Old stuff: Using PGP with an USB smartcard token
Posted in Tutorials on April 1st, 2009 by edwin – 2 Comments
Note: this is a re-post of an old tutorial I did in 2004. I currently do not use this set-up anymore, but am saving it here for posterity
This document details how to use PGP on Windows with a USB smartcard token, specifically the ePass2000 network token.
The token used for this tutorial was kindly provided by OpenFortress, a technology provider specialized in applications of digital signatures.
Why?
The token makes it much easier for the user: no need to remember long passphrases. Just put the token into an USB slot and type in a small pincode of 4 to 8 characters. By making it easier for the user, security is improved: people will not need to write down their passphrases or use very short and insecure passwords.
The same token can be used for multiple applications. There is enough memory on the smartcard to store multiple keys and due to the standard pkcs#11 and microsoft cryptoapi interfaces almost any application supporting smartcards works just fine with the ePass2000. Examples for desktops are: logging on to a Windows Domain Server (supported by Windows 2000, XP and 2003), and from OpenFortress a solutionfor SSH logins (a Linux version is finished, a Windows prototype is available).
Why not?
If you lose or damage your token: you lose your private key and any data encrypted to it. Because the key is generated inside the token and cannot leave it, it is not possible to make a backup of the private key.
Also, the token only supports 1024 bit RSA, which according to some is inadequate. Tokens supporting 2048 bits are however already entering the market. And in any case, a 1024 bit Verisign RSA root key still secures online banking for millions of people, so why worry?
How does it work?
In short, the USB token internally is a combination of a smartcard reader and a smartcard in one package, which can be connected to a USB port. An application can then talk to the smartcard and ask it to do some cryptographic operation, like signing or decrypting some data. Of course the token will only execute this operation when supplied with the correct pin code.
When a keypair is generated on the token, the private key never leaves the token. Therefore, all private key operations need to be done by the token itself.
For efficiency reasons, PGP (as any other application using public key cryptography) does not encrypt or sign all data with a public key primitive. For encryption, all data is encrypted to a secret random symmetric key. This symmetric key is then encrypted to a public key. For decryption, PGP just sends the encrypted symmetric key to the token for decryption and after retrieving the secret symmetric key, all data is decrypted without using the token. That way, even if the encrypted file is for example one gigabyte in size, only a few hundred bytes are exchanged on the relatively slow usb link, while still maintaining the same security. For signatures a similar procedure is used: the signature is done over a hash or message digest of the full message
PGP on a token
In the final section of this document, we will detail how to configure PGP for token usage.
read more »