gnupg 'signing server'? Looking for advice on key management/security
Henning Follmann
hfollmann at itcfollmann.com
Tue Nov 14 07:12:20 CET 2023
On Mon, Nov 13, 2023 at 10:23:16PM -0600, Jacob Bachmeyer via Gnupg-users wrote:
> Daniel Cerqueira wrote:
> > Jacob Bachmeyer <jcb62281 at gmail.com> writes:
> >
>
[...]
> My point is that smartcards do not magically increase security beyond the
> private key wrapping encryption built in to GPG, and provide little actual
> security benefit unless less-common steps (such as using a card reader with
> its own PIN pad) are taken. (The convenience of being able to simply move
> the card between devices may be useful for some users.)
>
> The issue here is not GPG or its associated pinentry program or any question
> of their integrity. The issue is the possibility of the computer being
> tampered while I am away from it, or potentially, via the network, right
> under my nose. (Consider the overall security of the typical Android
> device.) So far, smartcards do not seem to provide any better protection in
> this case than GPG's own security features. Such tampering would enable the
Yes it does. The key can't be copied and taken away from the device. This
is an advantage.
> theft of the GPG key passphrase or card PIN in either case. In other words,
> the same attacks that can effectively break GPG's built in security also
> effectively break a smartcard by enabling the unauthorized use of the key on
> the card.
>
> That is ignoring the additional risk that few if any smartcards use Free
> firmware, and are, by design, nearly impossible to verify. A secret
> backdoor on the smartcard cannot be categorically ruled out, although such a
> violation of trust would be expected to effectively remove the card's
> manufacturer from the market should it come to light.
nitrokey publishes its card firmware and it can be updated and
independently audited.
There is also the OpenPGP card. IIRC the firmware is also available.
Yubikey does not publish the key firmware but they have an independent
auditing process in place IIRC.
-H
--
Henning Follmann | hfollmann at itcfollmann.com
More information about the Gnupg-users
mailing list