OpenPGP card

From Wikipedia, the free encyclopedia
Jump to: navigation, search
This is an image of an OpenPGP card from the vendor ZeitControl. This card is pre-punched to be used in ID-000 readers.

In cryptography, the OpenPGP card[1] is an ISO/IEC 7816-4, -8 compatible smart card[2] implementation that is integrated with many GnuPG functions. Using this smart card, various cryptographic tasks (encryption, decryption, digital signing/verification, authentication etc.) can be performed. As a smart card it allows the storage of secret key material in a secure manner.

Built on BasicCard,[3] OpenPGP cards can be obtained from a distributor,[4] from Yubico or by becoming a fellow in Free Software Foundation Europe.[5]

The smart card daemon, in combination with the supported smart card readers,[6] as implemented in GnuPG, can be used for many cryptographic applications. With gpg-agent in GnuPG 2, an ssh-agent implementation using GnuPG, an OpenPGP card can be used for SSH authentication also.

With Aloaha [7][8] there is also a proprietary middleware for Windows available.

Vendor IDs[edit]

YubiCo USB devices implement OpenPGP card and HOTP cryptographic algorithms.

An OpenPGP card features a unique serial number to allow software to ask for a specific card. Serial numbers are assigned on a vendor base and vendors are registered with the FSFE

Assigned vendor ids are:

Id Name
0x0001 PPC Card Systems
0x0002 Prism
0x0003 OpenFortress
0x0004 Wewid
0x0005 ZeitControl
0x0006 Yubico
0x0007 OpenKMS
0x0008 LogoEmail
0xF517 FSIJ

The id range 0xff00 to 0xfffe can be used for randomly assigned serial numbers without a specfic vendor. The ids 0x0000 and 0xffff may only be used for testing.

References[edit]

  1. ^ OpenPGP Card specification, Achim Pietig, PPC Card Systems GmbH, 2009. URL: http://g10code.com/docs/openpgp-card-2.0.pdf
  2. ^ The OpenPGP Card - How to use the Fellowship Smartcard - The GnuPG Smartcard HOWTO, Rebecca Ehlers, Thorsten Ehlers, et al., Free Software Foundation Europe e. V., 2005. URL: http://www.gnupg.org/howtos/card-howto/en/ch01.html#id2472312
  3. ^ BasicCard - Smart cards, URL: http://www.basiccard.com/index.html?news.htm
  4. ^ Kernel Concepts, http://shop.kernelconcepts.de/index.php?cPath=1_26
  5. ^ The Fellowship Smartcard, http://wiki.fsfe.org/FellowshipSmartCard
  6. ^ Required Hardware - How to use the Fellowship Smartcard - The GnuPG Smartcard HOWTO, Rebecca Ehlers, Thorsten Ehlers, et al., Free Software Foundation Europe e. V., 2005. URL: http://www.gnupg.org/howtos/card-howto/en/ch02s02.html#id2519120
  7. ^ Aloaha Smartcard Connector. URL: http://www.aloaha.com/smartcard-software-en/aloaha-cryptographic-service-provider.php
  8. ^ Aloaha Smartlogin. URL: http://www.aloaha.com/smartcard-software-en/aloaha-credential-provider.php