flexSecure Quickstart #5
Conversation
Outline quick start guide.
Added examples for FIDO2 outputs (validate, show)
Added a quick reference for the preloaded apps and added some links to smartpgp references.
Fixed some formatting issues.
docs/quickstart.md
Outdated
|
|
||
| ## Apps with additional setup | ||
| ### [SmartPGP](https://github.com/github-af/SmartPGP) | ||
| This one comes in two flavors: default and large. Do yourself a favor and stick to default--unless you want really large, insecure RSA keys. |
There was a problem hiding this comment.
Why would you consider really large keys insecure?
There was a problem hiding this comment.
As I understood it, the key difference wasn't larger keys; it was larger RSA keys. RSA is insecure. Yes, you can use larger keys to cope--then you're paying twice: once for more resources on the app and again for every key. Doesn't it make more sense to use a modern algorithm?
There was a problem hiding this comment.
Unless you have a good reason not to, I would advise new key pairs to use elliptic curves instead of RSA. Ideally, the Edwards curve - but that one is not yet supported in hardware so the next best thing are the NIST-P curves. Also see https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf#page=67 .
There was a problem hiding this comment.
Sure, but it's not like RSA with large-enough keys is insecure. EC is more efficient, requiring smaller keys and less computation, but claiming RSA4096 is "insecure" is simply false.
There was a problem hiding this comment.
Yes, my statement was incorrect--it should have been a blanket statement about RSA. Thanks for catching that.
There was a problem hiding this comment.
Well, I would still disagree that RSA is inherently insecure if used with appropriate key lengths, but I can see that I'm stepping in a minefield (and it's not like I wouldn't recommend EC myself, for the improved efficiency alone) ;-)
There was a problem hiding this comment.
Imho "security" of a modern crypto system without any obvious flaws (disregarding quantum computing) like RSA or ECC is a function of key length, i.e time it takes bruteforce that key. EC is more efficient - it takes longer to crack a key with the same amount of bits as RSA. But yea, RSA is not inherently insecure - it just recommends very long keys (>2048) nowadays, which makes it kind of cumbersome to run on embedded hardware and still be protected against a highly motivated attacker. Also see https://www.keylength.com/ for an interactive comparison.
There was a problem hiding this comment.
Well then, I take it all back. Sorry for all the confusion.
Corrected statement that suggested large RSA keys were insecure.
The majority of the existing documentation feels directed at applet developers. This is an attempt to walk people through the basics of using Global Platform Pro and streamline some of the applet installations.