Talking about Cryptodevices... which one?

Andreas Schwier andreas.schwier.ml at cardcontact.de
Tue Jan 27 19:14:23 CET 2015


> Good! What PIN length do you recommend? (for the case that there is a
> backdoor to get the *encrypted* key off the card)
The encryption on the card is unrelated to the PIN. It's rather an
authentication object that blocks private key operations until the user
has entered the correct PIN.

With a retry counter of 3, I'd recommend a 6 digit PIN.

Andreas


-- 

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com




More information about the Gnupg-users mailing list