Purism announced yesterday that its highly anticipated Librem Key USB security key is available for purchase as the first and only OpenPGP-based key to feature Heads firmware (company exclusive) integrated with a tamper-proof boot.
Developed in conjunction with Nitrokey, a company known for manufacturing USB security keys with free software that enables secure enrollment and signed data on laptops, Purism's Librem Key is dedicated to Librem laptop users, allowing to store 4096-bit keys and ECC keys of up to 512 bits, as well as to generate new keys directly from the device. Librem Key integrates with the secure boot process of the Librem 13 and 15 laptops.
Disk and email encryption, authentication, and tamper-proof booting in a single security key
Designed to allow Librem laptop users to see if someone has tampered with their computer software when it starts up, the Librem Key is supported by the TPM (Trusted Platform Module) chip with Heads enabled available on the new Librem 13 and 15 laptops. According to Purism, when the security key is inserted it flashes green to show users that the laptop has not been tampered with so they can pick up where they left off, if it flashes red It means that the laptop has been tampered with.
Additionally, the Librem Key brings standard security capabilities available in generic security tokens, such as the ability to save GPG signing and encryption keys for use across multiple devices, the ability to save GPG authentication keys for SSH sessions, and support. to use One-Time Passwords or Two-Step Verification to access various websites.
As Purism continues to improve the security of Librem laptops and work hard to launch the highly anticipated Librem 5 mobile with Linux, the company has big plans for the Librem Key as well, they are already thinking of expanding their capabilities with support to detect tampering during shipping, between many other things.