Questions about the use with GnuPG and SmartCards

Werner Koch wk at gnupg.org
Thu Oct 20 13:47:31 CEST 2005


On Thu, 20 Oct 2005 10:24:04 +0200, Christoph Anton Mitterer said:

> 1) Are there any security drawbacks when using smartcards compared with 
> the "normal" store key on disc procedure?

Depends on you needs.  In general a smart card is better than a
on-disk key.  Some people claim that the 1024 bit RSA keys on
smartcards is not secure anymore. There is however no evidence for
that claim.  Almost all attacks on crypto systems bypass the
cryptography and explot other weaknesses (aka bugs) of the system

Another drawback is that you can't look into the chip and it might
implement side channels to leak the key.  You have to trust the vendor
here.  As said, it all depends on your threat model.

> 2) Any knowledge if the Omnikey (www.omnikey.com) readers (especially 
> those from the RFID series) work together with Linux and GnuPG?

The Omnikey 2010 used to work, however libpcsc sometimes has problems
with it when generating keys.

> 3) Does GnuPG work only with special cards or is every smartcard or 
> contactless (RFID) card ok?

GnuPG 1.4 and thus the OpenPGP part does only work with cards
according to the OpenPGP card specs.  GnuPG 1.9 works with more cards
when used for S/MIME or ssh

> 4) Are there any restrictions, e.g. can the keys still be only 1024  
> large, can't I use Keys with Photo on the card, etc.
> Or does this solely depend on the memory of the card. If so, how much 
> have the biggest cards about?

We don't save attributes of the key on the card; there is just the key
and its fngerprint.  The attributes (user IDs and signatures) are
expected on an external medium.

> 5) Are there any, from a security point of view, differences between 
> readers and between cards?
> For exmple I know that some readers have integratet keypad for the PIN 
> entry.

It is often claimed that entering the PIN on an external keypad is
more secure than doing so on the regualar keyboard.  To some degree
this is correct.  However, it is trivial possible to ask the user to
enter the PIN for a signature and in fact have the software (through a
trojan) sign another file than the one the user things he is
signing. It just needs a very little bit of social engineering.

I worked yesterday on the keypad code but it turns out to be much more
work than I expected (need to implement an asynchronous pinentry
call).  Expect working code for the SPR532 by next week.


Salam-Shalom,

   Werner






More information about the Gnupg-users mailing list