R. A. Hettinga wrote: This is why Chaum wants a small cryptographic device with it's own I/O, certainly.
We'll get one when there's enough money behind it. Money's edge of the wedge...
We have it now. Smartcards. High end smart cards, with a co-processor on board can do their own encrypting and decrypting. Of course, they are still slow enough that you wouldn't want to encrypt/decrypt any large files onboard the card, but for small text it isn't a problem. Bringing this back to PGP and how you might protect the keys, you could keep the keys on the smartcard, or just the passphrase on the smart card. The card could be locked to a PIN number, which after X incorrect entries locked the card permanently. You wouldn't want to do PGP encryption on the card, so the key/passphrase is can still be sniffed when it is pulled off of the card. Regards, Andrew Drapp -- Andrew Drapp <andrew.drapp@hitachi-eu.com> PGP Encrypted Email Preferred (KeyID 65A52F89) ********************************************************************* E-mail Confidentiality Notice and Disclaimer This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited. E-mail messages are not necessarily secure. Hitachi does not accept responsibility for any changes made to this message after it was sent. Please note that Hitachi checks outgoing e-mail messages for the presence of computer viruses. *********************************************************************