Old PC as Hardware Security Module?

Mon May 14 16:15:10 CEST 2007

Werner Koch wrote:
> On Mon, 14 May 2007 10:44, groups at caseyljones.net said:
>> something's wrong. Can the OpenPGP Card be set to do one operation per 
>> pin entry when used with a card reader that has a keypad? This seems 
> 
> Yes, use the command "forcesig" in the --card-edit menu to toggle this
> feature.  However it does not help you if the host has been compromised
> and the admin PIN is know.  You can always bypass the requirement to use
> the keypad.  With some social engineering this make it easy to get
> control over the card.

That sounds great. If I understand correctly, you rarely need to use the 
admin PIN, so it would be unlikely to be compromised. For example you 
could use the admin pin only after booting from a CD.

  >> not in use, so that if my device falls into the wrong hands, I won't
>> have to worry too much. Does the OpenPGP Card encrypt the keys while 
>> stored on the card?
> 
> No, that does not make sense - the standard security features of the
> chip are employed to make probing the chip difficult and expensive.

Why doesn't it make sense? The chip's security features make it fairly 
secure. But having the keys encrypted on the card would make it highly 
secure. As long as the passphrase hadn't been captured, like after being 
lost, stolen, or confiscated.

>> Also, the OpenPGP Card appears to be from a german organization, like 
> 
> That is not correct.  I have developed the specs along with Achim Peitig
> of a Paderborn card vendor.  Achim wrote the implementation.  It was
> done all on our own money and for our fun.  Only later the BSI (The
> German federal IT security agency) mentioned this card as a good example
> of a usable smart card without vendor lock in.

Can the person who loads the software onto the cards be given orders by 
the German court?

>> the one that developed the Java Anonymous Proxy, and was forced by the 
>> german government to back door the software. Does the german government 
> 
> JAP has not been backdoored but the organisations running a JAP server
> have the ability to log the IP addresses.

OK, not backdoored, just compromised.

> The case you have in mind is
> that the lists of IP addresses have been handed over to the prosecution
> authorities.  IIRC, they have not been forced to do this but did this
> voluntary.

According to this article
http://www.theregister.co.uk/2003/08/21/net_anonymity_service_backdoored/
it was mandated by the courts.

     ...the JAP team replied to the thread, admitting
      that there is now a "crime detection function" in
      the system mandated by the courts. But they
      defended their decision:

     "What was the alternative? Shutting down the
      service? The security apparatchiks would have
      appreciated that - anonymity in the Internet
      and especially AN.ON are a thorn in their
      side anyway."

> That is basically the same as with a TOR server: It is
> possible to log things to help the prosecution but no sane person wouild
> do this.

Are the authors of the Java Anonymous Proxy not sane? If they would do 
it, why not ZeitControl?

> My company is running a heavy loaded exit node
> (allium.gnupg.org) and we get about one request a fortnight to tell the
> IP address.  Obviously we don't do that and usually a few minutes talk
> is today sufficient to explain them that this is an anoymizer server and
> that there is no chance to get to the IP address of the previous node.

What will you do if the court orders you to turn on logging, hand over 
the logs, and keep it secret?