Some questions regarding your roadmap

Please lets elaborate in more details into your plans mentioned on the:
https://web.archive.org/web/20200421175516/https://www.nitrokey.com/news/2020/nitrokey-turns-5-roadmap-2020

A 19" networked HSM server

Please let me know, how security behind a networked key storage is provided?
Shall not a key storage be local for the host? If networked is possible then cloud too? Do you have a link on detailed description?

Physical data media destruction service (shredding)

Can you add a method to destroy HSM device with a verification by calling its some API to do so? If I remember correctly there were some IBM developments to do programmatically destroyable chips?

Merging FIDO2 capabilities with those of Nitrokey Pro and Nitrokey Storage, including a touch button

Do you have an idea of when it is possible to happen? non obligatory just a very approximated estimate like ±1 year, say 2021 or 2022?

Can you please keep producing Nitrokey Pro edition which is not flash-able by customer like it is now to avoid someone to replace the firmware silently. Do you provide some method to verify and display a firmware checksum even for a device not supporting firmware re-flashing to be sure it has a good version free of bugs?

What if even your company gets hacked for a while and we get a bunch of non re-flashable modules infected by some trojan on the market or already purchased local re-flashable keys are silently infected by a bad firmware if your master signature key is stolen sometimes?

What do you think about your company being able to defend at least itself from following threats:
https://web.archive.org/web/20200421202636/https://pastebin.com/raw/T94pemMp
https://archive.fo/XMfqj

A general-purpose secure server with Coreboot and Heads preinstalled, Measured Boot, deactivated Intel ME

Which HEADS do you refer in the context of this sentence? I know a linux distro named heads and it seems there was some firmware like related project with such name too.

Nitrokey with Bluetooth interface

Is not wireless device less secure than general USB?
What about more secure (than USB) PCI express bus?

Have a great 2020!

What about post quantum algos?
There are other company who already produce post quantum HSMs.

Hi @sanyo !
A lot of questions in a single post! Let’s divide further ones to other topics if possible, otherwise it will be hard to manage it.

  1. Nitrokey HSM server - I think more details should be announced while its ready. Could you provide answer now @jan @nitroalex?
  2. HSM device destroying through software, with verification - could you ask about that in separate topic?
  3. About FIDO2 features merging, we do not have specific schedule for that currently. My ballpark estimate is that next year might be possible.
  4. About Nitrokey Pro being not consumer flashable - yes, the smart card firmware cannot be updated, however the MCU taking care of USB communication and additional features can be. It’s possible for the customer to flash his own firmware (assuming some technical background; details on the Github), whether it’s a custom one or built by himself just to make sure of the device’s content. We do not support this process though. Since the latest firmware Nitrokey Pro allows to do the firmware update without breaking the case.
    There are no verification measures yet outside for flashing own firmware over the MCU, with a debug adapter. I think this requires another topic for further discussion.
  5. Regarding the threats model, this definitely requires a separate topic, since the answer cannot be contained in one post. Could you make one?
  6. Heads: https://github.com/osresearch/heads
  7. Regarding wireless, it is as secure as encrypted transport protocol is. BT incorrectly used is easy to hack (like the last year attack with decreasing the transport encryption key size to 1 byte). Regardless of the hardware stack it would be good to have another layer of custom encryption for the communication.
    As for the PCI express bus, that depends by what you mean ‘safe’. I have actually heard the opposite - its perfectly fine to access all memory by all devices due to lack of proper IOMMU support (see these for details post post2). Lately I have even seen a custom device/hack allowing to cheat in the Counter Strike - link. Do you mean USB sniffing by other devices on the bus?
  8. About post quantum HSM, we do not have this in plans at the moment as far as I know.