problem signing with a smart card

[Andrew Gallagher]

On 21/01/16 12:01, Antoine Michard wrote:
>
> I've made my master key on a computer offline and then use addcardkey
> command to add subkey on my card. I don't have backup and you say that
> if I lost my card I lost my encrypt file ?? So why people use subkey ??

The main reason for using an encryption subkey is that there is a known
vulnerability where an attacker tricks a victim into signing a "message"
that is actually the encrypted payload that the attacker wants to
decrypt. This works a) because signing and decryption are equivalent
mathematically and b) iff the victim uses the same key to both decrypt
and sign. Using a separate subkey for encryption removes prerequisite b.

A secondary reason for using a subkey (and this applies to signing and
authentication subkeys also) is that if it gets compromised, you can
revoke just that one subkey, rather than your entire key. This means
that your trust relationships don't have to be rebuilt from scratch.

As Peter said earlier, a smartcard key without a backup is inadvisable
for most users. It's not so bad for a signing or authentication subkey,
but if you lose your encryption key you've lost access to historical
data. This is why I keep a copy of all my private key material on two
Tails* encrypted partitions, stored separately.

The easiest way to copy a key to a smartcard without losing the on-disk
copy is to create an on-disk subkey, save, use "keytocard" to transfer
it to the card and then quit without saving again.

A

(*) https://tails.boum.org


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160121/fef2adb7/attachment.sig>