I've also been thinking about the risks of running crypto software on hackable PCs and ways of protecting against this with external special purpose devices. My thinking is to limit the external "dongle" to the one function that is truly sensitive and worthy of special protection: RSA secret key operations. It seems to me that whenever you use a PC to encrypt or decrypt something, you have to accept the risk that it might have been hacked, and whatever you do on it might be secretly recorded. But when I now run PGP (or any similar package) on a machine, I must risk much more than this every single time I type in my pass phrase, namely *everything* that ever was or will ever be encrypted with this same RSA key pair. This may well be an unacceptable risk, especially if I'm temporarily borrowing somebody else's machine or using one in a public area. I see this as THE major obstacle to our goal of routinely encrypting all communications, sensitive or otherwise, as a way of "desensitizing" the world to the use of cryptography. The way around this risk is to move the RSA secret key storage and processing operations to some external dongle. The device would have only one primary function -- the execution of an RSA secret key operation. It would not allow the secret key to be read out of the device, although it might have a "zeroize" function to destroy it. (It might also include a good random number generator for the convenience of the host computer.) Everything else (data compression and armoring, public key operations, symmetric cryptography, etc) can and should go in the PC where cycles and memory space are much more plentiful. If the dongle has a built-in keypad, then it could store your RSA secret key encrypted with a PIN that you'd have to enter to enable the device. This would protect you if the device were stolen. Of course, the best protection is to make the device so small that you can conveniently keep it with you at all times instead of having to store it someplace. I believe that "smart cards" are already available on the market that do these or similar functions, although they are much more widespread in Europe than in the US. Comments? Phil