iButton Crypto (Slightly off topic)

Michael Sobolev mss@despair.transas.com
Wed, 8 Mar 2000 01:48:35 +0300


On Tue, Mar 07, 2000 at 09:54:16AM +0100, Werner Koch wrote:

> On Mon, 6 Mar 2000, Michael Sobolev wrote:
>
> > Does it mean that you think it's not a very good idea to use iButtons to store
> > the secret keys? What's the point of storing *a part* of the passphrase?
>
> There is not much need to do so. With a good passphrase your secret
> key is protected very well - a random string stored in a iButton gives
> a very good passphrase. What happens if you lose your iButton with
> the secret key? - It is not so difficult to get it out of that device.
>
> If you just lose your iButton with the passphrase, an attacker must
> find that button and get access to your secret key (and the additional
> passphrase).
>
> The secret key has to be transferred to your desktop box anyway
> because the iButton is not fast enough to do the crypto operations.
> And a memory only iButton is much cheaper.
No, I do not take into account crypto iButtons... :) (I have quoted all of your message) If you do not mind, I'd like to clarify [to myself] few things. If you just have a pair of keys, then according to the known practices it is recommended to generate a revokation certificate as soon as you generate a key pair, correct? So if you loose your iButton, you just issue (send our, whatever :) you revokation certificate, and everything is fine, right? So I do not see too big problem with loosing the iButton itself. But if I choose to use my iButton for passphrase only, that means that I have to use many keys should I work (in general sense) in many places, which does not seem to be very good for me. What do you think? Besides, I believe the current implementation of gnupg does not allow to use something like gpg --secret-keyring=extension:/some/path/or/similar ... Are you planning to add support for things like this? -- Mike