Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, here in Portugal (and I hear in Belgium they have a similar system) our national ID card can sign and encrypt data using an internal private & public keys. That could be used to encrypt email securely even on a rogue machine. The main technical problem is the lack of readers. The actual main problem is user education - nobody knows how to work with them.


How would it encrypt email on a rogue machine, securely? If the machine is rogue and has all key presses and has the plaintext how can it be secure then? Sure it is encrypted but it is already compromised.


Oh, sure, the current email is compromised, but not the key (since the encryption/decryption is performed by the card itself). The advantage is that you can use a public machine to check a non-important email without giving them the keys to all others or letting them email faking your identity.


How do you know an email is non-important if it is encrypted?


You usually with PGP don't encrypt neither the sender nor the subject, just the contents, it shouldn't be hard to decide based on that information.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: