Quantcast
Viewing all articles
Browse latest Browse all 12072

Does Windows remember PIN of the Virtual Smart Card in memory?

Does Windows remember the PIN of Virtual Smart Card (VSC) in memory?

I created a Virtual Smart Card in a Windows 8.1 laptop which is in Domain environment, and I created two certificates associated with the VSC, one for Windows log-in, the other for EFS file encryption.

Scenario 1: If I log on Windows with a regular Domain credential NOT using the VSC, then when I first need to encrypt or decrypt a file VSC will prompt me for PIN. Subsequent attempts will not ask for PIN.

Scenario 2: If I log on Windows using VSC by entering PIN, then any EFS operation in the Windows session will not ask me for PIN, although the certificate for log-in Windows and the certificate for EFS are not the same one.

Questions: Does Windows remember the VSC PIN in memory in any of these scenarios? My concern is that a cold-boot memory attack may steel the VSC PIN if it is stored somewhere in the memory. Or is it the smart card / VSC itself not Windows that memorizes my PIN? If it is the smart card not Windows that memorizes my PIN, what makes it "forget" my PIN when I log off from a Windows session?

Thanks for explanations that help me gain deeper insight to the VSC.


Viewing all articles
Browse latest Browse all 12072

Trending Articles