Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
I am a smartcard programmer. Sure an OpenPGP card is just a standard smartcard with special elementary files in its filesystem. Could I make my own OpenPGP card from a common smartcard given I know its administrative codes? Yup, that's what the Open in OpenPGP Smartcard means :) I'm not a smartcard programmer, so I bought one instead. If you'd like to make OpenPGP smartcards and sell them, that would be great! Regards, Jonathan Rockway ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
On Sun, Aug 20, 2006 at 09:18:13AM -0500, Robert J. Hansen wrote: Ismael Valladolid Torres wrote: A smartcard is very convenient as far as it's a multi application device, so you can store much other info apart from GnuPG keys, i.e. Mozilla passwords or such. ... I'm sorry, I'm scratching my head over here trying to figure out how a flash drive doesn't also share these properties. In fact, given the limited space available on a smartcard, the limited application support for them, etc., it seems flash drives are the clear winner in this context. You can't read a private key from the smartcard, but you can read it from the flashdrive. SC is a crypto processor + storage, flashdrive only storage. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
Janusz A. Urbanowicz wrote: You can't read a private key from the smartcard, but you can read it from the flashdrive. SC is a crypto processor + storage, flashdrive only storage. All of which is true. However, the bit to which I was replying was: A smartcard is very convenient as far as it's a multi application device, so you can store much other info apart from GnuPG keys, i.e. Mozilla passwords or such. ... And I'm still trying to figure out how that's different from a flash drive. Maybe there is a difference and I'm not seeing it. Or maybe there isn't one. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
Robert J. Hansen wrote: Janusz A. Urbanowicz wrote: You can't read a private key from the smartcard, but you can read it from the flashdrive. SC is a crypto processor + storage, flashdrive only storage. All of which is true. However, the bit to which I was replying was: A smartcard is very convenient as far as it's a multi application device, so you can store much other info apart from GnuPG keys, i.e. Mozilla passwords or such. ... And I'm still trying to figure out how that's different from a flash drive. Maybe there is a difference and I'm not seeing it. Or maybe there isn't one. I don't use a flash drive or a smartcard, for the following reasons: - Flash drives are too prone to failures at bizzare moments - Smartcards are largely experimental and don't have the instant usability of a USB stick (/me mutters something about The right tool for the right job...) -- Alphax Death to all fanatics! Down with categorical imperative! OpenPGP key: http://tinyurl.com/lvq4g signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
Alphax wrote - Flash drives are too prone to failures at bizzare moments - Smartcards are largely experimental and don't have the instant usability of a USB stick A few years ago Rainbow Technologies came out with a device they called the iKey. Smartcard with a USB connector, about the same form factor as a car key. Lovely hardware, but programming for it is a bear. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
I would recommend that you don't do that. What if you lose the drive? Then your private key is compromised. Do you have a revocation certificate in a safe location? If not, you can't even tell anyone that your private key has been compromised! Not good! The OpenPGP smartcard is a much safer option, since it will not give up the private key (even if you have the password), and will lock itself after 3 incorrect password attempts. (And after 3 incorrect Admin PIN attempts, it will destroy itself, which is pretty inconvenient for someone trying to steal your key.) Compare this to a pen drive that will let anyone copy off the secret key and guess the passphrase on their friendly local supercomputer cluster. The other advantage is that if your card gets stolen, you *know* that it's been stolen. If you have your key lying around in your homedir somewhere, someone could just make a copy of it, and you'd never know. With the OpenPGP card, if it's not in your hand, you can consider it stolen. For $20, you can't go wrong. Get an OpenPGP card and be happy :) http://www.kernelconcepts.de/products/security-en.shtml Regards, Jonathan Rockway Ismael Valladolid Torres wrote: John Clizbe escribe: Just copy the keyring files. I store my private keyring and a public keyring containing only my public key on a pendrive, then in your gpg.conf: keyring /path/to/pendrive/pubring.gpg secret-keyring /path/to/pendrive/secring.gpg Using several different computers it works like a charm. Cordially, Ismael signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
Jonathan Rockway wrote: I would recommend that you don't do that. What if you lose the drive? Then your private key is compromised. Let's not use the word 'compromised'. Let's call it 'loss of control'. If I leave my wallet on my desktop for an hour while I go to a meeting, are my credit cards compromised? I think we'd agree that they're probably not. If I get mugged and my wallet stolen, are my credit cards compromised? I think we'd agree that they are. Compromise usually means not only a failure of access controls, but a strong likelihood of unauthorized persons exploiting the failure of access controls. Losing a dongle doesn't necessarily mean it's been compromised. It means you have a problem, yes, one that's in need of addressing, but it doesn't necessarily call for a key revocation. Do you have a revocation certificate in a safe location? Having a revocation certificate is totally unrelated to the issue of whether one uses a USB dongle or a cryptographic card. The OpenPGP smartcard is a much safer option, since it will not give up the private key (even if you have the password), and will lock itself after 3 incorrect password attempts. (And after 3 incorrect Admin PIN attempts, it will destroy itself, which is pretty inconvenient for someone trying to steal your key.) Compare this to a pen drive that will let anyone copy off the secret key and guess the passphrase on their friendly local supercomputer cluster. The entire point of a passphrase on a key is so that even if the attacker _does_ have a supercomputer cluster it will be of no use. An OpenPGP card may allow you to get away with a weaker passphrase, but there's nothing inherently dumb about putting a private key on a USB dongle as long as the passphrase is sufficiently strong. Given the choice between trusting flash memory to wipe itself, and trusting that strong cryptography is going to stand up to even dedicated cryptologic attacks, I'll put my money on the latter any day of the week. The other advantage is that if your card gets stolen, you *know* that it's been stolen. I have a two gig USB dongle on my (physical) keyring right next to my car and office keys. If that gets stolen, trust me: I'll know. Whereas if you were to go through my wallet and randomly pilfer one of my cards, I might not know it for a while: while I use my ATM card almost daily, I can't remember the last time I needed to pull out my amateur radio license. What it boils down to is this: there are no silver bullets. There is more than one way to do it. If the OpenPGP card works for you, then great, go for it. But if the OpenPGP card doesn't work for someone else, then you're wasting their time by telling them oh, don't do that, use an OpenPGP card. Speaking for myself, I have doubts about the long-term security of RSA/1024. I much prefer RSA/2048 instead. Thus, the OpenPGP card fails to meet my own security policy... whereas storing a copy of my private key on my USB dongle, with a high-security passphrase, is a far better solution than an OpenPGP card. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Don't store your key on a flash drive! [was Re: GnuPG (GPG) Problem]
On Sat, Aug 19, 2006 at 02:37:28PM -0500, Robert J. Hansen wrote: The OpenPGP smartcard is a much safer option, since it will not give up the private key (even if you have the password), and will lock itself after 3 incorrect password attempts. (And after 3 incorrect Admin PIN attempts, it will destroy itself, which is pretty inconvenient for someone trying to steal your key.) Compare this to a pen drive that will let anyone copy off the secret key and guess the passphrase on their friendly local supercomputer cluster. The entire point of a passphrase on a key is so that even if the attacker _does_ have a supercomputer cluster it will be of no use. An OpenPGP card may allow you to get away with a weaker passphrase, but there's nothing inherently dumb about putting a private key on a USB dongle as long as the passphrase is sufficiently strong. This is quite correct and frequently misunderstood. After all, the secret key encryption is essentially the same symmetric encryption that is used to encrypt messages. If you're trusting it to protect your messages, you probably should trust it to protect your key as well. The big difference, as I see it, between a smartcard and a flash key, is not so much in how it protects the key at rest (i.e. a stolen smartcard or flash key), but how it protects the key when in use. A flash key has a mountable filesystem with actual files on it. A compromised host machine could copy the secret key file, while simultaneously keylogging the passphrase for it. A smartcard cannot give up the secret key in normal use - there is simply no interface to do that. (I'm not counting electron microscopes and the like as normal use here. Normal use is sticking the card into a reader.) A compromised host machine could keylog the passphrase, but can't get the key. In either case, a compromised host can *use* the key, say to decrypt something, or make a signature. Speaking for myself, I have doubts about the long-term security of RSA/1024. I much prefer RSA/2048 instead. Thus, the OpenPGP card fails to meet my own security policy... whereas storing a copy of my private key on my USB dongle, with a high-security passphrase, is a far better solution than an OpenPGP card. Yes. Smartcards really lag behind what general purpose machines can generate. 1024 is fairly rare these days, and even 4096 is becoming more common. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
