OpenPGP Card source
wk at gnupg.org
Fri Mar 4 09:52:22 CET 2011
On Thu, 3 Mar 2011 20:44, david at systemoverlord.com said:
> I suppose this begs the question -- since the card has access to raw
> keys, how confident can we be that no back doors exist in the card?
However, we can't be confident about our general purpose CPUs either. A
few hundred gates out of hundred of millions should be enough to peep at
the code and leak key data. The damage done to the vendors in case such
a backdoor is found might be different to a backdoor found in a security
In my threat model the most likely attacks are exploitable vulnerability
in standard software. Creating such exploits is much cheaper and more
stealth than a backdoor in a mass market chip. A smartcard is a
reasonable protection against such exploits - at least you key will not
be compromised in case the host box has been compromised.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users