Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 659620 - Please look into possibilities of providing crypto/enhanced security hardware to developers (GnuPG, Nitrokey)
Summary: Please look into possibilities of providing crypto/enhanced security hardware...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Foundation
Classification: Unclassified
Component: Proposals (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Board of Trustees
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-29 20:25 UTC by Michał Górny
Modified: 2019-06-03 02:56 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2018-06-29 20:25:26 UTC
The GitHub takeover has resulted in reviving some of the discussions regarding crypto hardware.  Someone mentioned that Linux Foundation has made a deal with Nitrokey regarding equipping kernel devs with crypto hardware [1].  I would like to officially ask Trustees to look into the possibilities of equipping Gentoo devs with some kind of crypto hardware as well!

Since I'm not really up-to-date with all the fancy things, I'm CC-ing crypto@ for opinion on what kind of hardware could be of specific interest.

As to exact details of how to arrange it and for whom, I leave that up to Trustees.  I suppose we may want to set up some limitations (like minimal time in Gentoo).  It would be nice to try to cut a deal with some vendor (alike what LF did) or possibly find a sponsor.  Funding them from Gentoo money could be blurry legally, even if we can prove it's for the best interest of Gentoo.

[1]:https://www.nitrokey.com/news/2018/nitrokey-partners-linux-foundation-equip-all-linux-kernel-developers-nitrokey-usb-keys
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2018-06-29 20:44:10 UTC
[personal note: Even if getting sponsored equipment would always be nice, I don't really see it as the responsibility of the foundation to provide this to devs. Even if we got it, you'd incur shipping costs etc. This is cheap enough that you'd likely expect the developer to fund it out of their own pocket, similar to having a computer to begin with]

In terms of options, there are incoming patches to gnupg about using the in-built laptop TPM, see e.g FOSDEM talk here https://fosdem.org/2018/schedule/event/tpm/ , which reduces costs on many levels.

The most open alternative is gniibe's token / gnuk , but due to no HW acceleration that is rather slow for RSA although decent for ECC (but for various (good) reasons we don't offer that as an alternative in GLEP 63)

So directly token-wise that leaves youbikey and nitrokey (the cheaper nitrokeys are based on gnuk so has same slowness for rsa). For youbikey I'm quite fond of my v3 but they went closed source for v4 so I wouldn't really recommend them on principle grounds.

Then I'm more in favor of gemalto card reader with sim-breakout openpgp smartcard ( see e.g https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3?c=11 , I don't immediately see their usb token size reader on that website any longer)
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2018-06-29 21:38:27 UTC
<hat type="treasurer">
While the costs may seem low for people in the Western world, they are not cheap to everybody. I would strongly encourage that there is an option to fund it for those who cannot otherwise do so. The Foundation CAN afford it, and it could be easily argued that it was a requirement vs personal benefit.
</hat>
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2018-07-03 22:31:19 UTC
Can some of the security & crypto people comment or work towards a minimum set of requirements? Ideally have your discussion on another list, and present the results on wiki, linked here.
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2018-07-03 22:58:52 UTC
(In reply to Robin Johnson from comment #3)
> Can some of the security & crypto people comment or work towards a minimum
> set of requirements? Ideally have your discussion on another list, and
> present the results on wiki, linked here.

Clarification: k_f did a product comparison above. I'm asking for requirements by which to evaluate what the product choice should be. e.g. which of gniibe or the various NitroKey & Yubikey models fit the requirements.
Comment 5 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-07-04 00:05:32 UTC
This is to document the Nitrokey options.

Information obtained from:

https://www.nitrokey.com/#comparison

Options available:
Nitrokey Storage (Exceeds requirements and is expensive.  Contains an encryptable mass storage)
Nitrokey Pro (Meets requirements)
Nitrokey Start (Meets requirements)
Nitrokey HSM (Does not support email encryption and is designed to store a lot of keys.  Does not meet requirements for single developer-use)
Nitrokey FIDO U2F (Available end of summer, but does not meet requirements)

Nitrokey Start (€ 29.00)
    - Does not support OTP
    - Supports 2048-4096 (4096 is not recommended due to operation time)
    - Supports 3 RSA key pairs
    - Supports 3 ECC key pairs
    - Firmware updates supported
    - Not considered tamper-resistant.

Nitrokey Pro (€ 49.00)
    - Supports OTP
    - Password manager built-in
    - 1024-4096 (No warnings regarding operation times at 4096)
    - Supports 3 RSA key pairs
    - No ECC support
    - Tamper-resistant
Comment 6 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-07-04 02:32:44 UTC
(In reply to Aaron Bauman from comment #5)
> This is to document the Nitrokey options.
> 
> Information obtained from:
> 

prometheanfire has shared that Nitrokey does offer updates for the pro:

https://github.com/Nitrokey/nitrokey-pro-firmware/releases
Comment 7 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-08-08 01:08:08 UTC
Update: We have received a quote from Yubikey and are pending a quote from NitroKey.  

Alice has also suggested products from https://www.u2fzero.com/ which I am currently looking into.  This will be added to the overall quotes and documentation submitted to the board for voting.
Comment 8 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-08-12 15:12:31 UTC
Quote received from Nitrokey for the Nitrokey Pro and shipping.
Comment 9 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-08-19 17:33:17 UTC
Email sent to trustees@ with the quotes and comparisons between the two vendors who provided them.

Additionally, (2) motions were requested for action at the AGM.
Comment 10 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2018-09-16 22:30:49 UTC
Per the trustees meeting of 2018/09/15, the Trustees passed on the following motions:

#agreed We shall spend Foundation funds to buy keys for Gentoo developers, for GPG signing.
#agreed We will more forward with the Nitrokey agreement
#agreed The agreement shall cover potential future developers and will require annual renewal

The following motion did NOT pass at this time:
Should the Foundation spend funds to purchase hardware tokens for 2FA purposes?


As a procedural followup, please ensure all submitted motions are present in the agenda. This item was nearly left off because got lost from the agenda.
Comment 11 Chí-Thanh Christopher Nguyễn gentoo-dev 2018-09-21 11:59:47 UTC
I hope this is the correct place to ask/point out, but there are two versions of the Nitrokey Pro.

The original Nitrokey Pro, which does not support ECC:

(In reply to Aaron Bauman from comment #5)
> This is to document the Nitrokey options.
[...]
> Nitrokey Pro (€ 49.00)
[...]
>     - No ECC support

And the Nitrokey Pro 2, which supports ECC and has its product page linked in the gentoo-nfp announcement: https://archives.gentoo.org/gentoo-nfp/message/43c7979ddbd3169ab65737538bf82a75

Is there a clarification available whether the agreement is about Nitrokey Pro Version 1 or Version 2?
Comment 12 Thomas Deutschmann gentoo-dev 2018-09-21 12:29:56 UTC
This is even more complicated. To my knowledge, only "Nitrokey Start" will support Curve25519 (and any other curve is not really what we want).
Comment 13 Alec Warner archtester Gentoo Infrastructure gentoo-dev Security 2018-09-21 13:10:03 UTC
(In reply to Thomas Deutschmann from comment #12)
> This is even more complicated. To my knowledge, only "Nitrokey Start" will
> support Curve25519 (and any other curve is not really what we want).

Glep53 clearly states:

"""
Primary key and the signing subkey are both of type EITHER:
RSA, >=2048 bits (OpenPGP v4 key format or later only)
ECC curve 25519.
"""

So EC25519 support is not required provided the keys do RSA >=2048 (and they do.) Note that I expect the lifetime of the keys to be 2-4 years, and we can always change which keys the agreement is about and do a refresh over time.

E.g. 5 years from now everyone will probably be on "key v2"; whatever that key is; presuming we continue funding this program.

-A
Comment 14 Alec Warner archtester Gentoo Infrastructure gentoo-dev Security 2018-12-26 18:51:40 UTC
(In reply to Robin Johnson from comment #10)
> Per the trustees meeting of 2018/09/15, the Trustees passed on the following
> motions:
> 
> #agreed We shall spend Foundation funds to buy keys for Gentoo developers,
> for GPG signing.
> #agreed We will more forward with the Nitrokey agreement
> #agreed The agreement shall cover potential future developers and will
> require annual renewal
> 
> The following motion did NOT pass at this time:
> Should the Foundation spend funds to purchase hardware tokens for 2FA
> purposes?
> 
> 
> As a procedural followup, please ensure all submitted motions are present in
> the agenda. This item was nearly left off because got lost from the agenda.

Just as a followup, we are currently going through the process of signing a contract with Nitrokey although I suspect Holiday Vacations to delay final signing until the 2019 calendar year. Prospects are good that signature will happen in early January.

-A
Comment 15 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2019-01-13 00:47:48 UTC
(In reply to Chí-Thanh Christopher Nguyễn from comment #11)
> Is there a clarification available whether the agreement is about Nitrokey
> Pro Version 1 or Version 2?
Nitrokey Pro v2 specifically
Comment 16 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-04-15 22:22:18 UTC
security has provided their input regarding this already.  security out.
Comment 17 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2019-06-03 02:56:03 UTC
This has been completed!