Talking about Cryptodevices... which one?
Felix E. Klee
felix.klee at inka.de
Wed Jan 28 10:14:48 CET 2015
On Wed, Jan 28, 2015 at 1:46 AM, NIIBE Yutaka <gniibe at fsij.org> wrote:
> From the viewpoint of getting unencrypted private key, it's like:
>
> On flash ROM: Private key encrypted ------\
> \
> On flash ROM: DEK encrypted --\ [AES]--> Private key
> [AES]-> DEK --/
> Passphrase --[S2K]--------------/
Thanks a lot for this explanation!
> From this point, it is better for smartcard/token, not to have other
> "useful features".
I still would feel more comfortable with a pinpad, or some hardware
button (see thread “crypto device where I need to confirm every
operation?”).
More information about the Gnupg-users
mailing list