Damien Goutte-Gattat wrote:
> On Tue, Sep 17, 2019 at 06:59:34PM +0200, Stefan Claas via Gnupg-users wrote:
> >I assume that in order to decrypt a message the secret key data must be
> >unlocked and loaded for a very short time into the computers RAM, in order
> >to perform the decryption
>
> No. The secret key data remains on the smartcard and is *not* sent to
> the host computer. The host computer sends the data to be decrypted to
> the smartcard, the smartcard does the decryption itself then sends the
> decrypted data back to the host.
>
> (Actually the "data" sent to the card is not an entire OpenPGP message,
> just the asymetrically encrypted session key which the hosts then uses
> to decrypt the bulk of the message. But this is a detail which does not
> change the fact that the host never sees the secret private key.)
>
> - Damien
Thank you Damien and Peter, both of your detailed replies are much appreciated!
Regards
Stefan
--
box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
certified OpenPGP key blocks available on keybase.io/stefan_claas
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
