Re: [dm-crypt] Proposal for support of PKCS#11 devices (SmartCards and Tokens)

[Arno Wagner <arno@wagner.name>]

On Thu, Apr 02, 2015 at 14:38:28 CEST, Nick Econopouly wrote:
> "2-factor authentication is a large field with many dysfunctional
> solutions (biometrics, for example, or numerous insecure hardware 
> tokens), and no final good solutions are in sight. Hence it is not 
> something that has a place in cryptsetup proper, beyond what is 
> already there. You can also always treat the passphrase as the secret 
> and protect that with your chosen 2-factor authentication scheme."
> 
> I've been interested in the hardware tokens you mentioned; are the yubikey
> and the upcoming nitrokey insecure?
>
> (For 2fa, I assume the gnupg features are more secure because they at
> least require a pin)
> 
> -nick

The think is that in the past most chipcards were broken, some
in ridiculously simple fashions. At the same time, people do not
realize this. I have even heard some security people call a 
smartcard a "mini-HSM". The problem is that makeing a secure token
is hard and expensive. For example, it needs always-on sensors
that can wipe it in case of attacks on the hardware. 

Sure, a hardware token of any kind usually gives you a significant 
security boost as most people chose insecure passwords, but
that is basically it. If a user uses secure passwords, 2-factor
will just annoy.

Gr"usse,
Arno


-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier