Crypto device where I need to confirm every operation?

Felix E. Klee felix.klee at
Thu Jan 22 18:00:44 CET 2015

I currently use GnuPG with an OpenPGP Card V2.0 in a smart card reader
with PIN pad. Surely, that adds a certain layer of security, as all
encryption and signing operations happen on the card. However, there
is one attack which I think could be easily prevented: With the card
in the reader, the PIN entered, and Eve having remote access to my
machine, she could sign and decrypt documents.

To prevent such an attack, I imagine a device where I have to confirm
every transaction with a simple push on a hardware button.

Does that exist?

More information about the Gnupg-users mailing list