Hardware-enhanced security

Key to Security

Password Management

The Nitrokey Storage 2 comes with an integrated password manager. You may use your Nitrokey alongside the Nitrokey App to store your passwords within the Nitrokey secure storage. The passwords stored in such a way will only be accessible by using the correct PIN (Figure 5).

Figure 5: The User PIN may be used to retrieve a password stored within the Nitrokey. The drawback of this approach is that, once the Nitrokey gives the password over to the operating system, it could be stolen if the operating system is compromised.

The main limitation of the integrated password manager is that it has room for only 16 passwords. My personal collection of passwords has more than 150 entries in it, so the Nitrokey falls short. Moreover, the integrated password manager does not offer a high level of protection because it does not conceal the passwords themselves from the operating system as well as it does with private OpenPGP keys.

The Pass password manager can take advantage of the Nitrokey and be configured to use the keys stored within to manage stored credentials. The Nitrokey must be plugged in and the PIN entered to access the passwords managed by Pass. The documentation also points out that KeePass can be configured in a similar way [7].

One-Time Passwords

Although the Nitrokey is not much better than a software password manager, it hides an ace up its sleeve: one-time passwords (OTPs), which are useful for services that support two-factor authentication (2FA).

Websites that support OTP-based 2FA work by generating an OTP secret key, which you must store in a secure device (e.g., the Nitrokey); then, each time you attempt to access the website, it asks for both your regular password and a one-time password (Figure 6).

Figure 6: The Nitrokey adds security to certain web accounts by enabling 2FA. Once enabled, 2FA requires the appropriate Nitrokey and the password for logging in.

One-time passwords are strings generated as a function of the OTP secret and a predictable factor (e.g., time). The user is expected to use the Nitrokey to generate a one-time password, which will only be valid for a short amount of time (typically less than a minute), that the website will recognize.

One-time passwords are very strong because sniffing them is useless. They are ephemeral, and a given OTP will never be used again. To break 2FA, an attacker would need both your regular password and your OTP secret. Because the OTP secret resides only within the Nitrokey, the attacker would need to get the Nitrokey itself and the PIN to access the OTP secret and generate one-time passwords that a website will recognize as yours.

Breaking 2FA is not trivial. Then again, the Nitrokey represents a massive step up from regular password authentication. However, a multitude of free software implementations exist for OTP. Most users of OTP-based 2FA just install an application such as mobile OTP (mOTP) in their smartphones for the same effect. Although it might be argued that a smartphone is less secure than the Nitrokey, because a smartphone can suffer malware attacks more easily than a Nitrokey, I am not convinced the security gain is high enough to justify the expense. (See the "Why Not 2FA?" box.)

Why Not 2FA?

Two-factor authentication is great when it works, but my experience is that it is awful when it doesn't.

I have seen some forums, Cryptocoin exchanges, and businesses implement 2FA because of the security gain. Somebody who has 2FA enabled won't have their account compromised unless both the password and the OTP device (Nitrokey, smartphone, or similar token) are compromised. However, small sites short of personnel tend to crumble under an avalanche of support requests from users soon after 2FA is implemented.

The reason is that if the device that contains the OTP secret is lost, the user can no longer access the service. Most users don't make backups of their OTP secret, which means most users will eventually lose it and send a support request to the website operator.

On serious websites there is no such a thing as an automated 2FA reset. The banks I work with will have the user walk into an office to prove their identity before access is restored. After all, if something is valuable enough to protect with 2FA, it is probably too valuable to consider sending a reset link to an email address. Email accounts are usually protected by a traditional password: If your bank was willing to send you a credentials reset link by email, an attacker would only need to break into your email account (which is protected by a single factor of authentication) and request a reset to the bank. This would downgrade 2FA to "1FA" and render the whole system pointless.

Therefore, users who want to protect their digital life ought to make a backup of their 2FA device, and administrators of sites that want to deploy this technology need to be aware of the costs. The resources to be spent in a user support department will probably increase more than expected.

Encrypted File Storage

The Nitrokey Storage 2 works as an encrypted pen drive. Files stored within the Nitrokey Storage 2 unit won't be accessible unless the correct PIN is entered – and the number of tries is limited to protect your data against theft. The Nitrokey is much more safe than a regular pen drive for storing sensitive files.

Most home users who want to encrypt the content of their USB drives opt for software solutions such as VeraCrypt or dm-crypt, which are free of cost, quite convenient, and very safe. The drawback to these tools is that they are vulnerable to keyloggers and malware: If you enter a VeraCypt password in a computer that has a keylogger reporting your activity to an evil entity, your security will be broken.

The Nitrokey fails to counter this vulnerability because a PIN can be sniffed as easily as a regular password. Although the feature worked as intended during my tests, I think it does not add much security in this regard.

On the other hand, hidden volumes are supported (see the systray applet menu in Figure 3). Hidden volumes are concealed filesystems that provide plausible deniability, whose existence cannot be proven, and are hidden within the regular encrypted storage. (See the "Is Plausible Deniability Safe?" box.) The intention is for the user to have innocuous files in the regular encrypted storage and the top secret data kept within a hidden volume. Were the Nitrokey to be stolen and its owner captured and tortured for the password, the user could provide the PIN for the regular encrypted storage and convince the captors that its contents are the only thing stored in the encrypted vault. The hidden data would remain concealed and thus safe.

Is Plausible Deniability Safe?

The main problem with plausible deniability is that, although it is impossible to prove the existence of hidden information within the device, it is impossible (in practice) to prove that a hidden volume does not exist.

Imagine a terrorist organization steals your Nitrokey and kidnaps your hamster. When they phone you and tell you they are going to torture your hamster until you reveal the password of the hidden volume, if the Nitrokey does not have a hidden volume, the terrorists will torture your hamster forever because they have no way of knowing whether it has concealed data or you are lying.

Even if you reveal the password of a hidden volume, the terrorists will threaten to keep torturing your hamster unless you reveal the password of the hidden volume stored within the hidden volume. (Yes, some cryptosystems can stack multiple hidden volumes.)

Game theory, then, suggests that plausible deniability might be a liability (assuming you care for your hamster) because your enemies have no reason to stop pressing on. The possibility always exists that more information is hidden that you don't want to reveal, so the incentive is to keep torturing your hamster. Meanwhile, your best alternative is not to reveal the passphrase because you know they are not going to stop the torture, no matter what you give them.

One idea is that plausible deniability systems of this sort are extremely valuable to the owner of the data as long as that owner is not the person who has the passphrases. For example, if you are an executive and you hand a Nitrokey to your assistant to store some top secret files on it, you may rest assured she won't reveal the password of the Nitrokey, even if they threaten to torture her hamster. She would know that talking would not save her pet.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Cryptographic key access in the cloud
    Cryptographic keys, usually available locally but not on remote computers, can be accessed for use in cloud environments.
  • Safe Files

    Encrypting your data is becoming increasingly important, but you don’t always have to use an encrypted filesystem. Sometimes just encrypting files is enough.

  • Efficient password management in distributed teams
    Team members often need certain information to authenticate against servers. You don't want to save this secret data in plain text, but you don't want to retype it every time, either. How can you share these secrets?
  • Password management with FreeIPA
    Passwords should be safe, but easy to remember – a contradiction that can be difficult to resolve. One remedy is a password manager that stores all passwords centrally. The open source tip this month shows a different approach: FreeIPA.
  • Posteo, Mailbox.org, Tutanota, and ProtonMail compared
    Encryption and server locations in Germany and Switzerland are sought-after attributes in the search for a more secure and reliable email service. We compare four providers who promise to protect your privacy.
comments powered by Disqus