OpenPGP Smart Card V3.4 + MiFare DESFire
|To 1||€22.00 *|
|From 2||€21.00 *|
|From 5||€19.90 *|
|From 10||€19.30 *|
Prices incl. VAT plus shipping costs
Ready to ship within 5 business days,
Delivery time about. 3 - 14 days Europe / 1 - 3 weeks to other countries.
- Order number: 654011
This special version of the OpenPGP card contains, in addition to the OpenPGP V3.4 chip, a MiFARE-DESFIRE EV1 4k compatible NFC / RFID chip. This card can also be used as NFC / RFID token with other applications.
The pictures are still showing version 2.1 of the OpenPGP card.
The OpenPGP function can not be used via NFC / RFID. For this, a chip card reader for contact-related cards is necessary in any case.
The DESFire EV1 function can be used, for example, with the so-called RFID "basic reader", which has been disseminated in connection with the new German ID card.
Features of the OpenPGP V3.3 card
- compatible to GnuPG modern (Version 2.1 or newer)
- 3 independent keys for signature, encryption and authentication
- RSA keys from 2048 up to 4096 bits length, ELC keys NIST/ANSI (256 to 521 Bit) and Brainpool (256 to 512 Bit)
- key generation on card or import of existing keys
- signature counter
- safe hardware random number generator (complies AIS 31)
- various data object to store card holder information, data object to store login data and other user data (User-DO) up to 2048 byte for each DO
- PIN length between 6(8) and 64 characters, not limited to numbers
- separate PIN and admin PIN
- KDF-Encryption for passwords
- T=1 protocol, compatible with most chipcard terminals
The full specification is freely available: https://gnupg.org/ftp/specs/
A little outdated version of the smartcard firmware sourcecode can be found here: http://www.g10code.com/docs/openpgp-card-v21-free-source.zip
Though the OpenPGP card specification V3.3.1 or later is available, there are no concrete plans yet about their implementation.
Hints / FAQ
After three wrong PIN entries the card will lock itself and must be unlocked using the admin PIN. After another three false attempts using the admin PIN the card will be permanently locked and only be unlocked with a card reset. This will reevocably destroy all data stoerd on the card - thus also all keys!
The current stable version of GnuPG (2.2.x and even some of the 2.1 versions) feature a factory reset command:
$gpg --card-edit gpg> admin gpg> factory-reset
CAUTION: All data will be lost!
A HowTo for the OpenPGP card can be found here: https://www.gnupg.org/howtos/card-howto/en/smartcard-howto.html