Old PC as Hardware Security Module?
bahamut at digital-signal.net
Mon May 14 16:32:10 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Robert J. Hansen wrote:
>> I've been considering getting an OpenPGP Card, but there are
>> three reasons I'm reluctant to. The main one is that I want
>> something that will only do one signature or decryption at a
>> time. That way if my machine is compromised, I'll only suffer one
>> hit before I'll notice something's wrong.
> The OpenPGP card actually gives you a substantial advantage in this
> Let's say that you're running GnuPG on a PC and I'm able to subvert
> the box. I put in a keylogger and snarf your passphrase. I also
> copy your private keyring and mailspool off the box. I can now
> read your mail without ever touching it, except to copy a couple of
> files and install a small app. You're none the wiser.
> Compare this to an OpenPGP card, where I have to find you in a dark
> alley and have a conversation with your kneecaps to get your card
> and PIN. You will most probably know that something has happened
> to you.
If you have enough physical access and time to compromise a Linux box,
install a stealthy keylogger and then harvest the logs at a later
time, all without being caught, I think you can snoop around and find
the card and compromise it. Then again, I don't see how you would have
access to the mail if you get the card and its PIN, even if you don't
get caught, without access to either box or the mailserver of the
email provider assigned to your victim (and in the case of the latter,
you'd only likely have access to new mails anyway).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users