Which version of GnuPG to use?
Damien Goutte-Gattat
dgouttegattat at incenp.org
Tue Sep 17 19:16:39 CEST 2019
On Tue, Sep 17, 2019 at 06:59:34PM +0200, Stefan Claas via Gnupg-users wrote:
>I assume that in order to decrypt a message the secret key data must be
>unlocked and loaded for a very short time into the computers RAM, in order
>to perform the decryption
No. The secret key data remains on the smartcard and is *not* sent to
the host computer. The host computer sends the data to be decrypted to
the smartcard, the smartcard does the decryption itself then sends the
decrypted data back to the host.
(Actually the "data" sent to the card is not an entire OpenPGP message,
just the asymetrically encrypted session key which the hosts then uses
to decrypt the bulk of the message. But this is a detail which does not
change the fact that the host never sees the secret private key.)
- Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190917/48806302/attachment-0001.sig>
More information about the Gnupg-users
mailing list