How do I make the private key on a OpenPGP smartcard non exportable ?
ndk.clanbo at gmail.com
Mon Jun 24 14:54:38 CEST 2013
Il 24/06/2013 10:15, Werner Koch ha scritto:
>> A smartcard could be useful anyway, at least as a "portable keyring"
>> (if it didn't need initialization on every machine...).
> A USB memory stick fulfills the same purpose.
Not really secure...
>> And key export could be controlled (like in MyPGPid card): private
>> keys can only leave the card encrypted under "certified" keys.
> There are several protocols for key migration from token to token.
I don't want to migrate (move) it. I want to replicate (copy) it, to
have one or more controlled backups.
> If you want to do your own, you should be aware of possible patent
I leave sw patents to others... And the system I'm going to use should
have enough "prior art" to render a patent useless.
> In any case it is a really complex task and not easy to get
> right - if at all.
The card hosts public key of a "export-authorizing" CA (well, it's not a
real CA, since it doesn't do certificates at all... but call it that way
When I send to the card an export command w/ a public key signed
encrypted by the CA's private key, the card answers with the private key
encrypted under the signed public key (thinking about requiring a
signature w/ private key of the requesting card).
Plain old RSA, layered.
>> BTW, for the really "paranoid", readers with an integrated pinpad are
>> available: the PC never sees the PIN, so no installed sw can spoof
>> it. (even if what I'd prefer is a card w/ both a pinpad and a
> Social engineering almost always work. And further, the display of
> your pinpad+display equipped reader does not show you what you are
> going to sign. Even further, there are several attacks on pinpad
> equipped readers - sure that your reader has not been bugged?
Well, a "paranoid" isn't paranoid enough unless he checks the pinpad
cannot be easily read from the PC. :)
I'm waiting for cards w/ integrated pinpad :)
More information about the Gnupg-users