Why trust gpg4win?
pete at heypete.com
Sun Aug 25 10:28:47 CEST 2013
On Sat, Aug 24, 2013 at 11:14 PM, Jan <takethebus at gmx.de> wrote:
> It seems quite easy to advice people to have an offline windows PC with
> gpg4win on it and all their private stuff and a windows(?) online PC next to
> it. They could transfer encrypted messages with an USB stick from one PC to
> the other. I think this is a vector for an attacker, but how serious is this
It depends. For the average user not under any specific attack?
Probably not so serious. Even using PGP/GPG in the normal,
private-key-on-online-computer mode is almost certainly better than
not using it at all though one would need to be careful, just as one
would need to be careful with any sensitive communication.
For larger organizations or governments who may be under attack by
various adversaries? Probably more serious: look at Iran and Stuxnet
for an example of air-gap hopping malware that caused bad things to
happen (though not PGP-related).
The easiest and least-expensive solution to this situation is using
smartcards: http://g10code.com/p-card.html -- the private key is kept
securely on the smartcard. Any private-key operations (i.e. signing or
decrypting) are handled on-card and the private key is not accessible
to the computer. You could, of course, generate the key on an offline
computer and then transfer it to the smartcard and keep an offline
backup (that's what I do) rather than having the key generated
entirely on-card with no backup (which is an option).
More information about the Gnupg-users