[Gnuk-users] Gnuk and possible hardware vulnerability
NdK
ndk.clanbo at gmail.com
Wed Aug 23 20:45:22 UTC 2017
Il 23/08/2017 22:08, Aurelien Jarno ha scritto:
> All that said the article suggests to check the RDP value at the
> beginning of the boot and set enable the memory protection if it is not
> done. It might be something interesting to implement. Without going
> that far, it might be a good idea to check that for the flash protection
> is active before accepting a GPG key.
That's a good thing.
But remember that the eventually-recovered key is encrypted (recovering
it from RAM is twarted by the inherently random time the user needs to
enter the passphrase, and such an attack wouldn't go unnoticed anyway),
so in the worst case it's mostly like having the secring stolen by the
attacker.
It would be way "easier" to replace the FST-01 with an evil "clone" that
acts as a relay for all the comms toward the stolen device, connected to
the attacker's machine. This way the attacker would have both the token
and the PIN.
BYtE,
Diego
More information about the gnuk-users
mailing list