Is Nitrokey PRO2 data channel encrypted like in HSM2?

Does Nitrokey PRO2 have any protection of the USB data channel from sniffing?

For example HSM2 uses BSI TR-03110 protocol for encryption.

Some JavaCards use v02 or v03 version of SCP protocol to encrypt their data exchange channel.

3B F8 18 00 00 81 31 FE 45 4A 43 4F 50 56 32 34 31 9C
J3A080 80KB T=1 GP2.1.1 JC2.2.2 SCP02

3B 8F 80 01 80 91 E1 31 80 65 B0 83 11 17 E5 83 00 90 00 E9
IDPrime PIV Card v2.0 AES SCP03 (eID) … brief.html

Ingo Albrecht
Dec 29 2019 19:39
@enleth yes. the are JavaCard and supposedly they are delivered open in at least one of the available configs.
the sister-device “EdgeLock SE050” has variant-specific default keys that you can find in the public datasheet.
and they both do SCP03.
I have some samples on my order list. a colleague has confirmed that he can get access though.

What about Nitrokey PRO2 USB token ?

There is no such secure messaging.

Please let me know, how HSM2 channel encryption via BSI TR-03110 is related to JavaCard SCP v0x protocols? Are they completely different encryption protocols?


To keep forum organized please keep the discussion aligned with the topic, and create new threads for new questions.