SKSD      (Smartcard Key Storage Daemon) Peter Boutzev :
Homepage : Logo

What is SKSD ?

SKSD is an open source project intended to provide a basic and transparent interface for storing encryption keys on smartcards and using those keys directly from the smartcards in various cryptographic applications. The main idea is to use mechcanisms such as named pipes in order to retrieve the keys from the cards, and, to possibly avoid further patching of cryptographic software (where possible).

Unix systems have a very smart feature, called "named pipes". Named pipes basically function as standard pipes, with the difference they are created on a filesystem and can be accessed as ordinary files. We use named pipes, simply because most applications read keys from files. If we want to interface SKSD with these applications, we could simply flush the pipes with data (ie. encryption keys) from one side, and point the desired client program to the pipe (ie. GnuPG).


Note: The project's state is in pre-alpha and planing stage. It is still looking like a big test, the sourcecode needs to be cleaned, and reorganized. Support for different cards and applications still has to be added.

Download source over http:

Supported applications

For the moment, only GnuPG (> 1.0.4) has been tested. Earlier versions seem to use some wierd functions which crash when the secret keyring file is a named pipe. However, OpenSSH may be working too, through the use of ssh-agent.

Supported smartcards

For the moment memory smartcards are supported. Work is on the way on Schlumberger Cryptoflex cards, as well as separate utilities for formatting, configuring, storing keys, etc on the cards. A more advanced filesystem for memory cards (with host encryption) is also being one of the first things to come.

Cyberflex Java processor cards are not yet planed, allthough they are certainly somewhere on the TODO list.

Supported smartcard readers

Towitoko Chipdrive Micro is the reader used for developpement. However, any PCSC compliant reader with a valid CT-Api library should be supported. Echoes about other readers are welcome ...

I will update this page as soon as possible ...

2002-03-30, Author: Peter Boutzev :