What can I use the device for?
It can be used to encrypt e-mails and data on the computer, for authentication at local computers but also at remote network services. For instance it can be used with Firefox to authenticate on remote websites (which support certificate authentication), and with SSH or VPN solutions for remote authentication.
Which systems and applications are supported?
Windows, Linux, and MacOS. Applications: Thunderbird, Evolution, Outlook, Firefox, TrueCrypt, Gnu Privacy Assistant, PAM (Linux user authentication for login).
How large is the storage capacity?
The current version cannot store any ordinary data. Instead it is intended to store cryptographic keys. A later version 2 will be capable to store and encrypt ordinary data.
How many keys can I store?
The Crypto Stick can store three keys. All keys use the same identity but are used for different purposes: authentication, encryption and signing.
What is the maximum supported key length?
3072 bit keys with GnuPG up to 2.0.17, 4096 with GnuPG 2.0.18.
Which algorithms are supported?
RSA is supported. The additional symmetric encryption is performed at the computer. This means that AES for example is computed at the computer and only the session key is send to the Crypto Stick to be decrypted by RSA.
Can I backup the internal keys?
Yes, at time when generating new keys only. If you use Thunderbird for instance it allows you to do a backup when generating new keys. Technically the keys are generated on your computer, backed-up, and then loaded to the Crypto Stick so that they cannot leave it afterwards. Alternatively you can generate keys on the Crypto Stick directly but this does not allow a backup.
How fast is it?
The Crypto Stick can be used to encrypt large amount of data without any performance reduction. This is because of hybrid encryption approach. It means that AES for example is used to encrypt gigabytes of data at the computer and only the session key is send to the Crypto Stick to be decrypted by RSA.
When will version 2 become available?
Within 2011.
Can you tell me more about version 2?
Additionally to the storage of cryptographic keys, it will contain an ordinary mass storage. This storage will be automatically encrypted in the device itself. No additional software is required.
How to reset a Crypto Stick
WARNING: Don't run the commands given below on version 1 OpenPGP Card - you will brick the card.
Download this file
Open a command prompt (terminal) and run "gpg-connect-agent < cryptostickreset.txt".
