OpenPGP card
Encyclopedia
In cryptography
, the OpenPGP card is an ISO/IEC 7816-4, -8 compatible smart card
implementation that is integrated with many GnuPG
functions. Using this smart card, various cryptographic tasks (encryption
, decryption, digital signing/verification
, authentication
etc.) can be performed.
Built on BasicCard
, OpenPGP cards can be obtained from a vendor or by becoming a fellow in Free Software Foundation Europe
.
The smart card daemon
, in combination with the supported smart card readers
, as implemented in GnuPG, can be used for many cryptographic applications. With gpg-agent in GnuPG 2, an ssh-agent
implementation using GnuPG, an OpenPGP card can be used for SSH
authentication also.
With Aloaha there is also a commercial middleware for Windows available.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, the OpenPGP card is an ISO/IEC 7816-4, -8 compatible smart card
Smart card
A smart card, chip card, or integrated circuit card , is any pocket-sized card with embedded integrated circuits. A smart card or microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile...
implementation that is integrated with many GnuPG
GNU Privacy Guard
GNU Privacy Guard is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP...
functions. Using this smart card, various cryptographic tasks (encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
, decryption, digital signing/verification
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
, authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
etc.) can be performed.
Built on BasicCard
BasicCard
BasicCard is a smart card programmable in the ZC-Basic language. The BasicCard Toolkit offers an API to quickly program the terminal side and the card side of the application. The API hides the complexity of ISO/IEC 7816 protocols. It also provides APIs for Java and .NET...
, OpenPGP cards can be obtained from a vendor or by becoming a fellow in Free Software Foundation Europe
Free Software Foundation Europe
The Free Software Foundation Europe was founded in 2001 as an official European sister organization of the U.S.-based Free Software Foundation to take care of all aspects of free software in Europe. FSF and FSFE are financially and legally separate entities.FSFE believes that access to and...
.
The smart card daemon
Daemon (computer software)
In Unix and other multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user...
, in combination with the supported smart card readers
Card reader
A card reader is a data input device that reads data from a card-shaped storage medium. Historically, paper or cardboard punched cards were used throughout the first several decades of the computer industry to store information and programs for computer system, and were read by punched card readers...
, as implemented in GnuPG, can be used for many cryptographic applications. With gpg-agent in GnuPG 2, an ssh-agent
Ssh-agent
ssh-agent is a program that used together with OpenSSH or similar SSH programs provides a secure way of storing the passphrase of the private key....
implementation using GnuPG, an OpenPGP card can be used for SSH
Secure Shell
Secure Shell is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client...
authentication also.
With Aloaha there is also a commercial middleware for Windows available.