On Fri, 22 Jul 2005 19:01:57 +0200, Felix E Klee said: > OpenPGP cards with 2048 bit keys don't seem to be available at all. > However, ordinary ISO 7816-4 compliant smart cards are available through > online outlets. For example CryptoFlex and CyberFlex cards can be
Good luck getting a secure and fast 2k RSA card. > Uh, I guess this would cost me too much time. One solution, though, > would be to buy a JavaCard and try to run and enhance the OpenPGP Java > implementation that was started by Zeljko Vrba [3]. Java cards do have some restrictions which don't allow to implement ISO commands. > A simpler solution, though, would probably be porting code for accessing > an Axalto CryptoFlex 32k to GnuPG, or helping fork a "clean" PKCS#11 > library from OpenSC and interfacing it to GnuPG. But before thinking We won't support pkcs#11 becuase it is not a standard but a way to interconnect proprietary applications using proprietary extesions to pkcs#11. > Can the crypto capabilities on an ISO 7816-4 compliant card actually be > used for doing PGP? -4 does not define asymmetric crypto. You want -8. The OpenPGP card ISO 7816-8 compliant. > The thing is: All that I need is a card that can securely store a > (private) RSA key and that can encrypt and decrypt data with this key. Well, I am using that for a long time now and the latest gpg releases work pretty well. However it you want 2048k RSA I have no instant solution; OTOH the card is for sure not the weakest link and 1024 RSA is still far out of scope of any attack. Salam-Shalom, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
