USB key form-factor smart-card readers with pinpads?

Sam Kuper sam.kuper at uclmail.net
Sun Jan 12 00:18:55 CET 2014 

On 11/01/2014, David Tomaschik <david at systemoverlord.com> wrote:
> On Sat, Jan 11, 2014 at 1:05 PM, Sam Kuper <sam.kuper at uclmail.net> wrote:
>> On Jan 9, 2014 7:16 PM, "David Tomaschik" <david at systemoverlord.com>
>> wrote:
>> > if the machine you are using for crypto operations is compromised, you
>> have lost (at least for the operations conducted while it is compromised)
>>
>> Surely if you are
>> signing with a key stored in an OpenPGP card being used via a
>> pinpad-protected reader, then - because the malware will not learn the
>> PIN - although the malware could potentially corrupt the message being
>> signed (or prevent it from being sent, etc), it could not do so in
>> such a way that a conscientious recipient already in possession of the
>> corresponding public key would mistake a tampered message for a
>> genuine signed message.
>
> Or replace the message with a message of its choosing?  It just needs to
> wait for you to want to do a legitimate signature, swap out the plaintext,
> and then it has signed data.

Yes, as I said, it could tamper with the message. But if it does that,
then when a recipient attempts to verify the signature, gpg --verify
will give the message, "gpg: BAD signature". So, as I also said, a
conscientious recipient will not mistake it for a genuine signed
message.

> Don't use sensitive keys on machines with malware?

Well, ideally, yes...

> (Yes, I realize proving
> a machine is malware free is essentially impossible.)

... but in an acknowledgedly imperfect world, using an OpenPGP smart
card with a trustworthy reader with a pinpad is the next best thing.

> Agreed, I was just arguing why a smartcard without a PIN pad still offers
> some level of additional security [compared to a passphrase protected key in an ordinary or encrypted folder].

For the reasons I've given - and assuming that passphrases/PINs of
adequate entropy/unpredictability are chosen in each case - I don't
think it does.

Perhaps we'll just have to agree to disagree.

> You assume people choose good passphrases.  While that may be true for
> readers of this list, that is not true of the general population.

You are right that my scope in this discussion has been the security-conscious.

I suppose that the individuals in the set of "people who are not
security-conscious enough to use adequate passphrases" might benefit
from using an OpenGPG card and a reader without a pinpad, over using a
key stored in an ordinary or encrypted folder.
Unfortunately, I also suspect that the set of "people who know enough
about OpenGPG cards to bother using one" has no intersection with the
set of "people who are not security-conscious enough to use adequate
passphrases".

Again, perhaps I am wrong. But if I am not, then the use of OpenPGP
cards with non-pinpad readers still makes no sense (at least, not to
me).

Kind regards,

Sam

More information about the Gnupg-users mailing list