[tor-dev] adding smartcard support to Tor

Virgil Griffith i at virgil.gr
Mon May 23 04:29:19 UTC 2016

This may be not quite what you want, but the Estonia E-resident card
supports basic crypto with the private key on the smart card---i.e.,
you have to physically have the card to be able to read the encrypted

There are probably more elegant solutions than plugging into the
Estonia E-resident framework, but you'll get press for using the
E-resident card---the Estonians always get happy when someone uses
their card for something novel.  Which might be a perk.

Note: I believe that, theoretically, yes, the Estonian government
could jot down your private key before it goes onto the card.  But
they are economically disincentivized from doing that.


On Wed, Oct 14, 2015 at 4:08 AM, Razvan Dragomirescu
<razvan.dragomirescu at veri.fi> wrote:
> Hello,
> I am not sure if this has been discussed before or how hard it would be to
> implement, but I'm looking for a way to integrate a smartcard with Tor -
> essentially, I want to be able to host hidden service keys on the card. I'm
> trying to bind the hidden service to a hardware component (the smartcard) so
> that it can be securely hosted in a hostile environment as well as
> impossible to clone/move without physical access to the smartcard.
> I have Tor running on the USBArmory by InversePath (
> http://inversepath.com/usbarmory.html ) and have a microSD form factor card
> made by Swissbit (
> www.swissbit.com/products/security-products/overwiev/security-products-overview/
> ) up and running on it. I am a JavaCard developer myself  and I have
> developed embedded Linux firmwares before but I have never touched the Tor
> source.
> Is there anyone that is willing to take on a side project doing this? Would
> it be just a matter of configuring OpenSSL to use the card (I haven't tried
> that yet)?
> Thank you,
> Razvan
> --
> Razvan Dragomirescu
> Chief Technology Officer
> Cayenne Graphics SRL
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

More information about the tor-dev mailing list