Smart card

[Rainer Hoerbe]

> Am 09.04.2017 um 04:20 schrieb Robert J. Hansen <rjh at sixdemonbag.org>:
> 
>> BUT, leaving your private key on your laptop, tablet, or phone is
>> about as secure as leaving a spare key to your house under the door
>> mat.
> 
> This is not true, not for any sensible definition of 'secure‘.

„secure“ is not a one-dimensional scale with „yes“ and „no“ at each end. Precise definitions are only useful for specific attack vectors. Standards and laws like NIST 800-63 or eIDAS give a good overview on various risks, as they have been trying to squeeze them into assurance levels to reduce complexity.

> 
> My passphrase is literally 16 random bytes read from /dev/random, base64
> encoded, to produce a passphrase of 128 bits strength.  If you'll pay to
> run the ad, I'll happily publish my private key in the newspaper of your
> choice.  Yes, I'm serious.
> 
> If your private key is at risk of being seen by your adversaries then
> it's extremely important to have a good passphrase.  But so long as you
> do, your private key is safe.

A long and random passphrase is a good measure against dictionary and brute force attacks. It does not defend against malware sniffing the keyboard or scraping memory pages. It protects your /encrypted/ private key, but not during signing and encryption. Moving operations needing the unencrypted key to a smartcard provides additional protection on an infested system. Smartcard readers with pinpads and displays add defense against certain attacks that are possible against a Yubi-/Nitrokey-type reader.

- Rainer