Talking about Cryptodevices... which one?

Johannes Zarl johannes at zarl.at
Sat Feb 7 00:59:41 CET 2015


> >> But I still have the impression about smartcards are supposed to prevent
> >> an
> >> 
> >>  attacker from stealing the private keys from the cards, right?
> > 
> > Yes, I agree.
> > 
> > Peter.
> 
> But the threat is not fully mitigated if, as you said yourself in
> another message on this thread, the attacker can potentially
> sign/decrypt using the key on the smartcard.

You're conflating two different threats here. A smartcard *does* protect you 
from anyone trying to steal your private keys.

It does not prevent an attacker from stealing the pin.
It does not prevent an attacker from deleting your key.
It does not prevent an attacker from tricking you into signing or decrypting a 
message. Under some circumstances it does not even protect against key-
revocation.

Having said all that, I still think it is a worthwhile goal to protect the 
key-material itself using smartcard-like hardware / an HSM. The protection 
against key-theft does radically decrease your attack surface in many cases.

  Johannes



More information about the Gnupg-users mailing list