What are some threats against which OpenPGP smartcards are useful?
Mike Gerwitz
mtg at gnu.org
Wed Jan 8 04:18:47 CET 2020
On Tue, Jan 07, 2020 at 14:09:50 +0100, Wiktor Kwapisiewicz via Gnupg-users wrote:
> Additionally smartcards require PINs and lock the card after several
> tries. This is not possible with keys on USB drives.
PINs can also be changed confidently.
The passphrase of the _copy_ of a key on disk can be changed, but you
can't necessarily be confident that it's the only copy. It could have
been copied with or without your knowledge, by you or an adversary.
If you enter your passphrase somewhere and realize after the fact that
someone may have been standing over your shoulder, or there's a security
camera in the distance, an audio recording of your keypresses, or
_anything_ that reduces the keyspace of your passphrase, then an
attacker can brute force the rest offline forever using an old copy of
your key, and there's nothing you can do about it.
--
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200107/069e50a1/attachment-0001.sig>
More information about the Gnupg-users
mailing list