emulating smartcard with Nexus 5

Martin Paljak martin at martinpaljak.net
Fri Feb 13 10:39:05 CET 2015


You need to emulate an OpenPGP via Host Card Emulation.

You can get necessary parts from here:

1. OpenPGP applet. Try this: https://github.com/Yubico/ykneo-openpgp
or This: https://github.com/martinpaljak/AppletPlayground
2. Emulator for running the applet code in Android:

I have some code that did exactly that but was not published because
of some technical limitation not related to possible software only
OpenPGP: https://github.com/martinpaljak/mobiil-idkaart

If you are capable of creating Android software with a GUI, I could
help with the non-Android-GUI issues.

+372 515 6495

On Fri, Feb 13, 2015 at 1:55 AM, NIIBE Yutaka <gniibe at fsij.org> wrote:
> Hello,
> Let me record a bit of history.
> On 02/13/2015 01:19 AM, Brian Minton wrote:
>> I recently got a new Nexus 5, with NFC.  Supposedly it supports ISO
>> 7816-4.  Is there any possibility of, for instance, porting gnuk to
>> android?  I'd love to use my smartphone as a smartcard.  Of course, the
>> smartphone wouldn't have as many anti-tampering features as a typical
>> smart card, so this would be mainly for educational purposes rather
>> than true security.
> In fact, Ueno (cc-ed) did something like that around 2007-2008.  It
> was the precursor of Gnuk.  IIRC, he wrote a paper describing his
> work.  If he still has the code, it would help you.
> Since I didn't like smartphone (which is smart enough to cheat its
> users, by my interpretation), I wrote the code for ATmega 20MHz to
> implement OpenPGPcard functionality, inspired by his work.  It took
> five second to sign RSA-1024.  I demonstraded this work at FSFS 2008
> in India, then, I demonstrated "gpg --card-status" worked with ATmega
> implementation in Japan Linux Symposium 2009, in Akihabara, Tokyo.
> After that, around 2010, experts claimed that we should not use
> RSA-1024 any more.  So, I gave up my ATmega work, and sought another
> MCU candidate.
> That's the start of Gnuk with STM32F103.
> P.S.
> The ATmega implementation of RSA was done when I was an employee of
> National Institute of AIST, Japan, and it was registered as the work
> under AIST (perhaps, copyrighted by AIST).  I left the code there when
> I left AIST in September, 2010.  If interested, please contact AIST
> (not me).
> --
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list