Nitrokey with tamper proof Micro Controller Unit (MCU)

Hi!

After some investigation and comparison with other products, I was guessing if there are any plans to produce a Nitrokey (HSM & pro) with a tamper proof MCU, like the one that, as far I understand, is used on Yubiko keys (here they talk about using the NXP A700x chip on their keys: https://www.yubico.com/2015/02/big-debate-2048-4096-yubicos-stand/).

More info on why this could not be possible: https://www.yubico.com/2016/05/secure-hardware-vs-open-source/

Thanks!

We do use NXP secure smart cards. See here for details.

OK, but are there any plans on ever creating a Nitrokey where the MCU is also tamper-proof?

Thanks!

P.D.
Sorry if I’m missing something.

There aren’t any tamper proof MCUs in the market. Or do you have an example of what you mean?

I was thinking about something like the MCU that ORWL uses on its mainboard:

Got the info from: https://www.tomshardware.com/news/orwl-secure-microcontrollers-tampering-protection,32690.html

But, anyway, my main concern is: what an attacker that was able to dump the MCU flash of a Nitrokey HSM would be able to get?

1 Like

Thank’s for the details. I wasn’t aware of this MCU (and it’s not available yet). I didn’t read it thorough but if that MCU could become a replacement for smart cards needs to be confirmed. The article from Toms Hardware sounds like that but I don’t read this from the vendor’s description.

For our models which contain a tamper resistant smart cards, this MCU doesn’t bring real benefits. However for Nitrokey Start it would be interesting.

Nitrokey HSM’s MCU flash doesn’t contain any sensitive data. Instead cryptographic keys are stored in the smart card.

1 Like