Skip to main content

Three new NitroKeys! Nitrokey Pro 2, Storage 2 and a FIDO-U2F Nitrokey

08-11-2018 | Remy van Elst | Text only version of this article


Table of Contents


Last week I received several newsletters from Nitrokey. As you might know, I'm a fan of their (mostly open source) hardware security devices. I've written articles on the NitroKey HSM (even on extracting private key material), on the NitroKey Start and some firmware update guides.

Their newsletters introduced two new keys, the Nitrokey Pro 2 and the Nitrokey FIDO-U2F key. On their website I also saw the Nitrokey Storage Pro 2. This article is a summary of the newsletters and goes over the new features in the new hardware. It boils down to a new OpenPGP smartcard version (3.3, it was 2.1) in the Nitrokey Pro 2 and Storage 2. The FIDO-U2F device is an entirely new Nitrokey (with a button).

If you like this article, consider sponsoring me by trying out a Digital Ocean VPS. With this link you'll get a $5 VPS for 2 months free (as in, you get $10 credit). (referral link)

I recommend you get a Nitrokey. The open hardware and mostly open software part is what I like the most, next to the pricing and their support. I've been in contact with the company a few times, both with the CEO Jan and a developer Szczepan. That guy is active on the Gnuk mailing list and does, as far as I can tell, most of their embedded development.

If you ask me if I prefer a Nitrokey over a yubikey, then I would choose the Nitrokey. The yubikey is closed source all together, relying on their infrastructure in the default (otp) mode. The nitrokey gives you more freedom. The nitrokey is a full USB A plug as well, where as the yubikey is half, or in the USB slot all together. So, the Nitrokey is more durable.

In the past I got hardware sponsored from Nitrokey. Not for this article.

What are Nitrokeys?

NitroKey creates hardware security tokens. The Nitrokey Pro is a OpenPGP smartcard in a USB stick with a companion application. It allows you to securely store your GPG key, among other things.

The Nitrokey HSM is a hardware security module. It is also a smartcard in a USB key, but this time it utilizes different firmware to present itself as a Smartcard-HSM, using PKCS-11 (cryptoki) as the protocol.

The Nitrokey Start is a soft-token (meaning no smartcard). It uses the gnuk firmware to also be a OpenPGP-token. That hardware and software is fully open source, the Pro and HSM are up until the smartcard software.

The Nitrokey storage is a Nitrokey Pro with USB storage that is encrypted (by the smartcard). I haven't used a Nitrokey Storage, so no experience with that.

Nitrokey Pro 2

The feature most exciting in this new hardware version is ECC support. Copying from their newsletter, all the new features:

Support of elliptic curve cryptography (ECC)

In addition to RSA (2048-4096 bit), Nitrokey Pro 2 supports elliptic curve cryptography (ECC. Brainpool and NIST). Because RSA-2048 is not considered safe for use beyond 2022, ECC is becoming increasingly important as a fast and secure alternative. See instructions. This feature requires the new Nitrokey Pro 2 hardware and cannot be installed by upgrading the firmware.

Editors addition: the ECC key length is between 256 and 512 bit. Bernstein's Curve 25519 is not supported do to lack of support in the smartcard. The Nitrokey start does support 25519.

Improved keystore support for Windows

It is now possible to roll out company certificates via Active Directory on Windows devices. These certificates can be used for Windows logon and for e-mail encryption using S/MIME. In addition, OpenPGP and S/MIME email encryption can be easily used in parallel on a single Nitrokey Pro 2. This feature requires the new Nitrokey Pro 2 hardware and cannot be installed by upgrading the firmware.

Integrity verification of Purism laptops

The Nitrokey Pro 2 can be used as a part of the tamper-evident boot protection which Purism integrates into their Librem Linux laptops. Read more.

Hardware differences?

Reading through the forum, the exact hardware change is a new version of the OpenPGP smartcard (namely, version 3). On the gnupg site you can download the specification for 3.3 as well as the specification for 2.2. Major difference is support for ECC crypto, as is reflected in the new nitrokey.

GnuPG version

An important note is that you do need a recent version of Gnupg (> 2.1.16). The version with Ubuntu 16.04 or 16.10 will not work and you manually need to upgrade it. Either by installing newer packages (not recommended) or by compiling the newer version of GnuPG yourself. You could also update your entire distro to at least 18.04.

More information and getting started with ECC can be found here

Nitrokey Storage 2

This was the first of the new hardware, available since June as far as I can see. Since the NitroKey Storage is based on the Nitrokey pro (it is an OpenPGP card), the above new features (ECC support and Active Directory integration) are new in the hardware of the Storage 2 as well. (The storage 2 also has an OpenPGP 3 smartcard). The nitrokey storage has an extra SD card which houses the encrypted storage part, whereas the Smartcard does the encryption of said storage. You can read more in the manual on how the exact storage encryption works.

The new features exclusive to the Nitrokey Storage are, as you might expect, related to it's storage functions. In addition to what I listed above, here are the new features for the Storage 2:

Manual initialization of the storage is not necessary

On delivery, the device's storage is already initialized with random numbers and an encrypted partition is set up. This eliminates manual setup and Nitrokey Storage 2 can be used immediately.

Protection of unencrypted storage

The Nitrokey App for Windows, macOS and Linux (AppImage) is now pre-installed on the unencrypted storage. In addition, the unencrypted storage is read-only, which can only be changed with the Admin PIN (requires Nitrokey App 1.3.1). This prevents the unintentional distribution of viruses and the unintentional storage of sensitive data on the unencrypted storage. This function is particularly interesting for enterprise customers who configure Nitrokey Storage 2 centrally and whose employees only use the user PIN.

Read the full announcement here

Nitrokey Fido U2F

Early dev version of the Nitrokey U2F

The Nitrokey Fido U2F is an entirely new key. It's based on the U2F Zero, It is open hardware and the software is open source as well. It differs physically from the other nitrokey devices in that it has a touch button.

With the Nitrokey FIDO U2F, after the initial configuration, you just need to touch the button on the device each time you are logging in to your various accounts.

Universal Second Factor, or FIDO U2F is a standard for 2 factor auth with USB dongles. It is developed by Google and Yubico There is a site with more information and a list of supported sites. There is also an unofficial FAQ here.

This PDF states that the Nitrokey FIDO U2F supports the FIDO Universal 2nd Factor (U2F) 1.2 standard. The Nitrokey Fido U2F also supports WebAuthn. At the moment there is no support for FIDO2.

More information on the site

FIDO U2F, FIDO2 and WebAuthN???

FIDO U2F and FIDO2 and WebAuthn are not the same. This Nitrokey does not support FIDO2 at the moment, but I suspect it could be added in a later firmware version. I'll try to give a simple explanation of the FIDO's:

  • FIDO U2F is for second factor only (next to a username/password).
  • FIDO2 is for both second factor, as well as replacing a username/password completely (with a public/private keypair)
  • WebAuthn is the Web and browser API for authentication. It supports both FIDO U2F (CTAP1) and FIDO2 (CTAP2). (CTAP == Client to Authenticator Protocol)

Websites can utilize the WebAuthn standard together with a protocol like CTAP1 or CTAP2 to provide functionality so that the user can use their USB token to authenticate.

A more technical explanation of CTAP can be found here

I have not used this standard (u2f) before but it seems to be comparable with the Yubikey process (press a button for 2 factor). It is the cheapest of Nitrokeys so far (22 euro's) and works with all major operating systems (Windows, Linux, OS X and BSD (but which bsd?)) and all major browsers, including Opera.

There is a lot of documentation on the security and key generation here.


Tags: fido  fido-u2f  fido2  fst-01  gnuk  gnupg  gpg  hsm  neug  nitrokey  nitrokey-pro  nitrokey-start  password  security  start  stm32f103tb  tutorials  u2f  yubikey