Gnuk 2.2 and Gnuk NEXT

Speaker: NIIBE Yutaka

Track: Security

Type: Short talk (20 minutes)

Room: Bada

Time: Jul 29 (Mon): 16:30

Duration: 0:30

Gnuk is an implementation of USB cryptographic token for GnuPG.

Since its start in 2010, it has been used by users who care about how/where to store their private keys. Distinct advantage has been that it allows/encourages use of DIY hardware explicitly.

In 2024, Gnuk 2.2 is released. Major changes are removal of some features from Gnuk 1.2. It now only supports ECC crypto (Ed25519, Ed448, Curve25519 and X448). Important change is that KDF-DO feature is now mandatory, so that private keys remain somewhat safer even if MCU flash will be attacked and extracted.

Next development version of Gnuk, called Gnuk NEXT, is now in consideration. Development topics includes following:

  • Kyber support for PQC decryption
  • RISC-V MCU support
  • No CCID (vender specific protocol)
  • USB communication encryption, perhaps

In this talk, I explain Gnuk development history, its major use case (of mine), Gnuk 2.2 updates, and a plan/progress of Gnuk NEXT.

URLs