[Gnuk-users] Gnuk, Nitrokey and upstream contributions

Tue Sep 8 04:55:03 UTC 2015

On 09/08/2015 04:51 AM, Nico Rikken wrote:
> The Gnuk presentation during DebConf Portland has introduced me to the
> concept of software-defined crypto modules, and this really clicked with
> me.

Thank you.  Perhaps, you will like our presentation at DebConf
Heidelberg.

    More Entropy, Please!:
    http://meetings-archive.debian.net/pub/debian-meetings/2015/debconf15/More_Entropy_Please.webm

    Please More and More "More Entropy, Please!":
    http://www.gniibe.org/memo/development/gnuk/rng/please-more-and-more-mep.html

I only say "more" for this thing.

Well, someone kindly uploaded it to YouTube:
    https://www.youtube.com/watch?v=9IwMzzVd6J4

> As the Nitrokey (prev: Cryptostick) models have become available, I  can
> now easily acquire a software-defined stick for use on a daily basis.
[...]
> 1) Nitrokey offers two sticks, the Start and the Pro. Only the Start is
> said to be based on the Gnuk firmware. Would I be able to participate
> with upstream development with the Pro model? Or would I be able to
> eventually get some of the Pro-only features (4096bit keys, One Time
> Passwords) on the Start as Gnuk progresses?

IIUC, Nitrokey Pro uses smartcard module (with hardware accelerator).

My position is that:

    There should be more devices which store private keys in safe.
    It's users who decide details of how they can control the
    computing.

    I support the solutions: (1) OpenPGPcard + card reader, even
    though it includes proprietary firmware here and there.
    (2) Yubikey and Nitrokey Pro, even though a part of the
    cryptographic computation is not by Free Software.
    (3) Gnuk Token, even though it's not super fast.

    I assume that Yubicom and Nitrokey can attact "ordinal" users
    so that Gnuk development can remain calm and solid.

For me, Nitrokey Start is very good news, because it is available to
Europe.  (I don't know details of regulations, but, when I talked to a
distributor in Europe about FST-01, they said about CE mark and WEEE
regulations.  Unfortunately, I didn't put the CE logo on FST-01,
because I didn't know it at that time.  Since I don't have time to do
everything for exporting FST-01 to Europe by myself, arrangement of
bulk distribution to Europe doesn't become real yet.)

I don't know yet about Nitrokey Pro, but I'm sure that it's good than
arbitrary card readers of proprietary firmware.  Those tokens like
Yubikey or Nitrokey Pro have more good tests with GnuPG than any
card readers.

While Gnuk experimental version 1.1.7 supports RSA 4096-bit key, it
takes long time to sign (it's more than 8 seconds).

While I understand that some users (or "the market") want "more
features", I think that most important feature of Gnuk and FST-01 is
minimalist design.  So, adding more and more features to Gnuk is not
my own option.  Since Gnuk is Free Software, it is free for anyone to
extend Gnuk in whatever direction, though.

I don't use One Time Password daily.  I use it when I have to do so.
Usually, it is based on the technology of shared secret, and shared
secret is also under control of other entity (not only by its users).
In my own opinion, it is better not to integrate such a technology
into Gnuk, which handles private keys of the public key technology.
Those two are separate technologies.

If it's for web authentication, I think that One Time Password is a
kind of being obsolete, and industry prefers public key technology,
like U2F.

For U2F support, I don't like "special" thing.  I believe that it's
(technically easily) possible for us to write a U2F module which
connects to gpg-agent to ask digital signing for the authentication.
The solution itself shouldn't require a separate dedicated device.
Only users who want to separate private key management into dedicated
device should do so (by Gnuk Token or any other devices).

> 2) Is there any way I can contribute to Gnuk as a user with a Nitrokey
> on my hands? Say by running a beta-version or by running (distributed)
> tests on the hardware to validate randomness?

I'm sure that you are GnuPG users already.  This encourages me a lot.
If you use _any_ devices with SCDaemon of GnuPG, it's my pleasure,
too.

Please note that while it's getting better, SCDaemon of GnuPG itself
is yet not that mature, requiring more improvements.

> 3) Would a firmware-upgrade remove or modify my stored key, requiring me
> to have a back-up at hand, or use a dedicated Nitrokey for development?

IIUC, there is no firmware-upgrade for the smartcard module in
Nitrokey Pro.  Reasonable firmware-upgrade process should remove all
of secret data before proceeding to upgrade of code, since the upgrade
process itself will be able to be a hole to access secret data.

So, I usually recommend to have a back up for private keys.

> Are there any ways to financially donate to the Gnuk (and related)
> project?

Not, particularly.

Here is a situation of mine.

Since this April, my work for GnuPG is financially supported by
g10code GmBH.  When I visit abroad, Free Software Initiative of Japan
supports my travel (see my another post:
http://lists.alioth.debian.org/pipermail/gnuk-users/2015q3/000251.html
).
Free Software Foundation kindly helps distribution of the NeuG USB
True Random Number Generator (= NeuG 1.0.1c on FST-01) since this
March.

Unfortunately, Free Software Initiative of Japan doesn't accept
donation from abroad.  That's because some extra paper work would be
required for the organization, and they have enough financial asset.

FST-01 does not sell a lot (thus, we still have enough stocks).  But,
when I bring those to conferences, people kindly buy.  That's my
pleasure.  For Debconf15, it sold out all and the sales could
compensate the expense of stay of our family.  Great.  If the profit
could compensate the cost, it could be more like real business.
Still, I believe that I could deliver technology to those who need,
that's important, too.

Even though FST-01 does not generate much profit, it did somehow.
Using the profit of FST-01 selling, I designed a board of Flying
Hacker's Emblem.  The intention is to invite more developers into Gnuk
and NeuG.  Cortex-M0 @ 48MHz could be a candidate for ed25519/cv25519.

    FSM-55 LED Matrix Display:
    http://www.seeedstudio.com/depot/FSM55-LED-Matrix-Display-p-2121.html

FSM-55 does not sell a lot, either.  Still, some users enjoy it.

> I hope you can lower the barrier for me to contribute to this project.

Yes.  Pardon if the barrier exists.  It's totally not my intention if
any.  It just means I don't have enough resource and time.

Please note that Gnuk does not exist alone.  Gnuk Token is one of
reference devices for SCDaemon of GnuPG.  We have been sharing
improvements, together.  And FST-01 wasn't here without KiCAD.

If you care about enclosure, could you please consider something like
this project:

    https://www.crowdsupply.com/crowd-supply/armory-mk1-enclosure

For my tamper resistance, mine is like:

   http://www.fsij.org/gnuk/customizing-gnuk-token.html

I know that publishing the photo kills the purpose, because some
malicious guy can prepare attacks looking the photo.  There would be
some modifications on top of it, though.

> In any case I love the achievement you've reached so far, this is
> important work!

Thank you!
-- 