Peter Lebbing: > The result is that the on-disk key again adds nothing, > because an adversary that can physically access the smartcard can also > physically access the computer.
The latter often requires breaking into a flat or an office. While smartcards are carried around. Breaking into a a flat/office and installing a hardware keylogger and/or miniature camera requires much more criminal energy than theft/robbery of a smartcard. That is also my point. If you enough capabilities to the adversary, anything can be broken. I only believe, the combination of unique security advantages, which both hardware protections by smartcards and key encryption have, leads to a combination of these advantages and thus defeats more adversaries than not having a combination of these security features. > Only if you can make it more difficult to access > the computer than to access the smartcard, will the on-disk key add anything, > I > think. Indeed. That's a necessary assumption I didn't write down. >> Scenario #2 >> ########### > > This scenario doesn't involve additional security gained through two keys; it > is > simply the advantage of a smartcard over an on-disk key. I believe I said that already. The Scenario #2 was only in the show that it's worthwhile having the extra security features by smartcards. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
