More secure than smartcard or cryptostick against remote attacks?

refreshing at refreshing at
Thu Feb 7 11:16:06 CET 2013

> Am Mi 06.02.2013, 10:28:13 schrieb Peter Lebbing:
>> Can you explain (broadly) how one would compromise the signature/the
>> device
>> that you sign with?
> That seems easy to me: Except for small amounts (secure device's display
> capacity) of very simple data (plain text) you have the problem that the
> PC
> which you need to create (and view) the data to be signed sends a blob to
> the
> secure device which is opaque to you.
> The problem is not to forge a signature but the difficulty to force that
> only
> data with checked integrity gets signed. How are you going to do that with
> a
> PDF?

Text only is all I need.

More information about the Gnupg-users mailing list