|
|
|
|
|
|
by dfox
2826 days ago
|
|
|
In fact the root cause of the flaw is in the attempt to make the keys inaccessible to any single entity by generating them on the card. This needs the card to have circuitry and software to generate RSA primes and some reliable source of entropy, both of which are somewhat non-trivial problems (as in easy to subtly screw up) in the smartcard environment. |
|
|