I would like to be able to take an older smartphone and use it as a smartcard-like device but with a full-fledged computer on it. For example, being able to use a Motorola Droid with a USB cable as a password manager. Keep the key secured on the SIM card. Use the touchscreen to enter the unlock password, and choose a password off a list. Send the password to a computer over USB by emulating a keyboard, or a custom driver that creates a secure channel to a specific app for authentication.
Sounds like a lot of work. I don't trust LastPass et al., and really just need a single encrypted password file. My method doesn't provide a driver secure channel, but it is achievable today.
1) Buy a slim ipod touch
2) Jailbreak (unnecessary)
3) App CryptMe allows transfer of plaintext from your computer through iTunes, password unlock on the device, quick search (nice), and according to Firewall iP (Cydia program) doesn't connect to the internet (or you could just always keep wifi off).
Look at the OpenPGP card. You can get a smartcard reader with a PIN-entry pad for like $50, and boom, you have a secure certificate store with GPG.
GPG isn't pretty, and support lags with OS X releases but you can do alot with it.
I've been using this methodology for securing cloud backups for several years. Using tools like Duplicity, you can safely encrypt data on potentially untrusted devices or networks using a public key, and keep the private key safely stored somewhere on the smartcard.
The downsides to these sorts of approaches is that encrypting data is easy, key management for decrypting it is a pain.
