How secure are smartcards?

Mike Cardwell gnupg at lists.grepular.com
Mon Jul 25 12:21:31 CEST 2011 

On 25/07/2011 11:05, Olav Seyfarth wrote:

>> I just ordered an OpenPGP smartcard from Kernel Concepts as per 
>> http://www.g10code.com/p-card.html Does anyone else have one of these?
> 
> yes, I use these cards for several years now. This Email is signed by one.
> 
>> At the moment, my secret key is stored on my hard drive and is encrypted by a
>> long passphrase. When I transfer my subkeys to the smartcard, will they
>> actually be encrypted whilst they're on there?
> 
> The overall security of a crypto system often isn't defined by the strength of
> the crypto algo or the possibilities for a forensic analysis of the hardware.
> In that sense, it is less important how secure the card itself is (taken that
> as Hubert already stated the efforts that need to be taken to scratch info off
> the circuit is high opposed to other attack vectors) but how it is used. So I
> focus on another security aspect here:
> 
> One key advantage of a card is that the private keys does not need to be
> accessible to the computer itself at any time if it is generated on-card. That
> way, you know for sure, that *only* you hold the private key as long as you
> physically own the card. The knowledge of "that no copy of it has been made"
> is important.

Yes, I agree that smartcards have several advantages. The major one
being that if your laptop is compromised by a trojan or something, even
if it has a keylogger installed, your keys can't be stolen.

However, it is important to note that if you have a rich/powerful
adversary, and the key isn't encrypted on the smart card. Then they can
just "read" it off, if they get hold of it. In that circumstance, you
*might* actually be more secure leaving the key on your laptop encrypted
with a strong pass phrase. It's a judgement call.

When I say a rich/powerful adversary, this could include industrial
espionage as well as governments.

Ideally the key would be encrypted on the smartcard. I haven't found
anything specifying that this is the case, so I have to assume it's not.

-- 
Mike Cardwell https://grepular.com/  https://twitter.com/mickeyc
Professional  http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu   0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110725/26777c9d/attachment.pgp>

More information about the Gnupg-users mailing list