More secure than smartcard or cryptostick against remote attacks?

Peter Lebbing peter at digitalbrains.com
Wed Feb 6 13:18:00 CET 2013 

On 06/02/13 11:37, Hauke Laging wrote:
> That seems easy to me: Except for small amounts (secure device's display 
> capacity) of very simple data (plain text) [...]

Seems to me to be enough to do what OP requested: signing e-mails he/she wrote.

It indeed seems easy to me that this won't work for binary data, I left that
implied. A solution that works for signing e-mails sounds like a viable
solution. Just like the USB device the OP linked to only works for signing an
electronic bank transfer.

Obviously you shouldn't use the same signing key for other duties because those
other duties open up different methods to get an e-mail falsely signed. Still,
not a deal breaker.

I'm not suggesting anybody build this solution. I'm arguing on the technical
merits, not the economical ones. Robert suggested it is impossible or close to
that. I don't see it that way, but maybe I'm missing some interesting attack
vector. And that would be interesting to hear.

> How are you going to do that with a PDF?

You're not going to achieve that.

> The only possibility I see is that the secure device shows you the hash of 
> the data to be signed.

I don't see how that would work. Or, put differently, how that would work any
better than transferring the file to a secured system.  Because I can't
calculate the hash easily using pen and paper, I really need to be seeing
something other than the hash before I can be sure it's the data I wanted to
sign. Even if hashes could be calculated by pen and paper, it seems like it's an
unworkable solution. You would also need to be able to interpret all the binary
data you're calculating the hash over, or else you still don't know what you're
signing. The PDF could contain a vector image that renders to text saying I owe
you € 1000. I would need to be able to create that vector image in my head
before I can interpret the binary data that represents it. This just gets more
insane the more you think about it.

But it is really /way/ out of the scope of signing your e-mails.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list