FIDO2 token: Feitian vs Nitrokey vs Thetis?

Please let me know, how your FIDO2 token compares to Thetis FIDO2 in terms of a chip used?

May I know which chip model is used in your token to understand its security strength?

Nitrokey is about 50% more expensive than Thetis, may be it has a more secure hardware which is more resistant against private keys extraction?

As for Thetis I do not know almost anything about its internals and it is relatively cheap on Amazon with a huge amount of positive opinions.

I was told from a national Feitian distributor, that a model of the FIDO2 token:

FT-ePass-FIDO2-NFC-K9B has a NXP chip inside it, though not sure which model of the chip.

Wonder it is of the same level of security like in your Nitrokey Pro (having it too)?

Weird. I needed nearly 10 Minutes to find were they are, physically. I still do not know who is behind that industry. The whole statement of the company says nothing about opensource hardware. Their goals appear to be vague (to say the minor). The whole process does not to seem transparent.

The hardware may not be the problem here.
Memento Crypto AG?
Personally: an opensource product has my trust.

From the nitrokey site:

Open Source

Both hardware and software are open-source, free software and allow independent security reviews. Customizable, no vendor lock-in, no security via obfuscation, no hidden security issues!

Compare this to their company statements:
Our goal is to use advanced technology to protect your network security.

Good to know. That means everything and nothing.

I have found a mention on a forum that Feitian K9 has NXP JCOP J3E081 JavaCard chip with 80KB of EEPROM:
https://web.archive.org/web/20200303125012/https://www.javacardos.com/javacardforum/viewtopic.php?t=887

Can you please comment about a level of hardware security against private keys extraction say by an invisible virtualization trojan activated from BIOS?

Are there any software solutions using the most reliable keys like NitroKeyPro2 to emulate FIDO2.

I already have a Nitrokey Pro2 and it would be nice to run some completelly open source Linux or OpenBSD distro on a dedicated board like Beaglebone Black to emulate a FIDO2, OTP, HOTP, TOTP, etc. still outsourcing the most sensitive parts of work to Nitrokey Pro2 attached to such BBB board.

A few days ago I was almost ready to purchase your FIDO2 token, but after that I have found a few more FIDO2 tokens like FEITIAN and THETIS.

It is possible to purchase a FEITIAN K9B with NFC for about 30 USD:

https://translate.google.com/translate?hl=&sl=ru&tl=en&u=https%3A%2F%2Fdatawaysecurity.ru%2Ftokens_smart_card%2Ftokens_fido%2Ftoken-epass-fido2-usb-a%2F

2090RUB / 66 $/R = about $31 USD.
Your Nitrokey FIDO2 does not have NFC but still costs a few more: 29 EUROs, though such a small price difference does not matter. I am more concerned it is mentioned that even Nitrokey FIDO2 token has a chip weaker than NK Pro2 from a security point of view.

Actually I am not fond of using NFC and not sure if it works with FIDO2 and USB channel at all.
I need a FIDO2 token on Linux in a USB port.

Does your Nitrokey FIDO2 token ask for a PIN code after token confirmation button has been pressed?
Is it possible to avoid typing PIN or automate its typing?
There are even FEITIAN BioPASS FIDO2 tokens with a fingeprint scanner which does not require entering PIC code, though it looks like a good idea I am not sure how secure they are as a whole solution.

Can you please tell which chip is inside Nitrokey FIDO2 and compare its security to NXP JCOP J3E081 in terms of how hard it is to extract private keys from the chip without using any side channels.

For example STM chips are often very weak and can be hacked by specialists relativelly easilly.

There is an interesting open source project:

But unforutnately it on a STM chip, though mentioned as portable.

According to their website they are going to produce a new FIDO2 token based on NXP LPC55S69 chip:

Where is Nitrokey FIDO2 compared to NXP LPC55S69 in terms of security?

It seems even current cheap STM Solo Keys are going to get OpenPGP support via firmware upgrade:

and even may be with ALGO_CURVE25519(ECDH)

I couldn’t find any technical details about Thetis, so can’t comment about it’s security level.

Our Nitrokey FIDO2 is based on Solokey. Hence Nitrokey FIDO2 uses a STM32L4 and we plan to add an OpenPGP Card feature in the future. Compared to JavaCards STM32L4’s side channels resistance and tamper protection are low. However, the recent publication in this field targeted STM32F1.

Whether a PIN is requested or not depends on the actual website to be used and is nothing the device vendor can decide.

Also we produce locally in Germany so that we have better control to avoid supply chain attacks.

Therefore Nitrokey FIDO2 has the same upgrade problems like Solo Key:

?

Recently I was told by a Feitian distributor that K9B token has two chips:

NFC - NXP J3E081
USB - NXP LPC11U

How is it possible on the same single token to have two different chips? One chip per communication channel? Do they share data or they are completely unlinked from each other one like two separated tokens placed near to each other?

While NFC - NXP J3E081 is a secure JavaCard

USB - NXP LPC11U is just an ARM MCU?

How does compare NXP LPC11U to Solo Key in terms of security?
Or may be NXP LPC11U is used only as a convertor from JavaCard to add a USB channel for it?

Are private keys stored only in JavaCard or in NXP LPC11U too?

Another question. How can I be sure signed binary firmware is actually the same what can be built from the sources? May be you offer a reproducible build or something like it?

Is “Hacker” unlocked edition the only method to verify personally the binary is built from specific sources?

Hi @sanyo!
I think you should ask Feitian about that. I could only speculate, since I am not familiar with their hardware.

We are not using their firmware directly, but a modified fork. We test all our updates on each release ourselves. Either way I am sure SoloKey will handle this.

Yes, this will be introduced in the subsequent updates.

You can compare locally built firmware with distributed one signed, and it should be identical. Signature is a separate part.

By the way of your first posts I wanted to add, that STM32L4 offers higher protection level than STM32F1 by disabling the debug adapter access altogether, and the brown-out protection. Perhaps this is the reason only STM32F1 is shown in the publications (this, and wide usage, including medical devices).

I have received an answer from Feitian support:

Regarding your question about the chips, all the security related part is inside the J3E081 Security Element. The LPC chip is just used to handle the USB communication part, it does not store any keys. Just to provide USB connection and HID protocol.

The ePass FIDO2 Token does not provide update function or opensource function. Our keys is built on secure element which provide higher level of security against physical attacks compare to other keys that using MCU.

So LPC11U is like a card reader not keeping any sensitive info.

Do you think is it still dangerous to passthrough such China Feitian tokens into a KVM VM via virtual USB?
If the host does not talk to such dongle directly and even HID interface disabled on the host then token cannot do a harm to the host unless escaped from KVM VM?

If using full software emulation without hardware virtualization acceleration then it is hardly likely for a VM to escape to the host?

I would like to make a general rule here, device- or producer-agnostic: if you do not trust the device, do not connect it to any fragile system, not to mention storing any secret data on it. If your device was altered, modified or was stolen, it is not your device anymore in any way, whatever protections were used.
As for the Feitian devices specifically, I have not heard anything about them being dangerous.

About VM’s and PC workstation hardware security, the topic is very wide and every year now and then one hears about new breaks and attacks. IOMMU seems to not be in wide use, and even then it might be implemented with a flaw, making it possible to access the PC’s memory, where the secret keys are stored if not done so on an external device. I have to leave further research regarding the VM escaping to you unfortunately.

About a year ago I have forgot my Nitrokey at home in a belt bursicle, I did not indicate this anyhow, did not call anyone to aks about this, only one thought, and it was enough to find my Nitrokey in the evening demonstratively pulled out of the bursicle near it though I left NK inside the closed bursicle.

Can I still trust my NK Pro 2 after that? How to verify its authenticity? How can I protect from repeating this for example during my sleep time?