Talking about Cryptodevices... which one?
wk at gnupg.org
Fri Jan 23 21:31:46 CET 2015
On Fri, 23 Jan 2015 12:19, felix.klee at inka.de said:
> * There will be a new batch of cards, with the same functionality but
> updated print: On the back of the current cards, it says “RSA with
> up to 3072 bit” when in fact the cards support up to 4096 bit.
The code for the card and the specs will also have some minor updates.
This has been done mostly on requests from the Nitrokey (aka
CryptoStick) folks. Nothing to worry about. Achim already send me the
specs and I will put them online soon.
> As for the reader, I got a Reiner SCT cyberJack RFID standard. The RFID
If you do not use Windows I would strongly advise against Rainer
I never achieved to make them work for me, requests for technical
support were never answered, all requests for a sample were rejected or
they quoted unacceptable prices. Further, the Cyberjack readers run a
lot of code not necessary for accessing the card and the firmware can
easily be updated from the host (if you know how to do that). Granted,
other vendors also have easy changeable firmware but their
microcontrollers are smaller and writing malware for them is harder. I
won't trust such devices - we don't know whether the BND has an
agreement with them not to fix exploitable bugs so to allow them
inserting code to track PINs.
Time to build our own pinpad equipped reader?
> * Decryption of a 30 kB file takes one or two seconds.
The size of the file does not matter. The card only sees the public key
encrypted session key.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users