Header Image

Protect emails, files, hard drives, server certificates and online accounts using a physical USB key.

  • Prevent Identity Theft
  • Stop Espionage & Mass Surveillance
  • Prevent Data Loss
Made in Berlin, Assembled in Berlin

Nitrokey enables:

  • Secure Login

    Login to websites (e.g. Google, Facebook) using secure One Time Passwords (OTP), U2F or ordinary static passwords. Login to computers and network services (e.g. SSH) using certificates.

    read more
  • Email Encryption

    Encrypt your emails with GnuPG, OpenPGP, S/MIME or your favourite email client. Keep your secret keys secure on your Nitrokey.

    read more
  • Encrypted Mobile Storage

    Carry important data with you, hardware-encrypted on your Nitrokey Storage device (8-64 GB). Compatible with Windows, Linux and Mac OS.

    read more
  • Hard Disk & File Encryption

    Encrypt your hard disks and files using TrueCrypt/VeraCrypt, GnuPG Tools and more. Keep your secret keys secure on your Nitrokey.

    read more
  • Server Protection

    Protect your server certificates by using up to 43 ECC and 35 RSA keys with the Nitrokey HSM. Ideal for security servers.

    read more
Illustration: How Nitrokey works

How Nitrokey works

Protect emails, files, hard drives, server certificates and online accounts using cryptography. Your secret keys are always stored securely in the Nitrokey hardware and can't be stolen. The device is PIN-protected and is secured against hardware attacks. Backups protect against loss.

Nitrokey is better:

  • High Security

    Your secret keys are stored in the tamper-resistant and PIN-protected device and are secured against computer viruses, loss and theft. RSA keys of up to 4096 bit and AES-256 are supported.

    read more
  • Independent Security Assessment

    The auditing company Cure53 performed an intensive security review of the Nitrokey Storage. The security expert summarize their final result with "Nitrokey is capable of functioning properly and securely". The complete final report can be downloaded publicly (FirmwareHardware).

  • Open Source

    Both hardware and software are open-source, free software and allow independent security reviews. Customisable, no vendor lock-in, no security via obfuscation, no hidden security issues!

  • Complete USB plug

    Unlike some competitors, Nitrokey contains a complete and standard compliant USB plug. This ensures thousands of insertions without connectivity issues.

  • No Backdoors - No NSA

    Installed firmware can be exported and verified, preventing attackers from inserting backdoors into products during shipping. Nitrokey is open-source and free of backdoors. Secret keys are generated only by you and we have no access to your private information.

  • Plausible Deniability

    The only hardware solution with hidden encrypted storage. This allows you to plausibly deny the existence of encrypted data, for example during border controls.

  • Easy Integration

    Nitrokey uses open interfaces to enable its easy integration with your personal requirements. Custom solution can be provided on request.

  • Better Than Software

    The Nitrokey hardware functions independently of any operating systems and protects your secret keys against theft, loss, user mistakes and computer viruses.

The Nitrokey Family

  Nitrokey Storage Nitrokey Pro Nitrokey Start Nitrokey HSM Nitrokey FIDO U2F
Made in Berlin, Assembled in Berlin Nitrokey Storage Nitrokey Pro Nitrokey Start Nitrokey HSM Nitrokey U2F
Open source
Tamper-resistant smart card    
S/MIME email and hard disk encryption (X.509, PKCS#11)  
OpenPGP/ GnuPG email encryption    
Secure login (One Time Passwords)      
Password Manager      
Encrypted mass storage        
Hidden volumes        
Firmware updates and verification      
RSA key length [bit] 1024 - 4096 1024 - 4096 2048 1024 - 2048  
Number of RSA key pairs 3* 3* 3* 35  
Number of ECC key pairs     3* 43  
PKI/CA management features        
Secure login (FIDO U2F)        
Price Starting from € 109.00 € 49.00 € 29.00 € 59.00 € 15.00
  Buy Buy Buy Buy Pre-Order

Stores the key pair (RSA or ECC, if available) for one person/identity only. Technically these are 3 key pairs because GnuPG uses subkeys.

Our Customers

ABB Group Österreichische Staatsdruckerei Diehl Kühne + Nagel Nvidia Red Hat Max-Planck-Gesellschaf Uber Technische Universität Wien BBC Google SUSE DFN-CERT Cisco VISA Bosch Ministère de l'Intérieur UBS Diebold Nixdorf Adobe Systems Linde AG Mozilla T-Systems GE Healthcare Dropbox


  • RSA-2048 Becomes Increasingly Insecure
    24th Oct 2017
  • Researchers discovered the ROCA vulnerability (CVE-2017-15361) which enables attackers to compute their victim's private RSA keys with little effort. Affected are RSA keys being generated in various hardware systems which contain the vulnerable chip from Infineon Technologies, such as computers with a Trusted Platform Module (TPM), smart cards and USB dongles.
    20th Oct 2017
  • Nitrokey Encryption Tool
    Do you need strong hardware-based encryption for your own software but are afraid of it's complex integration? Here is a solution for you. The Nitrokey Encryption Tool is a command line interface application which uses on-device RSA keys to encrypt/decrypt AES keys used in turn to encrypt user data. This way you don't need to deal with hardware integration or more complicated RSA.
    17th Oct 2017

Nitrokey - Made in Berlin