USB key form-factor smart-card readers with pinpads?
sam.kuper at uclmail.net
Thu Mar 19 12:35:36 CET 2015
On 13/01/2014, Peter Lebbing <peter at digitalbrains.com> wrote:
> On 12/01/14 00:18, Sam Kuper wrote:
>> Again, perhaps I am wrong. But if I am not, then the use of OpenPGP
>> cards with non-pinpad readers still makes no sense (at least, not to
> Since most readers don't filter VERIFY commands
Yes, I'm getting to realise this. Ideally, it ought ought to be
possible to easily tell before buying a reader whether it does this or
Apologies for my delay in replying, btw.
> and additionally you can't
> the OpenPGP smartcard to require a VERIFY before each decryption anyway,
> pinpad really doesn't add much at all for decryption.
> With regard to the PIN not being known to the attacker when using a pinpad:
> Werner disagrees that a pinpad can reliably accomplish that. I did a
> request about a year ago, you should read this thread: . And especially
> Werners answer in . So according to him, it doesn't add much for
Thank you for the links.
> A bugged reader firmware (certainly a possibility) would even still work in
> face of a reader filtering VERIFY commands. I think most readers have
> upgradeable firmware. If an attacker has your PC and knows a vulnerability
> the firmware upgrade method, they can just flash their own firmware in your
> smartcard reader. This is a really difficult to solve scenario. I do think
> requires a rather capable attacker.
Again, I know of no easy way to discover the "flashability" of a
reader in advance of a purchase. No-one has collated this information
for popular readers, as far as I'm aware.
Readers really ought to require physical access (e.g. by means of a
jumper pin that would switch between normal functionality with
flashing disabled in order to be re-flashed.
More information about the Gnupg-users