[Gnuk-users] Security of NeuG?

[NdK]

Il 18/02/2015 16:25, Jonathan McDowell ha scritto:

> My recollection about the justification for encrypting and pairing the
> Entropy Key data is that it's fairly easily to MiTM a USB connection,
> especially one with such a basic protocol. If the device is plugged into
> an external port on the machine rather than secured inside the case it
> gets even easier.
The machine where you use crypto *must* be "secure enough", as told many
times on gnupg-users ml. If it isn't, you've already lost! Well before
HW attacks come SW attacks (the GPG executable or one of its libraries
gets replaced, or the kernel is modified to execute another -rogue-
program... just to say a couple of simpler attacks).
And IIRC entropy is needed just when generating keys (except for the
primary key, the others can be generated on the token, mitigating many
possible attacks) and when signing.
And signing is the really weak spot: given the form factor and the
protocol used, you can never be sure that you're signing what you want
to sign: if a rogue app intercepts your PIN and replaces the (hash of
the) content you're going to sign with another, you have no way of
knowing. Another reason behind the fact that if the local machine is
compromised you've lost.

BYtE,
 Diego.