Supported Hardware

This list is not exhaustive. Especially for FIDO U2F, a lot of Security Keys exist. Here, only Security Keys are listed that have been tested by Cotech and are officially supported.

Click the product name inside the table to show more details.

FIDO U2F
(Two-factor Login)
OpenPGP Card
(for SSH, Encryption)
PIV
(for TLS, SSH)
NFC USB
req. card reader
At Cotech, we specifically choose a card vendor and develop a firmware for your purpose and cryptographic requirements.

OpenPGP Card algorithms
RSA 4096, ECDSA/ECDH (NIST P-256, NIST P-384, NIST P-521, brainpool p256r1, brainpool p384r1, brainpool p512r1)
OTG1
Web
https://www.ftsafe.com/Products/FIDO/NFC
OTG1
Gnuk is a free software implementation of an USB cryptographic token for GnuPG.

Hardware Security SDK Notes
OpenPGP key generation only supported with Gnuk >= 1.2.5
OpenPGP Card algorithms
RSA 2048 (RSA 4096 is too slow), EdDSA, ECDSA (NIST P-256, secp256k1), ECDH (X25519, NIST P-256, secp256k1)
Web
https://www.fsij.org/gnuk/
Source Code
http://git.gniibe.org/gitweb/?p=gnuk/gnuk.git
OTG1
  • Hardware revision is printed on the back: T1, T2, T3, …
  • NFC does not work prior to revision T3
  • Revision T1 of the BLE Titan Security Key revision is vulnerable
Web
https://cloud.google.com/titan-security-key
OTG1
Web
https://www.key-id.com
OTG1
Ledger Nano S is a cryptocurrency wallet that also allows cryptographic operations for other purposes.

Hardware Security SDK Notes
Currently buggy FIDO U2F support, OpenPGP card key generation not supported
OpenPGP Card algorithms
RSA 4096, EdDSA, ECDSA (secp256k1, secp256r1, brainpool 256r1 and brainpool 256t1 curves), ECDH (secp256k1, secp256r1, brainpool 256r1, brainpool 256t1 and curve25519 curves)
Web
https://www.ledger.com/products/ledger-nano-s
Source Code
https://github.com/LedgerHQ/blue-app-openpgp-card
OTG1
Nitrokey Start is a commercial version of the Gnuk token.

OpenPGP Card algorithms
RSA 2048 (RSA 4096 takes 8 seconds), EdDSA, ECDSA (NIST P-256, secp256k1), ECDH (X25519, NIST P-256, secp256k1)
Web
https://www.nitrokey.com
Source Code
https://github.com/Nitrokey/nitrokey-start-firmware
OTG1
Nitrokey Pro

OpenPGP Card algorithms
RSA 2048
Web
https://www.nitrokey.com
OTG1
Nitrokey Storage

OpenPGP Card algorithms
RSA 2048 ?
Web
https://www.nitrokey.com
OTG1
Nitrokey FIDO U2F

Web
https://www.nitrokey.com
OTG1
A Security Key with a hardware PIN pad.

Web
https://onlykey.io
OTG1
Secalot

OpenPGP Card algorithms
RSA 2048 ?
Web
https://www.secalot.com
Source Code
https://github.com/secalot
USB-C / OTG1
SoloKey

Web
https://solokeys.com
USB-C / OTG1
SoloKey Tap

Web
https://solokeys.com
OTG1

Terzor One is a cryptocurrency wallet that also allows cryptographic operations for other purposes.

Not OpenPGP Card Spec compatible

U2F Counter is restored automatically on firmwares 1.4.2 or higher.

Web
https://trezor.io
OTG1
Terzor Model T is a cryptocurrency wallet that also allows cryptographic operations for other purposes.

Web
https://trezor.io
VivoKey is an implanatable NFC chip.

OpenPGP Card algorithms
?
Web
https://www.vivokey.com/flex-one
OTG1
YubiKey NEO

OpenPGP Card algorithms
RSA 2048
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikey-4-neo/
Source Code
https://github.com/Yubico/ykneo-openpgp
OTG1
YubiKey 4

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikey-4-neo/
OTG1
YubiKey 4 Nano

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikey-4-neo/
USB-C
YubiKey 4C

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikey-4-neo/
USB-C
YubiKey 4C Nano

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikey-4-neo/
OTG1
YubiKey 5 NFC

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikeys/
OTG1
YubiKey 5 Nano

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikeys/
USB-C
YubiKey 5C

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikeys/
USB-C
YubiKey 5C Nano

OpenPGP Card algorithms
RSA 2048, RSA 4096
Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikeys/
OTG1
Yubico Security Key

Web
https://www.yubico.com/products/yubikey-hardware/compare-yubikeys/

  1. USB On-The-Go (OTG) adapter can be used to connect USB-A security keys to USB micro or USB-C smartphones.

A lot of different form factors are supported by the Hardware Security SDK.