Crowdfunding USB Security Key for Email- and Data-Encryption - Nitrokey Storage

Jan Suhr jan at nitrokey.com
Mon Nov 23 08:54:56 CET 2015


Hi Peter,

Am 21.11.2015 12:07, schrieb Peter Lebbing:
> On 21/11/15 09:00, Jan Suhr wrote:
>> All serious findings are fixed already. Look for the "Note" at the end
>> of each issue description.
> 
> I suppose by "serious" you mean "defined as 'Critical' in the pentest"?
> There are unfixed issues with severity "High":
> 
> Firmware:
> NK-01-008 OTP can be unlocked by replacing Smart Card (High)

2nd factors are usually not access protected at all e.g. may have a 
display (which allows funny hacks[1]). We introduced PIN-protection of 
OTPs as an optional feature because we don't have a physical button. If 
an attacker has physical access to replace the smart card, he could also 
press a hypothetical button or read a hypothetical display. The PIN 
isn't aiming to protect against physical attacks hence it's not in our 
threat model.

> Hardware:
> NK-02-006 Micro SD and Smartcard Slots lack ejection switch (High)

An ejection switch doesn't make any sense to me. Note that ejection 
switch could only be triggered if a card is ejected while the device is 
powered. Furthermore any pupil would be able to use a soldering iron to 
circumvent an ejection switch.

> Personally, I don't really see yet why the latter is so important;

I agree

> however, gaining the ability to issue OTP's by simply inserting my own
> OpenPGP card with my own PIN seems serious? Do I misunderstand it? Or 
> is
> it not part of the threat model because the attacker is unable to
> extract the key used for OTP generation?

Right, not part of the threat model and keys can't be extracted. Also an 
ejection switch wouldn't help here because a card could be replaced 
while the device is powered off which renders and ejection switch 
useless.

> Anyway, thanks for all your work on the Nitrokey series! I think it's
> great you put so much effort into creating these nifty devices.

Thank you. :-)

Best regards,
Jan

[1] 
https://smallhacks.wordpress.com/2012/11/11/reading-codes-from-rsa-secureid-token/



More information about the Gnupg-users mailing list