Am 18.12.2016 um 10:49 schrieb Peter Lebbing: > On 18/12/16 01:56, Robert J. Hansen wrote: >> Nope. OpenPGP requires each RSA encryption add at least eight random >> bytes to the data pre-encryption in order to make even identical >> messages encrypt to different ciphertexts. > > However, this randomness is added by the host, not by the smartcard. The > OpenPGP smartcard really only does a deterministic action, and its > correctness can be verified simply by doing the RSA public key operation > on the output and checking that the result is identical to what was fed > to the smartcard. >
Thats good to know. Thanks > I can't think of a side channel to leak the private key to an attacker > through an uncompromised host, but I wouldn't be surprised if there is > such a side channel. Does anybody have a cool way to leak this? Single > bits at a time will do! :-) > Implement a GSM chip into the token? :)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users