Long Term Key Management With Hardware Tokens

Andrew Gallagher andrewg at andrewg.com
Tue Jun 22 20:20:51 CEST 2021

On 22/06/2021 17:53, Brandon Anderson via Gnupg-users wrote:
> Many tutorials, examples, and articles that are talking about using 
> Yubikeys and smartcards currently suggest making paper backups of the 
> encryption key so you can add it to new devices if needed. But this, at 

> least to me, feels like it's significantly reducing the value of using 
> secure hardware like smartcards in the first place. Having the keys only 
> ever exist on secure hardware, including the backups, would make this 
> unnecessary.

The disadvantage of only ever storing secret key material on a finite 
number of secure hardware devices is that all such devices have a 
lifetime, and once they're all dead your information is gone. You'll 
still find yourself re-encrypting all your data to a new encryption 
(sub)key when you get down to your last working hardware device.

Having a non-secure offline backup does not negate all the advantages of 
secure hardware. It depends on the threat model of course, but *most* 
people are much more likely to have their laptop compromised remotely 
than have their safe cracked and the paper backup stolen.

Andrew Gallagher

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210622/3abff713/attachment-0001.sig>

More information about the Gnupg-users mailing list