Communication with card reader encrypted?

Werner Koch wk at gnupg.org
Mon Aug 27 11:51:52 CEST 2018


On Sun, 26 Aug 2018 00:31, gnupg-users at gnupg.org said:

> decrypted file itself could/would be read by a third party. The session
> key is, in this moment, the least problematic thing on your system.

Right.  We assume physical security.  The connection between the card
reader and the host is not encrypted because that would require a key
setup first and that would also be subject to key logging.  Or you need
to configure a session key on the host and on your reader.  That would
be very inconvenient.

Communication between the host and the _card_ can indeed be encrypted
but that is subject to the same problem.  The common use case for this
is to encrypt the communication between the card and a remote host
utilizing the card (e.g. ATM and bank) but that a preshared key etc. has
already been setup.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180827/74e17522/attachment.sig>


More information about the Gnupg-users mailing list