Re: Increasing Public Key Crypto Security with Handhelds

[Werner Koch <wk@gnupg.org>]

Jason Gunthorpe <jgg@ualberta.ca> writes:

> Even better, like ssh, this could provide a generic means the manage your
> encryption key outside of an individual session - for example, an X
> application could be used to prompt for the password, and once provided it
[...]
> Moving the encryption agent down into a hardware device like a handheld or
> a smartcard would be the eventual ultimate evolution of a system like

That is exactly what I have in mind for some time now (and talked
about it at the Tokyo BOF).  I call it for now the GPA (..Agent).

In a first step I will do an internal API for GnuPG to separate tasks
which require the secret key form the other code.

Someone from gnupg-devel already played with GnuPG and a PalmPilot.
One problem might be that these handhelds are a little bit slow; some
specialized hardware for them would be nice.


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013