The last Nitrokey Storage uses OpenPGP Card v3.3 (that is the last available version). Furthermore OpenPGP Card v3.3 supports only brainpool and nist curves. BTW Previous OpenPGP cards don’t support ECC at all.
Can you show the “gpg --card-status” output in order to confirm the OpenPGP card version?
No. The OpenPGP part is forwarded to OpenPGP Card. The Nitrokey Storage/Pro acts just like a smartcard reader and you cannot add new key types support by firmware update.
If you haven’t any problem with NSA or CIA, you can use nist curves that are also supported by ssh.
My actual use case:
Encryption and Signing: RSA -> widely accepted from old pgp/gpg clients. I don’t really use encryption, but just signing. The signing speed is an issue for me (I use it very often to sign my commits), furthermore few seconds are still acceptable.
Authentication: NIST ECC -> used on my systems where I’m using recent GPG and OpenSSH. I’m not using Brainpool curves because OpenSSH doesn’t support them. ECC curves give me a fast login. I’m pretty sure that NSA is not interested to my boring systems.
My Master Key is an RSA-4096 and is stored on a cold storage, paper and a vanilla OpenPGP card. I use the master key only to sign other keys and signing speed is not an issue.
The main trouble is that Poldi doesn’t support ECC curves yet and you should use RSA Authentication Key to authenticate (slow but secure).
I will suppose to switch to a full ECC in the next 2 years when: