[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Communication with card reader encrypted?
From: "Felix E. Klee" <felix.klee () inka ! de>
Date: 2018-08-27 15:09:01
Message-ID: CA+m_8J02oyMG-78bOzer-twehVrPanPDYP0dF4BhOGcqA6=c_A () mail ! gmail ! com
[Download RAW message or body]
Thanks for clarification!
On Mon, Aug 27, 2018 at 11:51 AM, Werner Koch <wk@gnupg.org> wrote:
> The connection between the card reader and the host is not encrypted
> because that would require a key setup first and that would also be
> subject to key logging.
The host could provide a public encryption key to the card reader. Of
course:
* With a tampered USB cable, there still would be attacks possible,
though different ones. That is, unless the reader can know the
identify of the host, which would again require a priori exchange,
so nothing gained.
* This is very likely not part of the existing API (PC/SC?).
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic