OpenPGP smartcard restore

zvrba at globalnet.hr zvrba at globalnet.hr
Tue Jun 13 19:41:44 CEST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Tue, Jun 13, 2006 at 07:03:42PM +0200, markus reichelt wrote:
> 
> Sorry, that was heat-induced and shall read of course as follows:
> 
No need to apologize :)

>
> Essentially you're saying: a private key generated on/via a smartcard
> cannot be exported, so no backup of the private key in question is
> possible. Because if the private key(s) could be exported, import of
> the key(s) in question just works without problems.
>
Exactly. If you want a smart-card that allows both export and import,
then you don't have a problem. But this defeats the point of having a
smart-card (a virus can wait until you authorize yourself to the card
and unnoticed copy your private key to the attacker, for example).

>
> Bottom line, what's the use of importing to smartcards when no export
>
"Importing" means that you have an off-card key backup. If you don't
have an off-card key backup (to import to another smart-card in case of
theft or HW failure of the 1st card), *and* you've used that smart-card
for decryption purposes... well, tough luck!

>
> from smartcards is possible? In other words: Why is the export of
> plain smartcard private keys prohibited in the first place?
>
Security. This is the point of having a smart-card. Not even the owner
of the smart card knows the private key. You are _entitled_ to use it
to perform private key operations (if you know the PIN), but you don't
know the key itself.

For example, some digital signature laws require such level of security
(FIPS level 2 or better).

>
> Additionally, why is importing of off-card generated private keys
> allowed then? Where's the difference?
> 
Backup. The difference being that importing an off-card generated private key
may be "stolen" (either in transit to the smart card or from the disk) and
thus doesn't provide the level of security required for some purposes (eg.
non-repudiation digital signature).

IMHO, it's no great damage if you loose your signing key. Loosing your
decryption key is admittedly a problem that people think about usually
only when it's too late.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEjvjYFtofFpCIfhMRA3QRAJwMS5FFIFs3F70pEVu2qPaQRc85ZACeJOwS
tFCOWI5EscGStcPmu9e/dik=
=8lVR
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list