More secure than smartcard or cryptostick against remote attacks?

refreshing at tormail.org refreshing at tormail.org
Thu Feb 7 10:56:49 CET 2013 

> On 06/02/13 11:37, Hauke Laging wrote:
>> That seems easy to me: Except for small amounts (secure device's display
>> capacity) of very simple data (plain text) [...]
>
> Seems to me to be enough to do what OP requested: signing e-mails he/she
> wrote.

Yes.

> It indeed seems easy to me that this won't work for binary data, I left
> that
> implied. A solution that works for signing e-mails sounds like a viable
> solution. Just like the USB device the OP linked to only works for signing
> an
> electronic bank transfer.


Yes.

> Obviously you shouldn't use the same signing key for other duties because
> those
> other duties open up different methods to get an e-mail falsely signed.
> Still,
> not a deal breaker.

Yes.

> I'm not suggesting anybody build this solution. I'm arguing on the
> technical
> merits, not the economical ones. Robert suggested it is impossible or
> close to
> that. I don't see it that way, but maybe I'm missing some interesting
> attack
> vector. And that would be interesting to hear.
>
>> How are you going to do that with a PDF?

I didn't ask for.

> You're not going to achieve that.
>
>> The only possibility I see is that the secure device shows you the hash
>> of
>> the data to be signed.
>
> I don't see how that would work. Or, put differently, how that would work
> any
> better than transferring the file to a secured system.  Because I can't
> calculate the hash easily using pen and paper, I really need to be seeing
> something other than the hash before I can be sure it's the data I wanted
> to
> sign. Even if hashes could be calculated by pen and paper, it seems like
> it's an
> unworkable solution. You would also need to be able to interpret all the
> binary
> data you're calculating the hash over, or else you still don't know what
> you're
> signing. The PDF could contain a vector image that renders to text saying
> I owe
> you € 1000. I would need to be able to create that vector image in my
> head
> before I can interpret the binary data that represents it. This just gets
> more
> insane the more you think about it.
>
> But it is really /way/ out of the scope of signing your e-mails.
>
> Peter.
>
> --
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
>

More information about the Gnupg-users mailing list