I’m new to this forum; I discovered Crypto Stick about a year or so ago and I found out today that a new version, Crypto Stick 2, will be released in 2011. Is this still likely?
Basically I’m looking to purchase one or more USB sticks with data and a smart card. I understand version 2 of Crypto Stick will have both.
Perhaps someone could explain to me the following:
- When will version 2 be available?
- What will the material of the stick itself be made up of? Plastic, stainless steal, etc.
- Will the stick be water proof or resistant to damage (within limits)?
- What will be the maximum allowed GB storage on the new stick? 8,16,32, etc?
Basically, I need a USB stick like IronKey, but since I don’t trust IronKey or the company and the U.S. government behind it, I would rather purchase something that is open source.
I’ve looked at the new Victorinox secure USB stick with fingerprint but I think this product has a host of problems.
Perhaps someone can enlighten me to these questions.
I’m looking forward to version 2–can’t wait!
One thing I forgot to ask is:
Will the new version, Crypto Stick 2, be USB 2.0 or USB 3.0?
Hi Crypto Man, the new version 2 won’t be released in 2011, it will be 2012. It will consist of a aluminum case which will be very resistant to physical penetration (e.g. water, pressure). The reason why many encrypted drives have small storage capacity is performance. Crypto Stick will be able to transfer about 3MByte per second which - we think - would be sufficient for 16GB (which takes about 90 minutes). What do you think?
Obviously it will be USB 2 because USB 3 is not required for this performance.
[quote]Hi Crypto Man, the new version 2 won’t be released in 2011, it will be 2012. It will consist of a aluminum case which will be very resistant to physical penetration (e.g. water, pressure). The reason why many encrypted drives have small storage capacity is performance. Crypto Stick will be able to transfer about 3MByte per second which - we think - would be sufficient for 16GB (which takes about 90 minutes). What do you think?
Obviously it will be USB 2 because USB 3 is not required for this performance.[/quote]
I was so hoping for a 2011 release! I guess I will have to wait. Hopefully not too long! Make it black!
What makes Crypto Stick 2 better than other secure USB flash drives on the market, from a technical perspective?
Every manufacture claims their USB is the world’s most secure–none of them are open source based and no one really knows if they have back doors or not. In fact, many of them have been hacked (except IronKey, the datatraveler 6000, and a few others).
Is Crypto Stick 100% hardware encryption?
Is hardware encryption better than software encryption? Many believe hardware is superior; others, like the people at Truecrypt, argue that open source software is more secure.
Since this product is at the behest or creation of the German Privacy Foundation, do you need donations to continue your work?
Yes, we will make the case black metallic.
Crypto Stick 2 will have a couple of (in this combination) unique features:
- Hardware and software is open source. Security can be verified due to open source.
- Smart card integrated
- Encrypted torage
- RSA key length of up to 4096 bit
- OAuth one time passwords (e.g. allow Google authentication)
- HTML interface allows basic activities without fat client (e.g. GnuPG)
- platform independent
- Plausible deniability (to be confirmed)
It is not about whether encryption is implemented in hardware or software. Instead important is that users don’t need to execute fat clients and that the implementation can be verified (e.g. no back doors).
Yes, we do need donations. Your donation is very welcome. Currently the Crypto Stick costs more money than it earns.
Also interested in the v2. Some questions:
- Will you sell sticks with different flash sizes to different prices? Will it be in the range of 50 Euro as the version 1 or considerably more expensive?
- Is it possible to flexibly separate the available space on the stick into encrypted/non-encrypted space
- Do you accept pre-orders?
- Can the stick be used for gpg encryption with webmailer without running a fat-client (Enigmail)
Good work you are doing! Viel Erfolg.
Yes, probably different sizes. More expensive, maybe twice as much.
Probably not. Unencrypted storage will be minimal to store applications which is required to unlock the encrypted storage.
No, at least not yet.
This is an important feature but requires more work on the web browser interface side, HTML standard which is not in our control. Hence it’s not sure whether this will be possible with the first release.
Also, let me know if you are a developer and would like to contribute.