Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is Canokey for QEMU resistant to adversarial Guest actions? #8

Open
HulaHoop0 opened this issue Jun 28, 2024 · 0 comments
Open

Is Canokey for QEMU resistant to adversarial Guest actions? #8

HulaHoop0 opened this issue Jun 28, 2024 · 0 comments

Comments

@HulaHoop0
Copy link

Hi, Whonix dev here. I was wondering about your comment on Canokey which we are interested in for the purpose of adding a secure virtual smartcard feature for our hypervisor based distro.

Can you please clarify the comment you made when introducing the patchset series for QEMU:

https://mail.gnu.org/archive/html/qemu-devel/2022-05/msg03913.html

"One note though, using CanoKey QEMU as a daily secure key is not recommended as the secret key in the emulated key is not protected by hardware."

Do you mean there is no security provided by the virtual implementation at all against hostile guest actions? Or are you saying it is less secure than a trusted physical hardware implementation in theory?

Our goal is to have something with the security properties of a similar feature called "Split GPG" provided by QubesOS [1]. I would appreciate if you give this page a quick look and let me know if canokey for QEMU provides the same security guarantees by design.

[1] https://www.qubes-os.org/doc/split-gpg/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HulaHoop0