emulating smartcard with Nexus 5

NIIBE Yutaka gniibe at fsij.org
Fri Feb 13 00:55:50 CET 2015


Let me record a bit of history.

On 02/13/2015 01:19 AM, Brian Minton wrote:
> I recently got a new Nexus 5, with NFC.  Supposedly it supports ISO
> 7816-4.  Is there any possibility of, for instance, porting gnuk to
> android?  I'd love to use my smartphone as a smartcard.  Of course, the
> smartphone wouldn't have as many anti-tampering features as a typical
> smart card, so this would be mainly for educational purposes rather
> than true security.

In fact, Ueno (cc-ed) did something like that around 2007-2008.  It
was the precursor of Gnuk.  IIRC, he wrote a paper describing his
work.  If he still has the code, it would help you.

Since I didn't like smartphone (which is smart enough to cheat its
users, by my interpretation), I wrote the code for ATmega 20MHz to
implement OpenPGPcard functionality, inspired by his work.  It took
five second to sign RSA-1024.  I demonstraded this work at FSFS 2008
in India, then, I demonstrated "gpg --card-status" worked with ATmega
implementation in Japan Linux Symposium 2009, in Akihabara, Tokyo.

After that, around 2010, experts claimed that we should not use
RSA-1024 any more.  So, I gave up my ATmega work, and sought another
MCU candidate.

That's the start of Gnuk with STM32F103.

The ATmega implementation of RSA was done when I was an employee of
National Institute of AIST, Japan, and it was registered as the work
under AIST (perhaps, copyrighted by AIST).  I left the code there when
I left AIST in September, 2010.  If interested, please contact AIST
(not me).

More information about the Gnupg-users mailing list