On 2015-01-23 21:31, Werner Koch wrote: > On Fri, 23 Jan 2015 12:19, felix.k...@inka.de said: > >> * There will be a new batch of cards, with the same functionality but >> updated print: On the back of the current cards, it says “RSA with >> up to 3072 bit” when in fact the cards support up to 4096 bit. > > The code for the card and the specs will also have some minor updates. > This has been done mostly on requests from the Nitrokey (aka > CryptoStick) folks. Nothing to worry about. Achim already send me the > specs and I will put them online soon. > >> As for the reader, I got a Reiner SCT cyberJack RFID standard. The RFID > > If you do not use Windows I would strongly advise against Rainer > products. > > I never achieved to make them work for me, requests for technical > support were never answered, all requests for a sample were rejected or > they quoted unacceptable prices. Further, the Cyberjack readers run a > lot of code not necessary for accessing the card and the firmware can > easily be updated from the host (if you know how to do that). Granted, > other vendors also have easy changeable firmware but their > microcontrollers are smaller and writing malware for them is harder. I > won't trust such devices - we don't know whether the BND has an > agreement with them not to fix exploitable bugs so to allow them > inserting code to track PINs.
The same is true for the OpenPGP smart card or for almost any other smart card available on the market. They could all contain a secret key escrow mechanism and some probably do. Proprietary smart cards are hard to audit and verify and are easy targets for backdoors and bugdoors. Moreover, I would like to see a realistic threat model under which compromising the host system does not render the smart card useless (that doesn't mean smart cards aren't useful from a usability perspective for some types of users). From a security perspective it's yet another mitigation technique to try to work around insecure operating systems and applications. There are some smart cards with PIC and AVR microcontroller available on the market that seem to be used to decode scrambled/encrypted satellite broadcasts (starting keyword: Funcard, Goldcard). They have limited memory but there are models that should suffice for a minimal implementation of the OpenPGP Card specification. There are also similar microcontrollers of the size of a USB flash drive. Both have fuses to prevent changing the bootloader which in turn could verify firmware uploaded to the device. As already mentioned in this discussion, there is also Gnuk which is a USB device without proprietary firmware and there are USB connected computers of the size of a USB flash drive that run GNU/Linux and could be used as a HSM (there are several software based Free Software HSM implementations). Moreover, you should be able to use any card supported by OpenSC (including MuscleCard and derived Java Card applets) with gnupg-pkcs11. As far as I know OpenSC does not support any hardware that is entirely based on Free Software. That being said, really think about your threat model and whether smart cards would help you to prevent attacks in your threat model. If they don't, save the money or give it to people in need. - Matthias-Christian _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
