On 06/19/2013 03:21 PM, Heinz Diehl wrote: > On 18.06.2013, NdK wrote: > >> If the key is generated on-card, you have no way to backup it. No need >> for "unexportable" flag: simply there's no command to export it. > > And if the key is generated off-card and properly moved to the > smartcard afterwards, there's no way to export it either. It's only > the stub which points to the smartcard left on disk.
Is the original poster still there? I was going to write and decided it was wiser to wait for these responses which I almost knew were coming. Try the backup from GPA's menu. I doubt you will get anything that can be exported. If you get a backupg.gpg (or similar), then try importing your secret keys onto a second system with GPGWIN installed. If all that flies (you were actually able to do a --export of your private keys despite these two people's responses to the contrary and then are able to do a --import on the second system) then try these tests: 1. Make a detached signature of a file on system one (with OpenPGP card). Copy the base file and the signature file to system two and see if it verifies. 2. Sign on second, copy to first, and see if it verifies on first. IOW, reverse of previous. 3. Enciper a file using public-key of said key you supposedly was able to import on either of the system. By that I mean a public-key enciphering, not just a symmetric cipher, e.g.: http://www.securemecca.com/public/GnuPG/pcrypt.txt Copy the public-key enciphered file to the other system. Flash drive, et al. Decipher it on the other system. I don't think your tests will work. In fact I don't believe you will even get to these three tests. What is the advantage of using the OpenPGP key and having a public-key enciphered file over a symmetric enciphered file? Symmetric Enciphered: ===================== Let's say your machine gets infected. Let's also suppose that a key logger has been installed. I can assure you that most malware today either has a mini key-logger as part of the initial install or a key-logger can be downloaded and installed. Actually, most malware will almost do it automatically. I have over 10,000 malware to back that statement up. Either the key-logger got the password to encipher the enciphered file or they saw it when you temporarily deciphered the file. So now all the hackers need are either the plain-text file or the enciphered file and to know what created the enciphered file. But even if all the hackers have are the enciphered file and the pass-phrase they are now only one step away. PeskySpammer has even installed SMTP agents on tens of thousands of Microsoft Windows machines, one of which was at RIPE, one more at ICANN, and one at Yahoo. The hackers have your file and its name alone or what is in the file header reveals what was used to create the enciphered file. Within a few minutes they will have a deciphered file. The only thing that can protect you is to NEVER encipher or decipher the file while the key-logger is there and to never have the deciphered file available. But once they have the enciphered file and know the password to decipher the file the game is over and you have lost. OpenPGP Public-Key Enciphered: ============================== All the same things hold. Assume they know the key's pass-phrase. They can also pull down the enciphered file. But you cannot just copy the keys since an OpenPGP card doesn't have a file system. If you cannot --export the secret-keys then the hackers will never get them. FOILED! The hackers have no choice but to move on or set some sort of trigger that knows when you decipher the public-key enciphered file. The longer you let the unenciphered file hang around the more likely it is to fly the coop. So even if the hackers know the pass-phrase (assume they do) and have the public-key enciphered file, they can NOT decipher the file. Now do you see the difference between a symmetric enciphered file and a public-key enciphered file where the OpenPGP keys are on an OpenPGP card? Just don't let the unenciphered file hang around any longer than normal. Do not just delete the unenciphered file - securely erase it when you don't need it. If you need higher security use an OS which has moderately more security (Linux) or even higher security (OpenBSD) with an OpenPGP card to hold the keys. Every layer of defense you add encourabes the hackers to move on in search of an easier target. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
