Crypto device where I need to confirm every operation?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jan 23 04:29:46 CET 2015
>> Smartcards exist to keep private keys safe(r) from being stolen.
>> They do a pretty good job of that. But when we expect smartcards
>> to be able to somehow make a compromised environment safe to
>> operate in, then we've crossed the line and turned them into magic
>> crypto fairy dust.
> Yes, but maybe you are missing an interesting point...
You're changing the subject slightly. :) The thread is about letting a
legitimate user continue to safely use the system; you're talking about
limiting the damage an attacker can do. The two are related but different.
The idea might be good for damage mitigation; but for permitting
continued normal operation, it's IMO a non-starter on every level.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gnupg-users