openpgp card and basiccard RNG
Kostantinos Koukopoulos
koukopoulos at gmail.com
Mon Feb 3 14:33:17 CET 2014
Hello,
Aparrently the OpenPGP card is based on BasicCard [1] and from the
BasicCard FAQ [2] I read:
"For Enhanced BasicCards, the card has no hardware generator. The Enhanced
BasicCards contain a unique manufacturing number which cannot be read from
outside the card. The Rnd function uses this number to generate random
numbers which are different for each card.
For Professional and MultiApplication BasicCards, the random number is
generated by use of a hardware random number generator."
Does anybody know which version of BasicCard is used for the OpenPGP cards
distributed by KernelConcepts.de? If it is the Enhanced version, does the
use of a pseudorandom generator pose a security risk?
Cheers,
Konstantinos
1. http://www.basiccard.com/index.html?news.htm
2. http://www.basiccard.com/engfaq.htm
--
|/ |/ Konstantinos <koukopoulos at gmail.com>
|\ |\ Koukopoulos <http://kouk.surukle.me>
VSRE messages are welcome*, Thanks!
* for more information see: http://vsre.info
<http://vsre.info/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140203/8c944742/attachment.html>
More information about the Gnupg-users
mailing list