I recently read a post (that I foolishly didn’t save and can no longer find) that said the HOTP on Nitrokeys aren’t stored encrypted. I’m aware that not everything you read on the internet is trustworthy, but this was too big an issue not to confirm. I use Heads, so this is a critical aspect of security for me. Can anyone confirm or deny?
Found it!
I’m unsure how reliable the site is; I just saw it and it seems alright, but I haven’t confirmed anything yet. I’ll look into its validity soon.
Here’s the original post for reference:
https://discuss.grapheneos.org/d/17614-which-u2f-key-is-the-most-secure/5
The HOTP implementation used for Heads use features of a OpenPGP Card. In a Data Object you may store the secret for HOTP calculation and the protocol of the card allows you to set the Data Object after PIN verification and calculate a hash but not releasing the original stored secret.
There are several Nitrokeys. The Nitrokey Start uses a software implementation of the OpenPGP Card specification (gnuk). AFAIR, there is no support for private Data Objects (at least it was not at the time I used them). The Nitrokey Pro and Storage use actual Smart Cards inside and they support the Data Objects. The Smartcard implements the protocol and there is only the mention of optional PIN protection but no encryption. This is a security element and there are at least some measures against extraction. The Nitrokey 3 introduces also a secrets app that allows encryption of the HTOP or TOTP secrets. But the HTOP verification most likely still uses the OpenPGP Card feature. And on the Nitrokey 3, this is a mixture of software and hardware implementation. Recently you could choose to e.g. protect the main keys using the SE050. As this is actually like a smartcard, I guess that also the Data Objects were moved or could be moved to the secure element.
I speculate also Yubikey only follows the OpenPGP specification and would also not encrypt the DO there. Yubikey historically is known for Yubikey OTP and a security chip that protects this. So I guess the measures that are stated in the data sheet are also mis-applied to the HOTP use case here.
@szszszsz Can you please confirm the DO storage for the various Nitrokeys?
Hi!
Nitrokey Pro and Nitrokey Storage have the OTP secrets unencrypted by design, including the Heads support.
Nitrokey 3 offers PIN-based encryption for OTP, which can be enabled per credential. Heads OTP secrets can be encrypted if set up this way, but if I remember correctly (and I may be wrong here) the design was to not require extra PIN during the boot, hence these cannot be encrypted.
More about the Nitrokey 3 OTP implementation is here:
Nitrokey Pro / Nitrokey Storage:
Thanks for the clear explanation. As I said before, I use the Nitrokey to verify system integrity via Heads, which puts the root of trust in the Nitrokey (and the laptop’s hardware/TPM, but that’s out of scope). Are there mechanisms to prevent a bad actor from defeating protections with physical access to the key? Are there any security recommendations if I cannot keep physical guard over they key indefinitely? (I do have to sleep, comply with lawful orders, etc.)
And are there any plans to strengthen physical tamper resistance, like maybe FIPS L4 certification*? At the end of the day, anything can be circumvented or defeated. But considering this device’s only job is physical protection as a root-of-trust (whether with Heads or as a security key, the point is the same), I’d be interested in and willing to pay for significant improvement in ensuring it’s trustworthy in that role. (Acknowledging that firmware can be updated for use with new features, but any other third-party considerations are out of scope for this.)
(*I’m not intimately familiar with the weaknesses or drawbacks of high-level FIPS certification. It’s just a standard in the States.)
As stated above a PIN is not required for boot, yet it is required to re-hash changed
/boot files. This means an attacker has to know your NK3 PIN to manipulate the boot chain. Heads has further tripwire measures, e.g. a boot counter, but the main secondary is the TOTP alongside the HOTP. You can already store the TOTP on a secondary device (e.g. also a FIPS certified, if you have access to one, or print the secret and put it into your bank’s safe). The HOTP simply is the most convenient daily method provided.
