OpenPGP Card on:
[Wikipedia]
[Google]
[Amazon]
In
An OpenPGP card features a unique serial number to allow software to ask for a specific card. Serial numbers are assigned on a vendor basis and vendors are registered with the
cryptography
Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adve ...
, the OpenPGP cardOpenPGP Card specification - version 3.4.1, Achim Pietig, 2020. URL: https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.1.pdf is an ISO/IEC 7816
ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO ...
-4, -8 compatible smart card
A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...
that is integrated with many OpenPGP
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partiti ...
functions. Using this smart card, various cryptographic tasks (encryption
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can dec ...
, decryption, digital signing/verification, authentication
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicat ...
etc.) can be performed. It allows secure storage of secret key material; all versions of the protocol state, "Private keys and passwords cannot be read from the card with any command or function."OpenPGP Card specification - version 1.1, Achim Pietig, PPC Card Systems GmbH, 2004. URL: http://www.g10code.com/docs/openpgp-card-1.1.pdf However, new key pairs may be loaded onto the card at any time, overwriting the existing ones.
The original OpenPGP card was built on BasicCard, and remains available at retail. Several mutually compatible JavaCard implementations of the OpenPGP Card's interface protocol are available as open source software and can be installed on generic JavaCard smart cards, including NFC-enabled cards. Nitrokey
Nitrokey is an open-source USB key used to enable the secure encryption and signing of data. The secret keys are always stored inside the Nitrokey which protects against malware (such as computer viruses) and attackers. A user-chosen PIN an ...
and Yubico provide USB tokens implementing the same protocol through smart card emulation.
The smart card daemon
Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and mythology and of later Hellenistic religion and philosophy.
The wo ...
, in combination with the supported smart card readers, as implemented in GnuPG, can be used for many cryptographic applications. With gpg-agent in GnuPG 2, an ssh-agent implementation using GnuPG, an OpenPGP card can be used for SSH
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
SSH applications are based on a ...
authentication also.
Vendor IDs
An OpenPGP card features a unique serial number to allow software to ask for a specific card. Serial numbers are assigned on a vendor basis and vendors are registered with the FSFE
The Free Software Foundation Europe (FSFE) is an ''eingetragener Verein'' (registered voluntary association) under German law. It was founded in 2001 to support all aspects of the free software movement in Europe, with registered chapters in seve ...
.
Assigned vendor ids are: OpenPGP Card Vendors. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=scd/app-openpgp.c;h=e1ceed4bc62e41ccef1bec45561ffa5509e70d3a;hb=HEAD#l294
References
{{cryptography navbox , public-key Smart cards OpenPGP