Increasing Public Key Crypto Security with Handhelds

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Nov 28 09:19:31 CET 1999 

Brian Ristuccia <brianr at osiris.978.org> writes:

>On Sun, Nov 28, 1999 at 08:13:52AM +1300, Peter Gutmann wrote:
>>The easiest way to handle this would be to take gpkcs11,
>>http://www.trustcenter.de/html/Produkte/TC_PKCS11/1494.htm, and port it to the
>>Palm Pilot so it can act as a PKCS #11 token.  For handling the other side of
>>things, I hope to release my general-purpose PKCS #11 interface code before the
>>end of the year, this has been tested with a wide variety of tokens including
>>smart cards, iButtons, crypto hardware, datakeys, and other bits and pieces,
>>so you could use that to talk to the Palm Pilot.

>Would such an arrangement allow for a partial display of the encrypted
>document before the session key is released to the PC? Would it offer the
>display of a document summary before signing in a way that said document
>summary would invalidate the signature if it was not actually a subset of the
>document being signed?
>
>Otherwise, a compromised PC could trick the user into using their handheld to
>decrypt or sign arbitrary documents.

This is a fairly common response to a security system of this type: "It's a
nice system, but it won't stop Men in Black from hitting you with a stun ray
just after you type in your password and stealing your secret key, therefore
it's no good".  What you asked for originally was a means of protecting a
secret key.  A PKCS #11 token gives you that (along with a general-purpose
interface which will talk to a wide range of security software).  What it won't
give you is a complete secure message processing and display environment, both
because the programming interface can't handle it and because (when implemented
on a Palm Pilot) the hardware isn't up to it (encrypting, say, a 1MB Word 
document sent over an IR link to a slow CPU and sending the result back isn't 
going to be quick, there's no way you can display the text because the Palm 
doesn't run Word, and if it did you'd be vulnerable to an infinite array of 
macro viruses and other problems).

What you're asking for now is a solution to a completely different problem
which requires a lot more work:

- What's a "partial display of the decrypted document"?  What if it's non-ASCII
  text?  What sort of display is meaningful?
- What's a "document summary"?  How do you generate it?  How do you tie it to
  the document?  What data formats are used to encode it?  How is its validity
  checked?

Whoever can solve those problems, in something selling for less than about $50,
probably stands to make a lot of money.

Peter.

More information about the Gnupg-devel mailing list