Werner, What set would you recommend for us Linux types (Fedora 20 in my case) ?
Thanks, Bob Cavanaugh -----Original Message----- From: Gnupg-users [mailto:[email protected]] On Behalf Of Werner Koch Sent: Friday, January 23, 2015 12:32 PM To: Felix E. Klee Cc: [email protected]; Faramir Subject: Re: Talking about Cryptodevices... which one? On Fri, 23 Jan 2015 12:19, [email protected] said: > * There will be a new batch of cards, with the same functionality but > updated print: On the back of the current cards, it says “RSA with > up to 3072 bit” when in fact the cards support up to 4096 bit. The code for the card and the specs will also have some minor updates. This has been done mostly on requests from the Nitrokey (aka CryptoStick) folks. Nothing to worry about. Achim already send me the specs and I will put them online soon. > As for the reader, I got a Reiner SCT cyberJack RFID standard. The RFID If you do not use Windows I would strongly advise against Rainer products. I never achieved to make them work for me, requests for technical support were never answered, all requests for a sample were rejected or they quoted unacceptable prices. Further, the Cyberjack readers run a lot of code not necessary for accessing the card and the firmware can easily be updated from the host (if you know how to do that). Granted, other vendors also have easy changeable firmware but their microcontrollers are smaller and writing malware for them is harder. I won't trust such devices - we don't know whether the BND has an agreement with them not to fix exploitable bugs so to allow them inserting code to track PINs. Time to build our own pinpad equipped reader? > * Decryption of a 30 kB file takes one or two seconds. The size of the file does not matter. The card only sees the public key encrypted session key. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
