generate keys on smartcard?

joschua10 at gmx.de joschua10 at gmx.de
Sun Dec 15 17:56:09 CET 2002


> On Wed, Dec 11, 2002 at 01:31:08PM +0100, joschua10 at gmx.de wrote:
> > I would like to know if GnuPG is going to support the following feature:
> > to generate the keys on a smartcard. this is different from generating
> the
> > keys with GnuPG and storing them an a smartcard/memorycard. Im talking
> about
> > the way that the keys will never leave the smartcard.
>
> Why is it any of gpg's business what goes on the smartcard firmware in
> this
> instance?

1. one program has to say the smartcard firmware "generate 2 RSA keys for
me!" I think GPG is the one for this job, because you also generate your
keys
with GPG.
2.  GPG has to give the symmetric key (3DES, blowfish etc.) to the smartcard
and get the encrypted symmetric key (encrypted with the public key) back.
then GPG has to compose the whole message with the data- and the key-part.

PGP does support this feature. I found this at the support page of PGP:

>-------------
Three smart card types have been certified to work with PGP 7.1

    * Rainbow's iKey 20XX
    * Schlumberger's Cryptoflex
    * GemPlus GemSafe Enterprise

For best results, we recommend using these cards. PGP also provides more
generic support for any type of smart card that provides full PKCS#11
compatibility.
>-------------

-- 
+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!





More information about the Gnupg-devel mailing list