Crypto device where I need to confirm every operation?

[Robert J. Hansen]

>> Smartcards exist to keep private keys safe(r) from being stolen. 
>> They do a pretty good job of that.  But when we expect smartcards 
>> to be able to somehow make a compromised environment safe to 
>> operate in, then we've crossed the line and turned them into magic 
>> crypto fairy dust.
> 
> Yes, but maybe you are missing an interesting point...

You're changing the subject slightly.  :)  The thread is about letting a
legitimate user continue to safely use the system; you're talking about
limiting the damage an attacker can do.  The two are related but different.

The idea might be good for damage mitigation; but for permitting
continued normal operation, it's IMO a non-starter on every level.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20150122/be2372d2/attachment-0001.bin>