uses the EviCore NFC HSM Technology and EviCore NFC HSM Browser Extension compatible with the device compatible with EviPass NFC HSM technology. For more information about the device compatible with EviPass NFC HSM, please visit https://freemindtronic.com/datasheets-nfc-hsm. If you are interested in EviPass NFC HSM, you can click here to order it.

EviPass NFC HSM est une technologie nouvelle et innovante qui fournit une solution sécurisée et décentralisée de gestion des mots de passe. Il s’agit d’un gestionnaire de mots de passe matériel sans contact qui utilise un cryptage post-quantique et une authentification multifacteur. C’est une excellente alternative aux solutions basées sur FIDO qui utilisent des connecteurs USB et la cryptographie traditionnelle. Si vous souhaitez protéger vos comptes en ligne et vos secrets contre les pirates et les attaques quantiques, vous devriez essayer EviPass NFC HSM dès aujourd’hui.