What are some threats against which OpenPGP smartcards are useful?

Robert J. Hansen rjh at sixdemonbag.org
Tue Jan 7 15:53:33 CET 2020


On 2020-01-06 18:26, Christoph Groth wrote:
> Robert J. Hansen justifies [4] his use of a smartcard as follows:
> 
>> Why don't I want to store the private key on multiple computers?
>> Because a good rule of thumb in a forensics lab is "store the minimum
>> personal data possible on your systems".
> 
> But then he also mentions his 128-bit passphrase and that he would be 
> OK
> to publish his (passphrase-protected) private key in a newspaper.  Why
> then not store it on the disks of multiple computers?

Hint: because the phrase "forensics lab" is extremely important in what 
I wrote.

I used to (don't any more) work in a forensics lab doing R&D into 
recovering data from memory, SSD, and spinning-platter media.  While I 
was doing this my colleagues were reverse-engineering malware.  Our 
network was airgapped from the rest of the network, but we were still 
paranoid about data getting out -- including information about our 
identities.  When you're doing reverse engineering on a botnet belonging 
to an organized crime syndicate, you really don't want the organized 
crime syndicate to discover your name.

I was also using OpenPGP to help move data into and out of our airgapped 
network.  When a CD came into our lab containing data to be loaded onto 
machines, we used OpenPGP to verify its provenance.  When we burned a CD 
containing data to be removed from the lab, we'd put a signature on it 
so the system administrators in the lab outside could be certain that a 
specific human being was taking responsibility for the contents of that 
CD.

Problem: I didn't want there to be any certificate stored on the lab 
machines... because any user ID that identified me would be personal 
information of the kind I didn't want to be stored.

Solution: use a smartcard.  A smartcard allowed me to make these 
signatures while leaving minimal forensic traces.

But, outside of that laboratory environment, I didn't -- still don't -- 
need to use a smartcard.  Usually I just keep the key on the hard drive 
of whatever machine I'm using.



More information about the Gnupg-users mailing list