BUG REPORT: RSA SID800 D3 Token is not working with Symantec Drive Encryption (formerly PGP Whole Disk Encryption) Bootguard authentication.

Article:TECH192523  |  Created: 2012-07-06  |  Updated: 2013-05-10  |  Article URL http://www.symantec.com/docs/TECH192523
NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.
Article Type
Technical Solution


Cannot authenticate at Bootguard using a RSA SID800 D3 token when booting a machine encrypted with Symantec Drive Encryption.

RSA SID800 D1 tokens work.


Microsoft Windows

Symantec Encryption Desktop 10.3.0 or PGP Desktop 10.2.1 or older

RSA Authentication Client versions prior to 3.5

RSA firmware version 3.1 or older


The vendor introduced new ATR numbers which are not recognized by Bootguard until upgrading to 10.2.1 MP3 or later

Known RSA SID800 D3 tokens that were affected and did not work have ATR number "3b:0f:80:22:15:e1:5a:00:20:00:30:21:03:31:21:03:00"


Upgrade to PGP Desktop 10.2.1 MP3 or above where the new ATR is supported in PGP Desktop.

In order to use pgpwde.exe to add token keys upgrade to Symantec Encryption Desktop 10.3.0 and use RSA client software 3.5.5 and firmware version 3.5 or newer. Please contact your token vendor to obtain this firmware update or software update.

Supplemental Materials


Article URL http://www.symantec.com/docs/TECH192523

Terms of use for this information are found in Legal Notices