Subject: openpgp card and basiccard RNG

Peter Lebbing peter at digitalbrains.com
Thu Feb 13 19:08:51 CET 2014


On 2014-02-13 15:45, Hauke Laging wrote:
> How do you want to create a key on the card without an RNG?

What in fact happens is that the key is generated on the PC, and it is 
both sent to the card using the same mechanism as 'keytocard' and backed 
up to a file on the PC. This is because it is impossible to get the 
private key out of the card, so if you generate the key on the card, you 
can't keep a backup of it.

So the card doesn't generate the key at all, hence not needing an RNG.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 
<http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list