cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...

, the OpenPGP cardOpenPGP Card specification - version 3.4.1, Achim Pietig, 2020. URL: https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.1.pdf is an

ISO/IEC 7816 ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) ...

-4, -8 compatible

smart card A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...

that is integrated with many

OpenPGP Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitio ...

functions. Using this smart card, various cryptographic tasks (

encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...

, decryption, digital signing/verification,

authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicati ...

etc.) can be performed. It allows secure storage of secret key material; all versions of the protocol state, "Private keys and passwords cannot be read from the card with any command or function."OpenPGP Card specification - version 1.1, Achim Pietig, PPC Card Systems GmbH, 2004. URL: http://www.g10code.com/docs/openpgp-card-1.1.pdf However, new key pairs may be loaded onto the card at any time, overwriting the existing ones. The original OpenPGP card was built on BasicCard, and remains available at retail. Several mutually compatible JavaCard implementations of the OpenPGP Card's interface protocol are available as open source software and can be installed on generic JavaCard smart cards, including NFC-enabled cards.

Nitrokey Nitrokey is an open-source USB key used to enable the secure encryption and signing of data. The secret keys are always stored inside the Nitrokey which protects against malware (such as computer viruses) and attackers. A user-chosen PIN an ...

and Yubico provide USB tokens implementing the same protocol through smart card emulation. The smart card

daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and mythology and of later Hellenistic religion and philosophy. The word ...

, in combination with the supported smart card readers, as implemented in GnuPG, can be used for many cryptographic applications. With gpg-agent in GnuPG 2, an

ssh-agent Secure Shell (SSH) is a protocol allowing secure remote login to a computer on a network using public-key cryptography. SSH client programs (such as ssh from OpenSSH) typically run for the duration of a remote login session and are configured ...

implementation using GnuPG, an OpenPGP card can be used for

SSH The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on ...

authentication also.

Vendor IDs

An OpenPGP card features a unique serial number to allow software to ask for a specific card. Serial numbers are assigned on a vendor basis and vendors are registered with the

FSFE The Free Software Foundation Europe (FSFE) is an ''eingetragener Verein'' (registered voluntary association) under German law. It was founded in 2001 to support all aspects of the free software movement in Europe, with registered chapters in seve ...

. Assigned vendor ids are: OpenPGP Card Vendors. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=scd/app-openpgp.c;h=e1ceed4bc62e41ccef1bec45561ffa5509e70d3a;hb=HEAD#l294

References

{{cryptography navbox , public-key Smart cards OpenPGP