AW: Smartcard Support, open system security, law,( certificate sig removed)

thomas schorpp
Thu Aug 21 18:52:02 2003

Hash: RIPEMD160

> -----Ursprungliche Nachricht-----
> Von: []Im
> Auftrag von Werner Koch
> Gesendet: Donnerstag, 21. August 2003 17:55
> An:
> Cc:;
> Betreff: Re: Smartcard Support, open system security, law,( certificate
> sig removed)
> On Thu, 21 Aug 2003 16:56:10 +0200, thomas schorpp said:
> > im against and dont like using smartcards due to certain
> security flaws with
> > its whole system:
> It has been said at least 42 times: What constitutes a security flaw
> depends on your threat model.  So before you talk about it, define
> your threat model.

why? there are enough known side-channels to attack. take a good look at the
pay-tv, moneycard hacker scene...

> > - it makes no sense to protect and provide electronic signatures with
> > strong algorithms and then using weak smartcard pins of 4-6
> decimal digits,
> > this would be the way of the german signature law (SigG) and
> its well known
> > providers regtp (the old bundespost), bmi, tuvit, d-trust...
> The PIN is simply a countermeasure to increase the time window you
> have to relalise that your card has been stolen/abused, to create a
> revocation and distribute that.  That's all a PIN is good for.
> Similar for GnuPG's passphrase.  Nobody expects any strong security in
> a PIN.

no. i dont agree. the pin protects my electronic signature itsself in a
staged model.
if it would not be so, we could trash the whole thing.
this is the ec bankcard and creditcard problem.

> > - the cards and its commercial systems will be hacked, loosed,
> > pin-compromised faster than you think.
> Please define commercial system - I guess you mean proprietary system.
> All what you describe above constitutes local attacks requiring
> physical access to the card or reader.  There is not much one can do
> about it except for plain old phsical security diligence.

not a problem finding a lost smartcard if they spread next years.

> A smartcard protects very well against any remote key compromise
> attack.  It can't protect you from malicious software on the host,
> though.

no it wont, search the internet for well documented attacks, a open SW/HW
source box would be much stronger.
insulated debian (embedded) linux...?

> > - the reasonable use of smartcards to protect data requires
> protecting the
> > pin in a encrypted file using a strong passphrase in brain only
> and never to
> This won't help.  The box you are using to keep the encrypted file may
> already run malicious software.

the commercial sources YOU prefer to trust here would indeed! (NSAKeys,
a open SW/HW source box would be much stronger.
insulated debian (embedded) linux...?

> > for such a project we need not only open software, we would need OPEN
> > HARDWARE systems of intelligent mobile devices (a stupid smartcard or
> > usb-stick isnt that way), too.
> I don't know what you mean by open hardware?  Hardware is entirely
> different from software because you can't build it at home from a
> piece of silicon and copying is is not of near-zero cost.  Of course,
> I'd like to see free designs of chips, so that you can take the design
> to any fab and have them produce N of those chips.  This is an
> expensive task and those chips won't be as cheap as we are used to -
> getting the critical mass to make the production cheaper is far harder
> than with software.

i expect at least only devices with the most open specs more than just
mentioning ISO's to adopt here.

> For many application domains a smartcard is a thing you want to
> have. For example: The key I use to sign GnuPG is on some box which is
> somehow connected to the net and thus this key is a possible target
> for an attack.  I would feel much safer with that key on a smartcard
> with an integrated signature counter and only used in the few seconds
> every once in a while while signing a package.  Then, it will be much
> harder to trick my box into signing something without my attention.

a-ah, so-so :)) AND ONE WANT TO HAVE IT FROM YOUR INC G10, dont he/she?
all marketing bla-bla (vertrieblergewasch) :[
no, i wont trust this concept for the above mentioned reasons.

> Well, there is still the question whether the right thing has been
> signed but a malicious signature will be detected very shortly after
> it.  The real problem is how to assure that the source has not been
> tampered with - I review the diffs before a stable release - but that
> is a boring task and prone to errors.  Hopefully others are watching
> the code too.

hopefully some cryptanalysis guys and many (freedom of information) hackers.

> > besides, our open sytems should include the ability to handle the TWO
> > personals needs of a todays electronic individual or
> organisation (juristic
> > persons): we need 2 personal signature/encryption keys/certificates, one
> The OpenPGP smartcard comes with thre keys: Signing (useful digital
> signatures), encryption and authentication (ssh, pam).

you didnt understand. read again, please. we must include lawful signatures
in nearer future.

> > microsoft WOULD lead in the future. gnupg is therefor funded in
> part by the
> > german ministry of economics to adopt later in civil "government"(?). so
> [ It is a long long time ago that we received some funds.  The
>   development is for ~95% done without any financial support.  You can
>   change this of course, see for example:
> ]

i wont buy nothing :]


> Salam-Shalom,
>    Werner
> --
> Werner Koch                                      <>
> The GnuPG Experts                      
> Free Software Foundation Europe

Gnupg-users mailing list
Version: GnuPG v1.2.2 (MingW32) - WinPT 0.7.96