R. A. Hettinga wrote: This is why Chaum wants a small cryptographic device with it's own I/O, certainly.
We'll get one when there's enough money behind it. Money's edge of the wedge...
We have it now. Smartcards. High end smart cards, with a co-processor on
board can do their own encrypting and decrypting. Of course, they are
still slow enough that you wouldn't want to encrypt/decrypt any large
files onboard the card, but for small text it isn't a problem.
Bringing this back to PGP and how you might protect the keys, you could
keep the keys on the smartcard, or just the passphrase on the smart card.
The card could be locked to a PIN number, which after X incorrect entries
locked the card permanently. You wouldn't want to do PGP encryption on
the card, so the key/passphrase is can still be sniffed when it is pulled
off of the card.
Regards,
Andrew Drapp
--
Andrew Drapp