Re: How secure are smartcards?
Whoops, typo: On Sat, Aug 6, 2011 at 12:46, Richard wrote: > would it be sensible to encrypt the key on the memory card key using > the encryption key stored on both smartcards? was meant to read: > would it be sensible to encrypt the key on the memory card using > the encryption key stored on both smartcards? ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
Hello, On Mon, Jul 25, 2011 at 12:05, Olav Seyfarth wrote: > I did so but unfortunately my (old) card broke. So I was busted. To avoid that > in the future, I now generated my new key for usage in the card on an offline > system (e.g. Live-CD in RAM disk) and copied it on an old small memony card > (to > allow to easily decrypt by importing the whole key to my keyring after > revoking > it) which I encrypted differently and physically locked securely. I imported > the key to 2 SmartCards while also locking one away as easy backup and another > one for daily use. After shutting down the offline system, only the one card > is > used with computers connected to the net. If this one is lost or stolen, I'd > revoke the key (with a rev cert that I also generated separately). would it be sensible to encrypt the key on the memory card key using the encryption key stored on both smartcards? If one smartcard breaks, you could still decrypt the key using the other card. And since the secret key for decryption cannot leave the cards, it would be a pretty secure solution, I guess. :) Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Fri, 29 Jul 2011 11:58, rich...@r-selected.de said: > 100.000 as a one-time investment for breaking into an unlimited number > of OpenPGP smart cards? If I were a government, I would definitely buy Whatever the number is, it is for each break and you have only a certain probability so successfully read out the key. That is why I wrote "unless a master key scheme is used" - something which is stupid for almost all systems. And well, you need to get your hands on the card first. > Hence, one has to assume it's safer to use encrypted harddrives for > key storage than a smartcard if one wants to protect their data from Nope. It is is easy to write a trojan to send the passphrase key back to an attacker or store it somewhere on the box (e.g. RTC chip, battery charging logic) so you can use it once you get physical control over the box. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Fri, Jul 29, 2011 at 02:05, Crypto Stick wrote: > For a state-of-the-art smart card like the OpenPGP Card 2, I > guess the price tag would be around 100.000 Euros 100.000 as a one-time investment for breaking into an unlimited number of OpenPGP smart cards? If I were a government, I would definitely buy such a machinery... While at the same time, German authorities fail to break GnuPG's encryption for private keys, given a dictionary attack doesn't work out. (See http://annalist.noblogs.org/post/2009/01/04/bka-ratespielchen-rund-um-gnupg/ -- but it's written in German). Hence, one has to assume it's safer to use encrypted harddrives for key storage than a smartcard if one wants to protect their data from German authorities, I guess. Richard ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On 29/07/2011 06:03, Jay Litwyn wrote: >> The beauty is that this protection can be provided without the >> burden for the user to remember a long passphrase, since this is not >> required to encrypt the keys. > > You could use random symmetric encryption keys and encrypt them with a > short passphrase: Decryption would be two steps. Or, you could disable > the command for exporting a private key; import only. Iz GPG in ROM on > this card, then? The point of these smartcards is that once you write a key to them, it can't be read off. When you want to decrypt or sign some data, GPG sends the data to the smartcard, which does the cryptographic operations it's self, on the card, and then sends the result back. So even if your machine becomes infected by a trojan and has a keylogger installed, the attacker *still* can't get your key. The problem is, even though you can't read the key off using the smartcard interface, if you have the correct machinery, you can potentially physically read the key directly off the chipset. My suggestion is that it would be better if the key is encrypted whilst it sits on the card, using the pin that is needed to talk to it. Then even a physical attack would be impossible (assuming a long/secure pin). -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On 29/07/2011 02:45, Jerome Baum wrote: >> The very purpose of smartcards is to keep secret keys confidential and >> secure. This is achieved by physical protection, different layers, >> puzzling structure etc. This makes it very, very difficult to extract >> the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I >> guess the price tag would be around 100.000 Euros. > > Any data on that? > > (and before you say it, I know you said "guess" and my question was > more rhetorical) This is where my confidence fades a little. If the key is on my laptop, as long as my laptop hasn't been compromised, the key is secured by math. If it's on a smartcard, I have to trust that when people tell me it's prohibitively expensive, that they are right and up to date, and then I also have to trust that my adversary doesn't have the money/inclination to do it. I'd *expect* lots of organisations to have worked on processes to quickly and "cheaply" pull PGP keys off various brands of smart card, just in case they need to. And I'd expect many of them to not publish their results. >> The beauty is that this protection can be provided without the burden >> for the user to remember a long passphrase, since this is not required >> to encrypt the keys. > > Agree that it's nice, but I don't think that was the intention behind > smart cards. The problem with not encrypting the keys is that a > read-out is possible -- if the keys are encrypted, the read-out > becomes a tad more difficult, depending on the length of the PIN. There is another attack vector here. If someone observes me entering my pin, they can obtain my smart card at a later date and use it to decrypt my files. I am thinking of hard coding *part* of my pin into gpg on my primary system, so I can only be observed typing in part of the pin. Every little helps. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- On 2011-07-28 6:05 PM, Crypto Stick wrote: >> At the moment, my secret key is stored on my hard drive and is >> encrypted by a long passphrase. When I transfer my subkeys to the >> smartcard, will they actually be encrypted whilst they're on >> there? > > The very purpose of smartcards is to keep secret keys confidential > and secure. This is achieved by physical protection, different > layers, puzzling structure etc. This makes it very, very difficult to > extract the keys. For a state-of-the-art smart card like the OpenPGP > Card 2, I guess the price tag would be around 100.000 Euros. > > The beauty is that this protection can be provided without the > burden for the user to remember a long passphrase, since this is not > required to encrypt the keys. You could use random symmetric encryption keys and encrypt them with a short passphrase: Decryption would be two steps. Or, you could disable the command for exporting a private key; import only. Iz GPG in ROM on this card, then? ___ Xerox and Wurlitzer will merj to market reproductive organs. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjI/Eh47apzXdID2AQGM4wP7BD/N5ki544ekkJGuu20qYpqjJhdKmNn2 tQqxY0JYH82SnevQOrRPNfOI+pqM2EuemppItfYbuAG0iI2KqE/aa2Ax/wUL++EA QLy3xuKU8VzxXrSyBm1hqr0FgbA29uxSp/CwHE+TNdgVDEn6aqmq5lZdn+OSqfpR FXIXoYC/0Dc= =icAi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
> The very purpose of smartcards is to keep secret keys confidential and > secure. This is achieved by physical protection, different layers, > puzzling structure etc. This makes it very, very difficult to extract > the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I > guess the price tag would be around 100.000 Euros. Any data on that? (and before you say it, I know you said "guess" and my question was more rhetorical) > The beauty is that this protection can be provided without the burden > for the user to remember a long passphrase, since this is not required > to encrypt the keys. Agree that it's nice, but I don't think that was the intention behind smart cards. The problem with not encrypting the keys is that a read-out is possible -- if the keys are encrypted, the read-out becomes a tad more difficult, depending on the length of the PIN. -- Jerome Baum Hessenweg 222 48432 Rheine GERMANY tel +49-1578-8434336 email jer...@jeromebaum.com web www.jeromebaum.com -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA -- Q: Why is this email five sentences or less? A: http://five.sentenc.es ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
> At the moment, my secret key is stored on my hard drive and is encrypted > by a long passphrase. When I transfer my subkeys to the smartcard, will > they actually be encrypted whilst they're on there? The very purpose of smartcards is to keep secret keys confidential and secure. This is achieved by physical protection, different layers, puzzling structure etc. This makes it very, very difficult to extract the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I guess the price tag would be around 100.000 Euros. The beauty is that this protection can be provided without the burden for the user to remember a long passphrase, since this is not required to encrypt the keys. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- In my entry on a related thread, I was thinking that one of the simpler ways to foil attacks on bank cards would be to make a smart card play dumb and accept any old pin (symmetric encryption key for a private key). That would (almost) force attackers to communicate with a bank on every trial, except there *might* be a way for attackers to get the public key for a pair off a card. Since attackers can't read the private key (at least not without frying or bridging key bits), they can't tell that it iz no longer based upon probable primes. The bank would come up with "no such ID", or "BAD signature", and they might be watching for a lot of noise like that. Now, I am thinking that for a card to reveal its public key more than once might actually be a weakness, however interoperable. A bank card does only hav to communicate with one other entity, so I am not sure that this can't be done with symmetric keys throughout. The other way iz to introduce increasing delays for bad PINs. I like my first impulse better, though, forcing attackers to actually use a badly decrypted private key to communicate with a bank. ___ That boy so horny, even the Crack of Dawn ain't safe! -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: http://ecn.ab.ca/~brewhaha/gpg/Keyprint_Biometric.mp3.pgp Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBTjFBYx47apzXdID2AQFP8wP/eT5sYDOjdgVRbuHOdbc8JkJ/1wG/d6nQ oW1SvdtXQjTnVDNEpcLop11ibTVqiCkddQTWXazso9B1CPwPAGIA+z6ipfFCYCBm DGp09oEZw9BO52Qhb09GwL+ykXxlgHUcx70rTNDlXM/GlusodQEPbkyFCQ+Dow3p +YffVJbfyyU= =Rs2c -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Tue, 26 Jul 2011 18:07, j-...@ottosson.nu said: > Even worse though, as I recall from the time when I worked with IBM crypto > processors like 4758 etc, a lot of the people inside the (somewhat introvert) > banking community working with security, had no clue and actually believed > that Part of the problem was that many developers over there had an RPG and COBOL background and were forced to write security software based on a lower system layer they didn't really understood. > as long as there is no bugs in the on-board OS.. If however it gets stolen by > skilled advisaries, one should regard the keys as compromised, generate > revocation certificates and new keys. [As usually it depends on your threat model.] If there is enough money to gain from breaking a card someone will do it. See the French 384 bit RSA cards or master key systems like (old) pay TV cards. With modern personalized cards you can't get enough in return for an individual card break and thus it is easier to use much simpler techniques like faked cameras and keyboards or pinhole cameras. That can be done in batch mode for many cards and it is easy to retrain non-geeky crooks to help setting up such a mafia business. Of course I am talking about mass-market smartcards and not about specialized security systems. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On 25 Jul 2011 at 20:12, Werner Koch wrote: > For the v1 card you may want to have a look at the flylogic.net blog; they > have lots of entries about different chips. There is no specific entry > about the v1 card iirc, but I once sent them a few cards and they told me > it would be easy to read it out using their equipment. > > For a general overview on the grade of tamper resistance you may want to > start at http://www.cl.cam.ac.uk/research/security/tamper/ . This subject is interesting and important, there have been deliberate attempts for many years to not tell the whole truth to the public about the security of "smart cards", be they financial type of cards or other. The public is only being told they are "totally secure" and also other info about the (in)security of associated systems are being withheld from the public or actively lied about. Even worse though, as I recall from the time when I worked with IBM crypto processors like 4758 etc, a lot of the people inside the (somewhat introvert) banking community working with security, had no clue and actually believed that DESX was unbreakable and that the PIN system couldn't be tricked or broken and a lot of other things that were not necessarily true. I remember reading Ross Anderson's comments on sci.crypt during the Citibank trials in UK with great interest and remember to this day a quote from him saying something about banking security people digging holes on the subject about PIN security - I found it insanely accurate and dead on, having my own experiences to compare with. I also remember when I organized a live TEMPEST lab session with a swedish military hw supplier, the IT people attending didn't even know what the phenomenon was about.. In the late 1990' there were academic reports being classified as secret in Sweden, that proved a great number of smart cards to be insecure. A number of those were swedish military graded equipment and hence government organizations like FMV (Swedish Defence Materiel Administration) and MUST (Swedish Military Intelligence and Security Service) quickly withdraw the papers from the open market. Only a handful of people outside the military have read those papers I'm told. Today I guess that there's nothing in those papers that the Cambridge people haven't covered..(?) I think that as long as you're in possession of the card the content is safe from any reasonable types of threats imposed by logical access from malware etc, as long as there is no bugs in the on-board OS.. If however it gets stolen by skilled advisaries, one should regard the keys as compromised, generate revocation certificates and new keys. What constitutes skilled advisaries and the likelihood of being targeted by such an organization can always be discussed though. As I understand it after having spoken to some government/military security people in Sweden there is no chip design on the planet that cannot be broken today. And if this isn't enough then its back to random numbers and one time pads I guess. But then.. when is it random enough..? Needless to say though, we should still use smart cards, since it's better than the alternatives, I think. /J > > > > Shalom-Salam, > >Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
Depends where you keep the backup. (Excuse the top post -- Android) (Mobile/Handy) Am 26.07.2011 16:29 schrieb "Werner Koch" : On Tue, 26 Jul 2011 14:41, h...@qbs.com.pl said: > The key is also useful for decrypting past commun... Well, you should have a backup of the decryption key. It is cheaper to steal that backup than to crack the card. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _... ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Tue, 26 Jul 2011 14:41, h...@qbs.com.pl said: > The key is also useful for decrypting past communication... Well, you should have a backup of the decryption key. It is cheaper to steal that backup than to crack the card. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Monday 25 of July 2011 17:45:16 Werner Koch wrote: > As it is not > possible to secretly read out the key you will almost always have the > opportunity to revoke the key before a damage is possible. The key is also useful for decrypting past communication... Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Mon, 25 Jul 2011 19:18, gn...@lists.grepular.com said: > That is reassuring. Although, I'd be happier if I could find a technical > description of the feasibility of such an attack. But if one doesn't For the v1 card you may want to have a look at the flylogic.net blog; they have lots of entries about different chips. There is no specific entry about the v1 card iirc, but I once sent them a few cards and they told me it would be easy to read it out using their equipment. For a general overview on the grade of tamper resistance you may want to start at http://www.cl.cam.ac.uk/research/security/tamper/ . Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On 25/07/2011 16:45, Werner Koch wrote: >> adversary, and the key isn't encrypted on the smart card. Then they can >> just "read" it off, if they get hold of it. In that circumstance, you > > That might be true with the v1 card which used a pretty old chip. The > v2 card uses a modern chip and card OS and thus the effort to read off > the key wouldn't be worth what you will gain from it. That is reassuring. Although, I'd be happier if I could find a technical description of the feasibility of such an attack. But if one doesn't exist, it doesn't exist. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Mon, 25 Jul 2011 12:21, gn...@lists.grepular.com said: > adversary, and the key isn't encrypted on the smart card. Then they can > just "read" it off, if they get hold of it. In that circumstance, you That might be true with the v1 card which used a pretty old chip. The v2 card uses a modern chip and card OS and thus the effort to read off the key wouldn't be worth what you will gain from it. As it is not possible to secretly read out the key you will almost always have the opportunity to revoke the key before a damage is possible. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hi Mike, > I just ordered an OpenPGP smartcard from Kernel Concepts as per > http://www.g10code.com/p-card.html Does anyone else have one of these? yes, I use these cards for several years now. This Email is signed by one. > At the moment, my secret key is stored on my hard drive and is encrypted by a > long passphrase. When I transfer my subkeys to the smartcard, will they > actually be encrypted whilst they're on there? The overall security of a crypto system often isn't defined by the strength of the crypto algo or the possibilities for a forensic analysis of the hardware. In that sense, it is less important how secure the card itself is (taken that as Hubert already stated the efforts that need to be taken to scratch info off the circuit is high opposed to other attack vectors) but how it is used. So I focus on another security aspect here: One key advantage of a card is that the private keys does not need to be accessible to the computer itself at any time if it is generated on-card. That way, you know for sure, that *only* you hold the private key as long as you physically own the card. The knowledge of "that no copy of it has been made" is important. I did so but unfortunately my (old) card broke. So I was busted. To avoid that in the future, I now generated my new key for usage in the card on an offline system (e.g. Live-CD in RAM disk) and copied it on an old small memony card (to allow to easily decrypt by importing the whole key to my keyring after revoking it) which I encrypted differently and physically locked securely. I imported the key to 2 SmartCards while also locking one away as easy backup and another one for daily use. After shutting down the offline system, only the one card is used with computers connected to the net. If this one is lost or stolen, I'd revoke the key (with a rev cert that I also generated separately). Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJOLT/KAAoJEKGX32tq4e9WV48L+gN6bLDexmqjL178/GVmHPH7 GYQ7Uh9/oDhEaVQLR5XNBG/KrunvvfksMYWu4uYhk7l6xJkknp/kk9kzrjLFrutS 36cexAUtvS/+wWrRAdEOqtliH2++G4msewfZHqeRK/yvH/Sy5oSP4HGxeeAtS/dZ cUjO7ah6ZVzQDw89qbju6dpz1yHmDGzxKjxD6QZ/EX+hz1plhVdxElTIIugQ3j9b 89rYeoNHB5nADZI+gfnGumELdHyFwHmXLW20dE/4RN2AjCTI0qOCq8hKCYM23sPD DiGI0s4bTCH6WcPI1sHGFf/Se4QFK2esiAYfCVEI+WeiTkYit0cgqkWRiSD0eDE6 6ptkgxxsxtOlUmizag/VdnzfC+Tw/P8FYAxJ5RzIK5CFJnpxerLURaHSfGee6CN4 DfUeTWl6KDl7/RVxm+MJhid2Z893WsZhXLHDsD++dJur7x/nSzOq8hslwdQ1/DNc QN+5y4oEMJ9yRipfEvaMioZsC0ebxF91BUIUIIe/ww== =H/Np -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On 25/07/2011 11:05, Olav Seyfarth wrote: >> I just ordered an OpenPGP smartcard from Kernel Concepts as per >> http://www.g10code.com/p-card.html Does anyone else have one of these? > > yes, I use these cards for several years now. This Email is signed by one. > >> At the moment, my secret key is stored on my hard drive and is encrypted by a >> long passphrase. When I transfer my subkeys to the smartcard, will they >> actually be encrypted whilst they're on there? > > The overall security of a crypto system often isn't defined by the strength of > the crypto algo or the possibilities for a forensic analysis of the hardware. > In that sense, it is less important how secure the card itself is (taken that > as Hubert already stated the efforts that need to be taken to scratch info off > the circuit is high opposed to other attack vectors) but how it is used. So I > focus on another security aspect here: > > One key advantage of a card is that the private keys does not need to be > accessible to the computer itself at any time if it is generated on-card. That > way, you know for sure, that *only* you hold the private key as long as you > physically own the card. The knowledge of "that no copy of it has been made" > is important. Yes, I agree that smartcards have several advantages. The major one being that if your laptop is compromised by a trojan or something, even if it has a keylogger installed, your keys can't be stolen. However, it is important to note that if you have a rich/powerful adversary, and the key isn't encrypted on the smart card. Then they can just "read" it off, if they get hold of it. In that circumstance, you *might* actually be more secure leaving the key on your laptop encrypted with a strong pass phrase. It's a judgement call. When I say a rich/powerful adversary, this could include industrial espionage as well as governments. Ideally the key would be encrypted on the smartcard. I haven't found anything specifying that this is the case, so I have to assume it's not. -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How secure are smartcards?
On Sunday 24 of July 2011 22:14:31 Mike Cardwell wrote: > Hi, > > I just ordered an OpenPGP smartcard from Kernel Concepts as per > http://www.g10code.com/p-card.html > > Does anyone else have one of these? > > At the moment, my secret key is stored on my hard drive and is encrypted > by a long passphrase. When I transfer my subkeys to the smartcard, will > they actually be encrypted whilst they're on there? > > I understand that you have to enter a PIN between 6 and 32 characters in > length in order to perform crypto operations on the card via the > smartcard interface, but I'm just wondering if somebody with sufficient > skills could read the data off the smartcard chipset by looking directly > at the circuitry? > > Are the keys on the smartcard perhaps encrypted with the access PIN? > That still wouldn't be perfect, definitely easier to bruteforce than a > long passphrase, but it would be better than nothing... It probably depends on the card's chipset. On the other hand, to connect to chipset memory bus to read it you'd need diamond saws, very good microscopes, lots of cards for trying out the methodology and lots of time to do it. The hardware alone is in the realm of tens of thousand of dollars. Not to mention that you have only one try at it... It's at the point that any real attacker would perform rubber hose cryptanalysis. Even before trying to break the card. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl smime.p7s Description: S/MIME cryptographic signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
How secure are smartcards?
Hi, I just ordered an OpenPGP smartcard from Kernel Concepts as per http://www.g10code.com/p-card.html Does anyone else have one of these? At the moment, my secret key is stored on my hard drive and is encrypted by a long passphrase. When I transfer my subkeys to the smartcard, will they actually be encrypted whilst they're on there? I understand that you have to enter a PIN between 6 and 32 characters in length in order to perform crypto operations on the card via the smartcard interface, but I'm just wondering if somebody with sufficient skills could read the data off the smartcard chipset by looking directly at the circuitry? Are the keys on the smartcard perhaps encrypted with the access PIN? That still wouldn't be perfect, definitely easier to bruteforce than a long passphrase, but it would be better than nothing... -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users