[Gnuk-users] [PATCH] Add board config for "Blue Pill"

[NdK]

Il 14/01/2017 14:39, Paul Fertser ha scritto:

>> For me it's more interesting to be able to experiment freely, adding a
>> display and some pushbuttons. Too bad the protocol does not pass what
>> could be needed to "validate" the signature.
> What do you mean here? You can do PIN entering entirely on the device,
> and the current Gnuk code supports that with example IR receiver
> implementation. If you add some keys, you'd be able to do the same,
> with the pincodes never exposed to the host PC.
I think that's "not good enough": you don't know *what* you're going to
sign (in case the PC is compromised).

What I'd propose is adding a packet to the data sent for signing that is
a very short abstract of what you're signing, to be displayed on a small
screen before asking for the PIN. It gets included in the signature
packet, so if the abstract says "Agree paying A $10k for house works"
and the full documents gets replaced with a scan of another (no need to
have the same hash of the original: the hash cannot be calculated by the
user, so a compromised PC could alter it w/o being noticed) but saying
you agree to pay E $1M, the tampering is evident.
That's what my bank's app does: it receives a notification with the
transaction data (id, destination account, amount being transferred),
displays it and asks for my password. This way I can review the REAL
authorization (as long as my phone has not been compromised) -- I could
even handle transactions from a compromised PC.

I know it's not currently in OpenPGP Card protocol, but IMO it would be
worth considering. Currently a compromised PC means "game over", with my
system it could still be used for trustworthy signatures (en/de-cryption
is trickier, since on a compromised PC the attacker would get access to
the plaintext).

BYtE,
 Diego