Crypto device where I need to confirm every operation?
Felix E. Klee
felix.klee at inka.de
Thu Jan 22 18:00:44 CET 2015
I currently use GnuPG with an OpenPGP Card V2.0 in a smart card reader
with PIN pad. Surely, that adds a certain layer of security, as all
encryption and signing operations happen on the card. However, there
is one attack which I think could be easily prevented: With the card
in the reader, the PIN entered, and Eve having remote access to my
machine, she could sign and decrypt documents.
To prevent such an attack, I imagine a device where I have to confirm
every transaction with a simple push on a hardware button.
Does that exist?
More information about the Gnupg-users