What are some threats against which OpenPGP smartcards are useful?
Christoph Groth
christoph at grothesque.org
Tue Jan 7 23:58:44 CET 2020
Robert J. Hansen wrote:
> On 2020-01-06 18:26, Christoph Groth wrote:
> >
> > But then he also mentions his 128-bit passphrase and that he would
> > be OK to publish his (passphrase-protected) private key in
> > a newspaper. Why then not store it on the disks of multiple
> > computers?
>
> Hint: because the phrase "forensics lab" is extremely important in
> what I wrote.
>
> (...)
Thanks a lot for the explaination, Rob. Now I understand what you
meant.
> But, outside of that laboratory environment, I didn't -- still
> don't -- need to use a smartcard. Usually I just keep the key on the
> hard drive of whatever machine I'm using.
How about the alternative of keeping small USB keycards (like a Yubikey
nano) permanently plugged into the machines that you are using?
Assuming that you trust the keycards to keep their secrets, wouldn’t
that provide at least the advantage of a much shorter passphrase? Are
there any security disadvantages of such a scheme?
By the way, I would be still interested in expert opinion about the last
paragraph of my original mail, in case someone could spare the time.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200107/e2081b97/attachment.sig>
More information about the Gnupg-users
mailing list