In this casual session, I will demonstrate Gnuk Token, which is built by Free Software and free hardware design. I will demonstrate NeuG standalone device, which can generate random numbers at 70KiB/s, too.
My PGP/GPG key is RSA 2048-bit now. I understand that some person doesn't want to sign my key, because it looks weaker.
I develop Gnuk, the firmware for USB Token, which is compatible to OpenPGP card, under GPLv3. My original purpose/goal was not to put a person into a dilemma: computing freedom vs. better security.
I think that I have achieved the goal somehow, and it's strong enough (RSA 2048-bit) and it's not that slow (1.4sec to sign), IMO.
It is unfortunate for me that Debian community demands RSA 4096-bit or more. Thus, another dilemma is still there; longer key length or better control of private key by Free Software.
Good news is that I have implemented Ed25519 (for signing) already, and going to implement Curve25519 (for decryption) in Gnuk. Besides, I am also GnuPG developer, and try to implement Curve25519 support now.
It will be good if GnuPG 2.1 will be released and people will enjoy Gnuk Token with Ed25519/Curve25519 until Debconf15 in Germany.
During the development of Gnuk, I develop NeuG, the true random number generator to generate private keys on the device. The entropy source is built-in A/D converter. I realized that this feature is very useful, and I build standalone device (just for generating random numbers).
FST-01 is a reference board for Gnuk/NeuG. It has STM32F103 as MCU which runs at 72MHz. It has no crypto accelerator. Schematic design and PCB design are available as free hardware design.
Material is available at gobby.debian.org: debconf14 -> bof -> gnuk
URLs: http://www.fsij.org/gnuk/ http://www.fsij.org/doc-gnuk/