[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] adding smartcard support to Tor



On Tue, Oct 20, 2015 at 3:05 PM, Ivan Markin <twim@xxxxxxxxxx> wrote:
> No, I will be secure. An adversary could sniff your PIN and sign
> whatever they want to, true. But revealing the PIN != revealing the key.
> In this case your identity key is still safe even if your PIN is
> "compromised".

Yes the private key may be safe, but the smartcard may be stolen or
removed from your sphere of access and reutilized with the sniffed
pin, thus your onion or relay or node is no longer under your control,
which was the point of the project. The enablement of the smartcard
needs to be out of band, or use some strong one way challenge
response like pki/totp/hotp/skey/opie.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev