Which U2F Key?

Zahox

Guys what do you use as U2F Key? I used Trezor Safe 3 before but I did not like that it needs Google Play Services. From this point I like Nitrokeys more, because they don't need it. Nitrokeys on the other hand are with fingerprint which is a problem because of enforcing compared to Trezor Safe which are with pin and kill pin to delete the device. And now there is Trezor Safe 7 with quantum ready security and new + first auditable secure element. But on the other hand, trezor safe 7 has more attack surface because of wireless and bluetooth. Trezor Safe 3 has attack surface too because of crypto possibility. So I tought Nitrokey could be more secure because of less attack surface but I'm unsure what to do honestly...Which U2F Key is the most secure and private one for U2F only?

DeletedUser499

Zahox
I didn't like Nitrokey, they looked and felt like a cheap toy. Also it was easy to disassemble the key with your fingernails, revealing the circuit board.
Yubikey which you did not mention are far better, solid and to get inside you virtually destroy it.
So to answer your post " which U2F key". Yubikey.

xxx

Zahox Nitrokeys

Nitrokey is fine. I have one (older) model.

fid03

Zahox https://discuss.grapheneos.org/d/17614-which-u2f-key-is-the-most-secure/23

mmobder

Any reason you've skipped popular yubikey?

Zahox

mmobder They have security vulnerability as fas as I know.

Zahox

DeletedUser499 That's true, they feel cheap. I would rather prefer Trezor over YubiKey then.

LeslieFH

I'm using the chapest yubikey NFC and it works quite well, no advanced features but I just need the U2F token.

mmobder

Zahox

Zahox They have security vulnerability as fas as I know.

like? any link?

chinook

mmobder https://www.yubico.com/support/security-advisories/ysa-2024-03/

https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/ likely.

No longer present but significant for the highest profile targets indeed.

Zahox

mmobder GrapheneOS recommends using pixels instead because of the secure element. It's more hardened.

Blastoidea

Zahox

It was my understanding that GrapheneOS can only be installed on, and only runs on pixels.

That’s a bit more than a “recommendation”.

Probably9857

Zahox GrapheneOS recommends using pixels instead because of the secure element.

I think this requires some clarification.

If you're referring to the social media posts about how GrapheneOS will manage their signing keys, that is a very specific use-case, involving an app that they will develop themselves, and a dedicated device that is likely mostly or entirely offline.

Using your daily driver to store important private keys would be a very different thing. It would depend a lot more on the threat model and use-case, and I don't think you can make that kind of blanket statement about it.

schweizer

Zahox By no means I would recomme d to store important private keys in GrapheneOS. Hardware keys are far superior. And they work fine with GOS so it is complementary. I.e. if you use a TOTP on your mobile it is not anymore a second factor because it runs on the same device. But with a hardware security key it is.

I like yubikey because of their software support. But my Trustkey is fine as well it just needs admin rights on Windows. My tinyest token is a Neowave badgeo where I extracted the chip. So I have a FIDO2 device of the size of a fingernail (NFC only).

Probably9857

Blastoidea It was my understanding that GrapheneOS can only be installed on, and only runs on pixels.

That’s a bit more than a “recommendation”.

The question is about using a Pixel specifically for hardware key storage (as an alternative to a Yubikey, for example).

Zahox

Blastoidea I meant hardware keys have a weaker secure element than using a Pixel with GrapheneOS.

Zahox

Probably9857 I think you did not fully understand me. I meant using for example Aegis on Pixels with GrapheneOS is more secure than an hardware key because the pixel secure element is stronger than from hardware keys. Pixels secure element is more hardened. And I did not make any statement, I just shared what GrapheneOS did recommend me, when I asked.

Probably9857

Aside from any specific vulnerabilities, the fundamental issue with Yubikeys is that you can't update the firmware.

When vulnerabilities are inevitably discovered, you have to replace your devices. That's a huge inconvenience. In practice, most people won't do it.

xxx

Probably9857 Yubikeys is that you can't update the firmware

Yeah. Avoid

Zahox

Probably9857 That's not an argument honestly. I did use Trezor Wallets and Nitrokey but they have weak points like Bluetooth, Wifi and more attack surface, compared to using a Pixel without this attack surface and more secure and hardened secure element.

Zahox

xxx I had them before and I don't have a good opinion about them or hardware keys in general. Because how will you be sure that those companies really have a secure and hardened secure element? Most of them don't have the resources or interest in doing it right.

Zahox

schweizer Why should I trust you more than GrapheneOS which work to improve security and privacy? And no hardware keys are not far superior, they are behind on hardening the secure element like Pixels. And your point that Apps for 2FA are not second factor is just wrong. And Windows is not secure either like most desktop OS. Those hardware keys you mentioned have less research and resources for making it secure. Google has the best research for security and privacy. And the NFC is an attack surface too, which you would not have with Pixels. Those hardware keys often have many vulnerabilities.

xxx

Zahox
Nitrokey is opensource so you can check ;-) They work with the same hardware as solokey? Not sure.
To my knowledge their products are 'fine'.