How secure are smartcards?

Jerome Baum jerome at jeromebaum.com
Fri Jul 29 03:45:17 CEST 2011


> The very purpose of smartcards is to keep secret keys confidential and
> secure. This is achieved by physical protection, different layers,
> puzzling structure etc. This makes it very, very difficult to extract
> the keys. For a state-of-the-art smart card like the OpenPGP Card 2, I
> guess the price tag would be around 100.000 Euros.

Any data on that?

(and before you say it, I know you said "guess" and my question was
more rhetorical)

> The beauty is that this protection can be provided without the burden
> for the user to remember a long passphrase, since this is not required
> to encrypt the keys.

Agree that it's nice, but I don't think that was the intention behind
smart cards. The problem with not encrypting the keys is that a
read-out is possible -- if the keys are encrypted, the read-out
becomes a tad more difficult, depending on the length of the PIN.

-- 
Jerome Baum

Hessenweg 222
48432 Rheine
GERMANY

tel +49-1578-8434336
email jerome at jeromebaum.com
web www.jeromebaum.com
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
--
Q: Why is this email five sentences or less?
A: http://five.sentenc.es



More information about the Gnupg-users mailing list