Whishlist for next-gen card

NdK ndk.clanbo at gmail.com
Sat Feb 21 20:26:00 CET 2015

Il 21/02/2015 17:54, Daniel Kahn Gillmor ha scritto:

> If the malware is keeping the session keys around, it can just keep the
> session keys for everything you ever decrypt, and use them anyway to
> access your encrypted documents, independent of your button-presses.
Or just sniff the PIN.

> You're right in the abstract: the bandwidth of the "canary button" (one
> bit of LED output "secret key action requested", one bit of input "ok to
> use secret key") is too limited to protect against the sophisticated
> attack you describe, and increasing the bandwidth of the channel
> (e.g. on-device display screen, keypad) makes the UI/UX even more
> infeasibile.  At some point, you just have a second computer attached to
> your computer, and now there is room for that second computer to be
> compromised :/
Well, at least that one would be a dedicated computer, with very limited
connection to the outside world.

And if the idea of a display gets implemented, at least the kind of
operation can be confirmed.


More information about the Gnupg-users mailing list