- Prevent Identity Theft
- Stop Espionage & Mass Surveillance
- Prevent Data Loss
Login to websites (e.g. Google, Facebook) using secure One Time Passwords (OTP), U2F or ordinary static passwords. Login to computers and network services (e.g. SSH) using certificates.
Encrypt your emails with GnuPG, OpenPGP, S/MIME or your favourite email client. Keep your secret keys secure on your Nitrokey.
Carry important data with you, hardware-encrypted on your Nitrokey Storage device (8-64 GB). Compatible with Windows, Linux and Mac OS.
Encrypt your hard disks and files using TrueCrypt/VeraCrypt, GnuPG Tools and more. Keep your secret keys secure on your Nitrokey.
Protect your server certificates by using up to 43 ECC and 35 RSA keys with the Nitrokey HSM. Ideal for security servers.
Protect emails, files, hard drives, server certificates and online accounts using cryptography. Your secret keys are always stored securely in the Nitrokey hardware and can't be stolen. The device is PIN-protected and is secured against hardware attacks. Backups protect against loss.
Your secret keys are stored in the tamper-resistant and PIN-protected device and are secured against computer viruses, loss and theft. RSA keys of up to 4096 bit and AES-256 are supported.
The auditing company Cure53 performed an intensive security review of the Nitrokey Storage. The security expert summarize their final result with "Nitrokey is capable of functioning properly and securely". The complete final report can be downloaded publicly (Firmware, Hardware).
Both hardware and software are open-source, free software and allow independent security reviews. Customisable, no vendor lock-in, no security via obfuscation, no hidden security issues!
Unlike some competitors, Nitrokey contains a complete and standard compliant USB plug. This ensures thousands of insertions without connectivity issues.
Installed firmware can be exported and verified, preventing attackers from inserting backdoors into products during shipping. Nitrokey is open-source and free of backdoors. Secret keys are generated only by you and we have no access to your private information.
The only hardware solution with hidden encrypted storage. This allows you to plausibly deny the existence of encrypted data, for example during border controls.
Nitrokey uses open interfaces to enable its easy integration with your personal requirements. Custom solution can be provided on request.
The Nitrokey hardware functions independently of any operating systems and protects your secret keys against theft, loss, user mistakes and computer viruses.
|Nitrokey Storage 2||Nitrokey Pro 2||Nitrokey Start||Nitrokey HSM||Nitrokey FIDO U2F|
|Tamper-resistant smart card||✓||✓||✓|
|S/MIME email and hard disk encryption (X.509, PKCS#11)||✓||✓||✓||✓|
|OpenPGP/ GnuPG email encryption||✓||✓||✓|
|Secure login (One Time Passwords)||✓||✓|
|Encrypted mass storage||✓|
|Firmware updates and verification||✓||✓|
|RSA key length [bit]||2048 - 4096||2048 - 4096||2048**||1024 - 2048|
|Number of RSA key pairs||3*||3*||3*||20|
|ECC key length [bit]||256 - 512||256 - 512||256||192 - 320|
|Number of ECC key pairs||3*||3*||3*||31|
|PKI/CA management features||✓|
|Secure login (FIDO U2F)||✓|
|Factsheet||Nitrokey Storage 2||Nitrokey Pro 2||Nitrokey Start||Nitrokey HSM|
|Price||Starting from € 109.00||€ 49.00||€ 29.00||€ 59.00||€ 15.00|
* Stores the key pair (RSA or ECC, if available) for one person/identity only. Technically these are 3 key pairs because GnuPG uses subkeys.
** 4096 bit are supported but each operation takes ca. 8 seconds.