Does the SCM SCR3320 work with GnuPG?
Hello list, Does anybody know if the SCM SCR3320 USB card reader works with GnuPG under Linux? Specifically, I was thinking of buying the "ChipDrive MyKey 2" from Conrad[1] in The Netherlands. It's only 20 euros. If you look at the product page for the SCR3320[2] and compare the photo with the product page for the MyKey[3], it looks like a different stick. I hope this is just a change in the housing, because the MyKey description still says it's the SCR3320. I want to use it in combination with an OpenPGP v2 card, although I'm also considering cutting up my v1 card to fit in the SIM size. I don't think it is relevant, but I'm running Debian Squeeze/testing with stock kernel and stock gnupg. But this can be changed if necessary, it's just convenient (I mean the kernel and gnupg can be custom compiled, not changing the distro). Thank you for your time, Peter Lebbing. [1]http://www.conrad.nl/goto.php?artikel=971780 [2]http://www.scmmicro.com/products-services/smart-card-readers-terminals/multifunctional-token/scr3320.html [3]http://www.scmmicro.com/products-services/chipdriveR/solutions/mykeyy.htm -- I'm using the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.ewi.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Does the SCM SCR3320 work with GnuPG?
On Sep 12, 2009, at 11:38 AM, Peter Lebbing wrote: Hello list, Does anybody know if the SCM SCR3320 USB card reader works with GnuPG under Linux? Specifically, I was thinking of buying the "ChipDrive MyKey 2" from Conrad[1] in The Netherlands. It's only 20 euros. If you look at the product page for the SCR3320[2] and compare the photo with the product page for the MyKey[3], it looks like a different stick. I hope this is just a change in the housing, because the MyKey description still says it's the SCR3320. I can't speak to the MyKey device, but I have a SCR3320 and it works just fine with GnuPG and the v2 card. I like the smaller "USB stick" form factor a lot more than the larger "credit card" sized cards. They're much easier to deal with when you don't have smartcard readers wherever you go. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Does the SCM SCR3320 work with GnuPG?
David Shaw wrote: > I can't speak to the MyKey device, but I have a SCR3320 and it works > just fine with GnuPG and the v2 card. Great, thanks for the info. One more question, does your reader look like [1] or like [2]? I must say I like the supposedly "new housing" ([2]) better than the "old" one. Swapping cards seems easier and more logical with the new model. The Conrad links have some more pictures showing how to swap cards. > I like the smaller "USB stick" form factor a lot more than the larger > "credit card" sized cards. They're much easier to deal with when you > don't have smartcard readers wherever you go. I totally agree. I like the idea of the separate keypad of, f.e., the SPR532 I have (even though I don't use it currently), but mobility is worth more. Peter Lebbing. PS: I accidentally backspaced over the 'l' in '.html' in the link to the MyKey on the SCM site in the previous mail. [1]http://www.conrad.nl/goto.php?artikel=971793 [2]http://www.conrad.nl/goto.php?artikel=971780 -- I'm using the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.ewi.utwente.nl/~lebbing/pubkey.txt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Does the SCM SCR3320 work with GnuPG?
On Sep 12, 2009, at 1:40 PM, Peter Lebbing wrote: David Shaw wrote: I can't speak to the MyKey device, but I have a SCR3320 and it works just fine with GnuPG and the v2 card. Great, thanks for the info. One more question, does your reader look like [1] or like [2]? I must say I like the supposedly "new housing" ([2]) better than the "old" one. Swapping cards seems easier and more logical with the new model. I have [1] (the white plastic one with the black card carrier on the side and black cap). While it is possible, it isn't very convenient to swap cards very often in this model. The card carrier seems somewhat fragile and not really up for frequent opening and closing. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: howto secure older keys after the recent attacks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 David Shaw escribió: ... >> So my question is basically,.. >> If gpg would use this,... does it only improve the already existing >> entropy and randomness of the kernel PRNG? I mean that gpg somehow >> "merges" the different sources? >> Or is it more or less a,.. either use the kernel PRNG or the hardware >> RNG. > > The kernel merges several sources of entropy into the /dev/random pool. > The entropy key would just be another source (though a very prolific > source) of entropy. I remember an example from one of the Bruce Schneier book, where 2 people (Alice and Bob, of course) wanted to get a random bit. They thought about each one flipping a coin, and then mixing the results. And Bob said "what if one of us don't do it randomly", and Alice said as long as one of the results was truly random, the final result would be random. So I suppose as long as the entropy generator output is mixed with other sources of entropy, it can't lower the quality of the final entropy. But of course, maybe I didn't understand it right. Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJKrFK7AAoJEMV4f6PvczxAk6cIAKfa64/reW57fOGrHcAxapEI eOdCLI8MDvUVPVb5+dVVJL6WQXy6jbDAikkjbJuT8sSNaUpK8nkvPccVuI3mNVkg 8PExrLS2fnXqk3HtVWcXRd/TxoQNL454SZ9EXsjaRwqZvijDqpuwuwDmfg4EvWhY SYgzJCboRTnbJhzpaAt+z23IrdSLKdV5EvRtK6RPwjQkvu84Y+EJKiT8qdf11hQe sIzQQoi79k+sBuq8xn+JDRcSFbfjSIdU7erXDK9F2UchB9j7OXAtdqv3ChQN6Med LXfmuqfd+GUeuFYYaBMgKj5S5IFsTiBc3mitcj1ulstPy2MlRHI/KTX9h9R1OMI= =90/F -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: howto secure older keys after the recent attacks
Faramir wrote: > I remember an example from one of the Bruce Schneier book, where 2 > people (Alice and Bob, of course) wanted to get a random bit. They > thought about each one flipping a coin, and then mixing the results. [puts on his voting security hat] This is part of some voting protocols. Let's say you have two candidates who tie in an election. Each candidate sends their own representative to the election with a ten-sided die (you can find these in any hobby store). The election commissioner collects the dice, then distributes them out randomly to the representatives. Everyone throws the dice and the numbers are added up together modulo 10. If it comes up 0 through 4, candidate A wins the election; if it comes up 5 through 9, candidate B wins the election. Thanks to the magic of random distributions and modulo math, as long as there's one fair die in the system, the entire system is fair. Anyway. This is apropos of nothing except to show you that such schemes really are used in the real world. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Quick advice about FAQ 4.14
Hi, I would like to point a quick advice related to FAQ 4.14 available at the GNUpg website url: http://www.gnupg.org/documentation/faqs.en.html#q4.14 section: How can I use GnuPG in an automated environment? I believe that the points 4,5 and 6 should be reviewed and maybe correct to reflect the real procedure. Several posts on this mailing list have already pointed out the necessity to rename the secring.auto in secring.pgp or to use the option --secret-keyring secring.auto. I can list one of them. http://lists.gnupg.org/pipermail/gnupg-users/2001-October/010397.html Thank you, Oscar Cassetti. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: howto secure older keys after the recent attacks
Faramir wrote: > I remember an example from one of the Bruce Schneier book, where 2 > people (Alice and Bob, of course) wanted to get a random bit. They > thought about each one flipping a coin, and then mixing the results. [puts on his voting security hat] This is part of some voting protocols. Let's say you have two candidates who tie in an election. Each candidate sends their own representative to the election with a ten-sided die (you can find these in any hobby store). The election commissioner collects the dice, then distributes them out randomly to the representatives. Everyone throws the dice and the numbers are added up together modulo 10. If it comes up 0 through 4, candidate A wins the election; if it comes up 5 through 9, candidate B wins the election. Thanks to the magic of random distributions and modulo math, as long as there's one fair die in the system, the entire system is fair. Anyway. This is apropos of nothing except to show you that such schemes really are used in the real world. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
