How secure are smartcards?
Richard
richard at r-selected.de
Sat Aug 6 12:46:52 CEST 2011
Hello,
On Mon, Jul 25, 2011 at 12:05, Olav Seyfarth <olav at enigmail.net> wrote:
> I did so but unfortunately my (old) card broke. So I was busted. To avoid that
> in the future, I now generated my new key for usage in the card on an offline
> system (e.g. Live-CD in RAM disk) and copied it on an old small memony card (to
> allow to easily decrypt by importing the whole key to my keyring after revoking
> it) which I encrypted differently and physically locked securely. I imported
> the key to 2 SmartCards while also locking one away as easy backup and another
> one for daily use. After shutting down the offline system, only the one card is
> used with computers connected to the net. If this one is lost or stolen, I'd
> revoke the key (with a rev cert that I also generated separately).
would it be sensible to encrypt the key on the memory card key using
the encryption key stored on both smartcards? If one smartcard breaks,
you could still decrypt the key using the other card. And since the
secret key for decryption cannot leave the cards, it would be a pretty
secure solution, I guess. :)
Richard
More information about the Gnupg-users
mailing list