[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] public key encryption



The main point for using a smart card (with crypto processor) is, that all crypt operations are performed on the card. The private key itself doesn't leave the memory of the card, it is very hard to extract that key from the card (normally these cards are (should be :) ) quite tamper resistant).

The enrcypted key lying around on a system is a weak point. Most applications (gpg, ssh?) check if the file that stores the ecnrypted has the right permissions (e.g. can only be read by the user .. i know root can also). But if you cant trust root, well you cant trust anything. Its very easy to keylog your passphrase. And id say that in 90% of the cases this would be cheaper to do then to break the encryption (passphrase).

The only method that i see as secure, is to have a "trusted" device that signs/crypts for you (e.g. smart cards). But that opens up another can of worms... how can i be sure that the form that my smart card signs after i enter the oin on my reader is actually the form that is displayed on my screen? So the future is a smartcard with a display? A handheld? A "palladium" system (god beware!)?

peace,
Tom


Valter Santos wrote:
You can also use a USB disk (pen sized) with FLASH memory if you have
problems running a smart card. I prefer the smart card but USB disks are
cheaper, and are compatible with all OS that have USB plug_and_play
support, and do the trick...
Just mount the disk when you need the private key and unmount when you
don't, so you can keep the small USB disk with you.

cheers
/valter



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here