Possible to combine smartcard PIN with key password?
adrelanos
adrelanos at riseup.net
Fri Dec 27 01:41:53 CET 2013
Peter Lebbing:
> The result is that the on-disk key again adds nothing,
> because an adversary that can physically access the smartcard can also
> physically access the computer.
The latter often requires breaking into a flat or an office. While
smartcards are carried around. Breaking into a a flat/office and
installing a hardware keylogger and/or miniature camera requires much
more criminal energy than theft/robbery of a smartcard.
That is also my point. If you enough capabilities to the adversary,
anything can be broken. I only believe, the combination of unique
security advantages, which both hardware protections by smartcards and
key encryption have, leads to a combination of these advantages and thus
defeats more adversaries than not having a combination of these security
features.
> Only if you can make it more difficult to access
> the computer than to access the smartcard, will the on-disk key add anything, I
> think.
Indeed. That's a necessary assumption I didn't write down.
>> Scenario #2
>> ###########
>
> This scenario doesn't involve additional security gained through two keys; it is
> simply the advantage of a smartcard over an on-disk key.
I believe I said that already. The Scenario #2 was only in the show that
it's worthwhile having the extra security features by smartcards.
More information about the Gnupg-users
mailing list