Supported smart cards or tokens may no longer work with Symantec Encryption Desktop (formerly PGP Desktop) due to a changed ATR

book

Article ID: 157669

calendar_today

Updated On:

Products

Drive Encryption

Issue/Introduction

Supported smart cards or tokens listed as compatible for Symantec Drive Encryption (formerly PGP Whole Disk Encryption) authentication may not work with Symantec Encryption Desktop anymore.

- Keys cannot be added to the token with PGP Desktop
- Keys can be added to the token but authentication at PGP BootGard fails.

Cause

New batches of tokens may have a different ATR number from the one that is supported with  Symantec Encryption Desktop and Symantec BootGuard authentication.

Each ATR has to be added to the source code and needs to be tested separately.

To find out the token ATR see HOWTO74424 in the related articles section  

Resolution

The tokens "eToken - PRO USB Key 32K" and "eToken - NG-OTP 32K" are End of Life and can no longer be purchased from the vendor. These tokens can therefore not be tested and added as supported devices.

Please report any supported tokens that have changed ATR numbers and no longer work to Technical Support. Tokens that can still be purchased will be evaluated by Symantec Corporation for addition in a later release.


Applies To

Issues that we have seen with Symantec Encryption Desktop using tokens with a certain ATR, for example:

  • eToken - PRO Java 72K with ATR 3b:d5:18:00:81:31:fe:7d:80:73:c8:21:10:f4 fails at pre-boot authentication using the following hardware

- Sony Vaio SVT1311Z9R (Microsoft Windows 7 Professional 64-bit)
- Toshiba Satellite A200 (Microsoft Windows XP Professional 32-Bit)

  • eToken - PRO USB Key 32K with ATR 3b:f2:98:00:ff:c1:10:31:fe:55:c8:03:15 fails at pre-boot authentication
  • eToken - NG-OTP 32K with ATR 3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a fails at pre-boot authentication