Crowdfunding USB Security Key for Email- and Data-Encryption - Nitrokey Storage

Peter Lebbing peter at
Mon Nov 23 11:15:26 CET 2015

On 23/11/15 08:54, Jan Suhr wrote:
> 2nd factors are usually not access protected at all e.g. may have a
> display (which allows funny hacks[1]). 

Ah, that makes sense! I forgot about that because I myself would
actually like an OTP protected by PIN as complete two-factor solution
(have the device, know the PIN). But that is an uncommon scenario.

> We introduced PIN-protection of
> OTPs as an optional feature because we don't have a physical button.

Can I suggest you document this well so people know the limitations of
the functionality? As a part of that, I'm sure you are aware a physical
button is out-of-band (a remote attacker can't press it), but a remote
attacker can send a PIN to the smartcard.

>> Hardware:
>> NK-02-006 Micro SD and Smartcard Slots lack ejection switch (High)
> An ejection switch doesn't make any sense to me. Note that ejection
> switch could only be triggered if a card is ejected while the device is
> powered.
> Furthermore any pupil would be able to use a soldering iron to
> circumvent an ejection switch.

I read this part of the pentest document as a bundle complete with a
supercap to keep the power applied when unplugged and the part where
there is tamper detection. All three together make sense, the tamper
detection beating the pupil[1].

But the odd thing there is that the ejection switch is rated high
importance, but the others medium.

Thanks for your explanation!


[1] With his own soldering iron, if need be ;P.

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list