How secure are smartcards?

Richard richard at r-selected.de
Fri Jul 29 11:58:17 CEST 2011


On Fri, Jul 29, 2011 at 02:05, Crypto Stick
<cryptostick at privacyfoundation.de> wrote:
> For a state-of-the-art smart card like the OpenPGP Card 2, I
> guess the price tag would be around 100.000 Euros

100.000 as a one-time investment for breaking into an unlimited number
of OpenPGP smart cards? If I were a government, I would definitely buy
such a machinery... While at the same time, German authorities fail to
break GnuPG's encryption for private keys, given a dictionary attack
doesn't work out. (See
http://annalist.noblogs.org/post/2009/01/04/bka-ratespielchen-rund-um-gnupg/
-- but it's written in German).

Hence, one has to assume it's safer to use encrypted harddrives for
key storage than a smartcard if one wants to protect their data from
German authorities, I guess.

    Richard



More information about the Gnupg-users mailing list