On 11/01/2014, David Tomaschik <[email protected]> wrote: > On Sat, Jan 11, 2014 at 1:05 PM, Sam Kuper <[email protected]> wrote: >> On Jan 9, 2014 7:16 PM, "David Tomaschik" <[email protected]> >> wrote: >> > if the machine you are using for crypto operations is compromised, you >> have lost (at least for the operations conducted while it is compromised) >> >> Surely if you are >> signing with a key stored in an OpenPGP card being used via a >> pinpad-protected reader, then - because the malware will not learn the >> PIN - although the malware could potentially corrupt the message being >> signed (or prevent it from being sent, etc), it could not do so in >> such a way that a conscientious recipient already in possession of the >> corresponding public key would mistake a tampered message for a >> genuine signed message. > > Or replace the message with a message of its choosing? It just needs to > wait for you to want to do a legitimate signature, swap out the plaintext, > and then it has signed data.
Yes, as I said, it could tamper with the message. But if it does that, then when a recipient attempts to verify the signature, gpg --verify will give the message, "gpg: BAD signature". So, as I also said, a conscientious recipient will not mistake it for a genuine signed message. > Don't use sensitive keys on machines with malware? Well, ideally, yes... > (Yes, I realize proving > a machine is malware free is essentially impossible.) ... but in an acknowledgedly imperfect world, using an OpenPGP smart card with a trustworthy reader with a pinpad is the next best thing. > Agreed, I was just arguing why a smartcard without a PIN pad still offers > some level of additional security [compared to a passphrase protected key in > an ordinary or encrypted folder]. For the reasons I've given - and assuming that passphrases/PINs of adequate entropy/unpredictability are chosen in each case - I don't think it does. Perhaps we'll just have to agree to disagree. > You assume people choose good passphrases. While that may be true for > readers of this list, that is not true of the general population. You are right that my scope in this discussion has been the security-conscious. I suppose that the individuals in the set of "people who are not security-conscious enough to use adequate passphrases" might benefit from using an OpenGPG card and a reader without a pinpad, over using a key stored in an ordinary or encrypted folder. Unfortunately, I also suspect that the set of "people who know enough about OpenGPG cards to bother using one" has no intersection with the set of "people who are not security-conscious enough to use adequate passphrases". Again, perhaps I am wrong. But if I am not, then the use of OpenPGP cards with non-pinpad readers still makes no sense (at least, not to me). Kind regards, Sam _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
