Is "Secure Messaging" supported on Nitrokey Pro?


#1

OpenPGP smartcard spec mentions “Secure Messaging” which (AFAIU) is an encryption scheme to secure data going over USB port when we’re talking to the smartcard. Is this feature supported by Nitrokey pro? I can see that Nitrokey HSM explicitly supports something similar but I’m looking to use the device to create PGP signatures. Thanks.


#2

Nitrokey Pro (version 1 and 2) doesn’t support secure messaging. If you are seriously interested, we could prepare a special version with SM for you. Please see the OpenPGP Card 3.3 specification for details, if that would be sufficient or not.


#3

Thanks for the reply. Meanwhile I’ve verified that smartcard commands are sent in the clear by scdaemon when talking to Nitrokey.
Are you saying that Nitrokey hardware is capable of running with SM and this is a question of firmware enhancement?


#4

I should have been more specific in my reply - Nitrokey Pro hardware


#5

It’s not a matter of firmware. We would prepare a special hardware version with SM included.