Smartcard Support, open system security, law,( certificate sig removed)

Werner Koch
Thu Aug 21 17:52:04 2003

On Thu, 21 Aug 2003 16:56:10 +0200, thomas schorpp said:

> im against and dont like using smartcards due to certain security flaws with
> its whole system:

It has been said at least 42 times: What constitutes a security flaw
depends on your threat model.  So before you talk about it, define
your threat model.

> - it makes no sense to protect and provide electronic signatures with
> strong algorithms and then using weak smartcard pins of 4-6 decimal digits,
> this would be the way of the german signature law (SigG) and its well known
> providers regtp (the old bundespost), bmi, tuvit, d-trust...

The PIN is simply a countermeasure to increase the time window you
have to relalise that your card has been stolen/abused, to create a
revocation and distribute that.  That's all a PIN is good for.
Similar for GnuPG's passphrase.  Nobody expects any strong security in
a PIN.

> - the cards and its commercial systems will be hacked, loosed,
> pin-compromised faster than you think.

Please define commercial system - I guess you mean proprietary system.

All what you describe above constitutes local attacks requiring
physical access to the card or reader.  There is not much one can do
about it except for plain old phsical security diligence.

A smartcard protects very well against any remote key compromise
attack.  It can't protect you from malicious software on the host,

> - the reasonable use of smartcards to protect data requires protecting the
> pin in a encrypted file using a strong passphrase in brain only and never to

This won't help.  The box you are using to keep the encrypted file may
already run malicious software.

> for such a project we need not only open software, we would need OPEN
> HARDWARE systems of intelligent mobile devices (a stupid smartcard or
> usb-stick isnt that way), too.

I don't know what you mean by open hardware?  Hardware is entirely
different from software because you can't build it at home from a
piece of silicon and copying is is not of near-zero cost.  Of course,
I'd like to see free designs of chips, so that you can take the design
to any fab and have them produce N of those chips.  This is an
expensive task and those chips won't be as cheap as we are used to -
getting the critical mass to make the production cheaper is far harder
than with software.

For many application domains a smartcard is a thing you want to
have. For example: The key I use to sign GnuPG is on some box which is
somehow connected to the net and thus this key is a possible target
for an attack.  I would feel much safer with that key on a smartcard
with an integrated signature counter and only used in the few seconds
every once in a while while signing a package.  Then, it will be much
harder to trick my box into signing something without my attention.
Well, there is still the question whether the right thing has been
signed but a malicious signature will be detected very shortly after
it.  The real problem is how to assure that the source has not been
tampered with - I review the diffs before a stable release - but that
is a boring task and prone to errors.  Hopefully others are watching
the code too.

> besides, our open sytems should include the ability to handle the TWO
> personals needs of a todays electronic individual or organisation (juristic
> persons): we need 2 personal signature/encryption keys/certificates, one

The OpenPGP smartcard comes with thre keys: Signing (useful digital
signatures), encryption and authentication (ssh, pam).

> microsoft will lead in the future. gnupg is therefor funded in part by the
> german ministry of economics to adopt later in civil "government"(?). so

[ It is a long long time ago that we received some funds.  The
  development is for ~95% done without any financial support.  You can
  change this of course, see for example: ]



Werner Koch                                      <>
The GnuPG Experts                      
Free Software Foundation Europe