How do I make the private key on a OpenPGP smartcard non exportable ?

[NdK]

Il 24/06/2013 16:01, Josef Schneider ha scritto:

> Then you need a secure way to store the CA key. That is essentially
> exactly the same problem!
Nope. Throwaway CA!
> I mean you can put it on a card and allow export of the CA key only if
> the request is signed by a SuperSecureCA key...
There's no need to be able to export CA key. Actually the recommended
way of using it (to limit key export) is:
- generate CA key on card
- "sign" all the needed keys
- destroy it
The CA key shouldn't last for long. It's not an X.509 CA.

> But how do you control the export of the SuperSecureCA key?
Not needed at all. Neither SupeerSecureCA nor a key export control for
its non-existant key :)

> If you want a key backup, why not just create the key on a secure
> offline machine, copy it to a secure location (I print mine out using
> PaperBak) and then move it to the card on that secure offline machine?
> Works great!
First: I trust more the RNG on a card than a SW one
Second: maintaining an offline machine is not cheap (at least here in
Italy, you can't legally use a computer where there haven't been applied
security patches for more than 6 months)
Third: you have a potentially accessible copy of your key -- nothing
prevents your backup from being photocopied... Sure, it's encrypted but
bruteforcing it is possible, at least in theory, while the original is
apparently untouched. A smartcard would require physical possession of
the original for quite some time (IF you decide to keep the CA key).

What I suggest is something that "replaces" (being "a bit" more
versatile) an offline machine where you generate a key and store it to N
cards, then zap it.

BYtE,
 Diego.