Secret key storage questionReply-To:
Arno Wagner
wagner at tik.ee.ethz.ch
Thu Jun 20 16:18:02 CEST 2002
> On Wed, Jun 19, 2002 at 12:54:35PM -0500, Bob Luckin wrote:
> > On Wed, Jun 19, 2002 at 01:38:50PM -0400, David Shaw wrote:
[...]
> > If it is on the card, and they can read the card, surely they would ?
> >
> > Even if not, they'd get every subsequent message sent via the computer until
> > the attack was discovered.
> >
> > Or am I missing something here ?
>
> Crypto smartcards don't just store the secret key - they in effect
> *are* the secret key.
Let's say, they are the computer the crypto-app is running on. The
PC is just sort of a remote terminal and does the symmetric crypto.
No proplem, as the PC sees plaintext and ciphertext anyway.
> They do all the crypto math on the card itself,
> so the host computer never sees the secret key. The host uploads the
> session key, the card encrypts/decrypts it, and returns the result.
Exactly.
One problem remains: How does the card get authorized to
encrypt/decrypt/sign something?
If the user enters a PIN into the PC, the PC could misuse the then-knowen
PIN as long as it has access to the card. There are solutons for
that, usually involving some direct interaction between card
and user. There could e.g. be a display in the card and the user has
to read some random number from it and type it into the PC
to authorize one transaction. Some smart-cards also have numeric
keyfield for PIN entry.
The poetential for misuse is then only once, and the user will
notice, as his request cannot be honored (the one crypto-op was spent
on the misuse).
Arno
--
Arno Wagner, Communication Systems Group, ETH Zuerich, wagner at tik.ee.ethz.ch
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
For every complex problem there is an answer that is clear, simple,
and wrong. -- H L Mencken
More information about the Gnupg-devel
mailing list