AW: Smartcard Support, open system security, law,( certificate sig removed)

Werner Koch
Fri Aug 22 09:57:02 2003

On Thu, 21 Aug 2003 18:52:00 +0200, thomas schorpp said:

>> depends on your threat model.  So before you talk about it, define
>> your threat model.

> why? there are enough known side-channels to attack. take a good look at the
> pay-tv, moneycard hacker scene...

I was asking for the threat model.

The threat models of pay-tv cards and private smartcards are entirely
different. pay-tv cards contain a secret master key not to be
revevealed to anyone; your own smartcard contains your own key - why
would you want to crack the card then?

> no. i dont agree. the pin protects my electronic signature itsself in a
> staged model.


> this is the ec bankcard and creditcard problem.

Don't mixup our usual bankcards and smartcards - they are different.
Knowing the PIN without access to the physical card or an ATM does not
gain you anything.

> not a problem finding a lost smartcard if they spread next years.

That what revocations are used for.

> no it wont, search the internet for well documented attacks, a open SW/HW
> source box would be much stronger.

Please give me some hints on how you can remotely compromise a private
key stored on a properly implemented smartcard.

> the commercial sources YOU prefer to trust here would indeed! (NSAKeys,
> etc...)
> a open SW/HW source box would be much stronger.

Sorry, I don't understand what you are trying to tell me.

> i expect at least only devices with the most open specs more than just
> mentioning ISO's to adopt here.

Ah well, the OpenPGP smartcard specs will be published RSN and
available at the gnupg site.

> a-ah, so-so :)) AND ONE WANT TO HAVE IT FROM YOUR INC G10, dont he/she?
> all marketing bla-bla (vertrieblergewasch) :[
> no, i wont trust this concept for the above mentioned reasons.

What concept?  That we are adding smartcard support to GnuPG?  That we
will make it easy to buy smartcards?  That every vendor is free to
produce smartcards according to the specification?  I don't understand
whats wrong with that.  If you don't trust g10 Code (i.e. me) or PPC
Card, you are free to build cards yourself.

> you didnt understand. read again, please. we must include lawful signatures
> in nearer future.

I know the SigG and SigV very well - however we are not going to setup
the required organizational infrastructure.  We provide the technical



Werner Koch                                      <>
The GnuPG Experts                      
Free Software Foundation Europe