On Tue, Sep 17, 2019 at 06:59:34PM +0200, Stefan Claas via Gnupg-users wrote:
I assume that in order to decrypt a message the secret key data must be unlocked and loaded for a very short time into the computers RAM, in order to perform the decryption
No. The secret key data remains on the smartcard and is *not* sent to the host computer. The host computer sends the data to be decrypted to the smartcard, the smartcard does the decryption itself then sends the decrypted data back to the host.
(Actually the "data" sent to the card is not an entire OpenPGP message, just the asymetrically encrypted session key which the hosts then uses to decrypt the bulk of the message. But this is a detail which does not change the fact that the host never sees the secret private key.)
- Damien
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users