Smartcards and tokens

sivmu sivmu at
Sun Dec 18 01:17:44 CET 2016

Am 16.12.2016 um 13:36 schrieb Andrew Gallagher:
> On 16/12/16 02:30, sivmu wrote:
>> If the token does the encryption (and signing) operations,
> Smartcards perform signing and DEcryption (which in the case of RSA are
> mathematically identical).
>> it needs randomness.
> That's true of DSA and ElGamal, but smartcards normally implement RSA.
> Remember also that PGP uses a two-step encryption process. The random
> symmetric session key is generated on the host rather than the
> smartcard, and the secure hash used in signing is deterministic.

Thats what i wanted to hear. If the symmetric key is generated on the
host, that stops any scenario where the smartcard can subvertly
compromise the encryption process, assuming....

> The smartcard itself only RSA-decrypts the session key (or hash), and
> this doesn't require an RNG.

... that this means RSA encrzption is reproducable, meaning encrypted
files of the same plaintext result in the same ciphertext, as this woul
make the process reproduceable and any malfunction can be easily noticed.

Signing could still be manipulated by a compromised smartcard I guess

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161218/e2450569/attachment-0001.sig>

More information about the Gnupg-users mailing list