On 23/12/13 19:29, adrelanos wrote: > This would be lucky, if one could enter the PIN using an external keypad > (possible) AND a password using the keyboard (not possible).
The smartcard needs to know the plaintext key. It is no use to encrypt the key with a password, because you'll simply offer the password to the smartcard so it can decrypt it. Any exploit in the smartcard would then cache the key for the three-letter agency. You gain nothing by the password. The only interesting difference between the PIN and a password is that the latter needs to be suitable to encrypt a secret with: it needs to contain entropy, so be difficult. A PIN doesn't need this property, because the smartcard checks each try, and will lock the card after three wrongs (OpenPGP v1 cards will self-destruct on three wrong admin PINs. I personally found this a bit harsh). A suitable PIN doesn't need to contain all that entropy that is needed for an on-disk encrypted private key. The latter needs to withstand an off-line decryption attack of the disk file. > It will be much more difficult to find out if the smartcard really wipes the > key as soon someone is trying to dismantle the card to directly read its > memory. It is my expectation that it is very easy to find out: it won't. There's no battery in a smartcard, and some kind of chemical release is very unlikely. So it won't wipe it's non-volatile memory when probed. Instead, they make it difficult to probe by putting, among others, metal layers on top of the memory, making it a very expensive job to grind down without grinding away the memory cells as well. > Also the hardware design? No. It has to stop somewhere: at some point you have to trust some party. With smartcards, I think for most people that's that the hardware design can be trusted. Some hacker group could at some point reverse-engineer the design from the integrated circuit and check it for validity; they did it[1] for the MOS 6502. After that, you can trust that cryptocards from the same mask can be depended upon. When they change the mask, you won't notice, though. > By "part" I don't mean split one key in halves, but rather use two keys. It's an interesting thought, I'll definitely give you that. However, if you need that kind of protection, I don't think you should use a normal computer with a normal operating system. It seems to me, to attack your smartcard, they would need to either hack your PC, or have physical access. In both scenarios, the key on your hard disk is not secure anymore either. Can you think of a scenario where the on-disk key adds security beyond the smartcard? HTH, Peter. [1] https://events.ccc.de/congress/2010/Fahrplan/events/4159.en.html -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
