[Gnuk-users] Usefulness of encryption of key in GnuK
Peter Lebbing
peter at digitalbrains.com
Thu Jan 11 21:11:35 UTC 2018
On 11/01/18 21:26, Mike Tsao wrote:
> That's why tamper resistance is such a critical assumption -- otherwise
> you can't use a short PIN.
Note that the flash on several models of microcontrollers has been
succesfully read despite protections. Bunnie wiped the protection
bits[1], although on a PIC18F he could have saved himself the trouble as
it has a design error that allows you to read out flash from all but one
of the pages :-).
I don't know of such a hack for the GnuK microcontroller, but do keep in
mind that the fact that the datasheet says "the memory can't be read"
and you haven't heard of anyone doing it anyway does not mean it is
guaranteed to be safe :-).
> If you still need a good passphrase, then there is no usability benefit
> over pure desktop GnuPG -- in either case the experience is "start GPG
> operation, enter long passphrase into pinentry dialog on desktop,
> complete GPG operation."
I don't see an OpenPGP card implementation as a usability benefit over
an on-disk key at all! I think they're usually a hassle. I see it as a
/potential/ security benefit.
If you're a remote attacker, good luck extracting the private key
through the USB interface. Maybe there is an attack that can achieve it,
but it's definitely more difficult than "cp -R
~/.gnupg/private-keys-v1.d/ somewhere"! Oh, okay, you still need to log
keystrokes or something :-). Tip for the attacker: change gpg-agent.conf
to point to your special pinentry helper.
With an OpenPGP card, you can use my key material all you want if you
remotely hacked my computer, but you probably can't create a copy of it.
Once I pull the card, and even better, fix the compromised computer,
you've lost access.
If you're a physically present attacker, you need to target a device I
always have on me, clipped to my pants, rather than a laptop that leaves
my sight.
But that's pretty much the only bonus (but it's a good one). Worthwhile
protection against physically present attackers is horrible, though.
Start enumerating attacks and countering them, and pretty soon you're
renting a bunker with 24/7 human security guards. Fun if you can afford
it, though. Yeah, I know, I'm being handwavy about the threat model.
Cheers,
Peter.
[1] http://www.bunniestudios.com/blog/?page_id=40
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20180111/c6c135a7/attachment.sig>
More information about the gnuk-users
mailing list