More secure than smartcard or cryptostick against remote attacks?

refreshing at refreshing at
Thu Feb 7 10:56:49 CET 2013

> On 06/02/13 11:37, Hauke Laging wrote:
>> That seems easy to me: Except for small amounts (secure device's display
>> capacity) of very simple data (plain text) [...]
> Seems to me to be enough to do what OP requested: signing e-mails he/she
> wrote.


> It indeed seems easy to me that this won't work for binary data, I left
> that
> implied. A solution that works for signing e-mails sounds like a viable
> solution. Just like the USB device the OP linked to only works for signing
> an
> electronic bank transfer.


> Obviously you shouldn't use the same signing key for other duties because
> those
> other duties open up different methods to get an e-mail falsely signed.
> Still,
> not a deal breaker.


> I'm not suggesting anybody build this solution. I'm arguing on the
> technical
> merits, not the economical ones. Robert suggested it is impossible or
> close to
> that. I don't see it that way, but maybe I'm missing some interesting
> attack
> vector. And that would be interesting to hear.
>> How are you going to do that with a PDF?

I didn't ask for.

> You're not going to achieve that.
>> The only possibility I see is that the secure device shows you the hash
>> of
>> the data to be signed.
> I don't see how that would work. Or, put differently, how that would work
> any
> better than transferring the file to a secured system.  Because I can't
> calculate the hash easily using pen and paper, I really need to be seeing
> something other than the hash before I can be sure it's the data I wanted
> to
> sign. Even if hashes could be calculated by pen and paper, it seems like
> it's an
> unworkable solution. You would also need to be able to interpret all the
> binary
> data you're calculating the hash over, or else you still don't know what
> you're
> signing. The PDF could contain a vector image that renders to text saying
> I owe
> you € 1000. I would need to be able to create that vector image in my
> head
> before I can interpret the binary data that represents it. This just gets
> more
> insane the more you think about it.
> But it is really /way/ out of the scope of signing your e-mails.
> Peter.
> --
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <>

More information about the Gnupg-users mailing list