Communication with card reader encrypted?

Dirk Gottschalk dirk.gottschalk1980 at googlemail.com
Sun Aug 26 00:31:56 CEST 2018


Hi.

Am Samstag, den 25.08.2018, 21:25 +0200 schrieb Felix E. Klee:
> When I decrypt a file using an OpenPGP card, is the communication
> between a USB card reader and the GnuPG daemon encrypted? Or: Is the
> decrypted session key sent unencrypted through the cable?

This is a really interesting question. But, does this really matter got
an USB device? If there is a program on your computer, which interceps
the communication, the security of you system is already broken. So the
decrypted file itself could/would be read by a third party. The session
key is, in this moment, the least problematic thing on your system.

But, regardless of this, it is an interesting question.

Werner, please tell us. ^^

Regards,
Dirk

-- 
Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen, Germany

GPG: DDCB AF8E 0132 AA54 20AB  B864 4081 0B18 1ED8 E838
Keybase.io: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180826/e40cc1ba/attachment.sig>


More information about the Gnupg-users mailing list