private key protection

Peter Lebbing peter at
Tue Oct 18 15:07:38 CEST 2011

On 18/10/11 14:53, takethebus at wrote:
> I  read  a smartcard is simply a chip card. Why is it save, what's a
> PIN? Say I'm using it on a PC with a trojan in the background
> that logs my keystrokes (my password) and can send data (my key)
> via  internet  to  an attacker. How is access restricted to the key by
> the smartcard?

It's simply a chip card. Which means the same as: It's simply a computer. Only
small and not very powerful.

The key never leaves the smartcard. It does the decryption and signing instead
of your computer. Not of the whole file you decrypt or sign: in a hybrid
cryptosystem like GnuPG, the private key (on the smartcard) is only used to
decrypt or sign a very small piece of data.

If you decrypt a file, the only thing decrypted by your private key is the
"session key", which is a randomly generated key used to decrypt the actual file
with symmetric encryption.

If you sign a file, you sign a hash that is computed from the contents of the file.

So the actual data transfer between PC and smartcard is small.

If someone sniffs your PIN, and has trojaned or rooted your computer, he could
use your smartcard while it is still plugged in to your computer, just like you
are using your smartcard.

But he wouldn't have your raw secret key material and use it without also having
access to the smartcard.

> Since  the PC is "isolated" from the net, I don't need to be afraid of
> software    keyloggers,    trojans   etc.   I'm   only  fulnerable  to
> physical/hardware attacks  which  are  easier  to  notice for a person
> who's no computer expert.

A capable enough hacker might infect the USB pendrive while it is in your
internet-connected PC and that way still gain access to the non-connected system.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at

More information about the Gnupg-users mailing list