The aimed architecture:

(We are studying a parallel Windows PE based architecture)

Definition:

A livetoken is a USB key with built-in Smart Card technologies and Flash memory large enough to contain a bootable "live" operating system . This portable system should be able to take profit of Smart Card security features to complete secured encryption and strong two factors authentication (Smart Card & PIN Code).The Smart Card can be built-in (already present in the closed token) or inserted in a SIM slot.

This system should be able to protect users' privacy and identity.

We need information, information, information... :

Some modified Debian live distribution will be soon (Q1 2009) available for download BUT...

...our primary goal is NOT to make another Linux Distribution (The Debian Live CD will use official/standard packages Debian repository) but to provide clear documentation and HOWTOs for standard well known Linux live distributions like Debian, Mandriva or Fedora to take advantage of Smart Card security features. If you want to extend the project to other Linux or BSD distributions, you are welcome.

A quick note on Microsoft Windows : Supporting non-live capable and closed source systems is not our priority even if tests will probably be made through virtualization.

Windows has some kind of partial live support through Windows PE. An experimental first attempt to use Windows PE for a Windows based LiveToken should be made very soon.

Token / Smart Card requirements:

We are focusing on Java Card based Smart Cards (NXP JCOP or Trusted Logic jTOP) support through the MuscleCard Applet (PKCS#11).
(The alternative Coolkey project could be used too).

With an open Java Card OS, users should still have the opportunity to add other Java Card applets and even developp their own ones. 

All-in-on tokens are still rare:

Today, there are still very few USB tokens with built-in "Java Card OS / Smart Card" AND large High Speed Flash memory so our first experiments could be made with two separate USB products: One "Java Card OS / Smart Card" USB CCID reader and a high speed flash memory key.

In the future, we hope all-in-one products with both features will be available on the market.

Not so evil:

TPM (Trusted Platform Module) and Smart Cards are often considered as evil technologies in the open source community because some companies tried to use them in the past for DRM solutions (and even windows only compatible ones). We do not think all trusted computing principles should be dropped and forgotten just for those deprecated mistakes (Hopefully, most of all DRM solutions turned into major failures). We aren't planning anything about DRM, automatic users' spying or whatever...

We appreciate privacy and openness as much as security.

News

2009-09-24: The website (and the project) is back online. The Linkedin group will be opened again.

2009-09-04: The Eutronsec SIMReader Combo is not available anymore, but the same token has been sold under the "Omnikey 6121" name during a few months. Even the official new "Omnikey 6121" model has no flash you should be able to find the "dol" model with flash on the web.

2009-03-01: Few people asked us about a Windows based livetoken. It appears it may be partially possible through Windows PE. We'll make some test with the help of Winbuilder. and Windows PE 3.0 from Windows 7

2009-02-28: Kobil redirected us to resellers. Their token have hardware encrypted flash (that's nice but not usefull for us) and is so expensive (more than 260$: No way!) that we'll pass on this one too.

2009-02-27: Charismathics' products can't use JavaCard OS. We'll pass on this one. "Next!".

2009-02-20: Kobil claimed they already have some kind of a non-public "livetoken"-like solution used on the field by some members of the german government. Since the project is not public, we can't test it.

2009-02-15:
New token samples were requested from Aladdin, Kobil and Charismathics

2009-02-14:
Debian 5.0 is out. The first official Live Debian release will be used for our first livetoken test release

2009-02-11:
Alladin informed us that Eutronsec SIMReader Combo won't be available anymore :(.

2008-12-11:
Our EutronSec SIMReader Combo short review is available here.

2008-11-02 :
SIMReaderCombo by Omnikey & Eutronsec is a SC Reader with Hish Speed Flash. Review in a few days.

2008-10-26 :
Our SCM @Maxx Prime short review is available here.

2008-10-13 :
Great news: SCM answered and will send us a @Maxx Prime sample.

2008-10-13 :
SCM contacted for their new @Maxx Prime product.

2008-10-12 :
New main architecture diagram on the front page.

2008-10-05 :
Contact with Mandriva team about their secured boot module based on Trusted Grub.

2008-10-05 :
New home/presentation text. First roadmap.

2008-10-03 :
New logo. Added gear to reflect the running OS.

2008-09-28 :
Website is up and running.