“Nitrokey is capable of functioning properly and securely”
“Nitrokey is capable of functioning properly and securely” - That is one of the final conclusions of an intense security review performed by security experts from the auditing company Cure53. A team of software security and hardware security experts under the lead of Dr.-Ing. Mario Heiderich analyzed the Nitrokey Storage hardware and firmware as well as the Nitrokey App over a period of eleven days. The security audit has been sponsored generously by the Open Technology Fund which we thank very much indeed! The final report can be downloaded here (firmware, hardware).
Update, 24.6.2016: Contrary to the statement in the report, an active security bit prevents any firmware update. As a consequence the security bit is disabled by default and can be activated by the user. Note that this prevents all future firmware updates and can not be undone! We will consider activating the bit by default when we are certain that no update will be necessary anymore.
“The Nitrokey has a lot of potential”
Cure53 performed a very detailed review of the Nitrokey Storage and states: “Nitrokey marks an interesting idea among the approaches thriving towards enhanced user-privacy, data security and tamper-safety. Contrary to the software-only products, Nitrokey is capable of functioning properly and securely even if the machine that the hardware is being used on is infected by Malware or suffers from comparable problems.”
When will Nitrokey Storage be available?
The good auditing results from Cure53 are a motivating feedback for our whole team and mark a significant milestone in the development process. From now on the development will focus on non-security areas such as stability of the USB interface, usability of the App and development of a new casing. Still we need your support in growing our fantastic Nitrokey community and be able to publish the Nitrokey Storage.
You may also be interested in reading when will Nitrokey Storage be available?