Embedded Security Module Now for Raspberry Pi

The easy way to build Trust into your IoT devices and data.

  • Multifactor Device ID & Authentication
  • Data Encryption & Signing
  • Key Storage & Generation
  • Physical Tamper Detection

Zymkey secures all your digital assets.

Layered security with a hardware root of trust.

Simple API makes it easy to integrate Zymkey with your Linux application.

Easy To Integrate.

Ready to Scale

USB Stick

I2C Module

RPi compatible

SMT Chip

OEM features available

Strong security features.

Accessible through a simple API running on your host device.

Multifactor Device ID
and Authentication

Arrow-Two-Way-1

ZYMKEY enables remote attestation of host device hardware configuration.

  • Unique ID token created using multiple device specific measurements
  • Cryptographically derived ID token never exposed
  • Custom input factors available to OEMs
  • ID tokens bound to host permanently for manufacture, or temporarily for development
  • Changes in host configuration trigger local hard and API responses, policy dependent

Data Integrity
Encryption & Signing

Arrow-Two-Way-1

ZYMKEY's cryptographic engine uses some of the strongest commercially available cipher functions to encrypt, sign and authenticate data.

  • Strong cipher suite includes ECDSA, ECDH, AES-256, SHA256
  • AES-256 encrypt/decrypt data service
  • Integrates with TLS client-side certificates
  • TRNG - true random number generator, suitable seed for FIPS PUB 140-2, 140-3 DRNG.

Key Security
Generation & Storage

Arrow-Two-Way-1

ZYMKEY generates and stores key pairs in tamper resistant silicon to support a variety of secure services.

  • Multiple key slots, pre-defined and user available
  • Private keys never exposed outside of silicon
  • Fuseable keys available, policy dependent

Physical Tamper Detection

Arrow-Two-Way-1

ZYMKEY monitors the physical environment for symptoms of physical tampering .

  • Power rail monitor detects anomolies like brown-out events
  • Optional accelerometer detects shock and orientation change events
  • Optional perimeter integrity circuits detect breaks in user defined wire loops/mesh
  • Event reporting and response according to pre-defined policies

Real Time Clock

Arrow-Two-Way-1

ZYMKEY includes an optional battery-backed real time clock to support off grid applications.

  • 18-36 month operation, application dependent
  • RTC clock service, available to client applications
  • RTC/UTC anamoly alerts available with zymbit security services
  • 20ppm accuracy (standard). 5ppm accuracy (precision, temperature compensated)

3P Integrations

Arrow-Two-Way-1

ZYMKEY is easy to integrate with third party host-side applications such as:

  • LUKS file encryption
  • OpenSSL
  • AWS IoT
  • InfluxDB

Designed and manufactured in California.

Zymbit products are designed, manufactured and programmed in California in an ISO9001 facility.

Feature summary


ZYMKEY 4i ZYMKEY 4i Lite
Communication

I2C (RPi compatible)

I2C (RPi compatible)
BUY NOW BUY NOW
DEVICE AUTHENTICATION
ZYMKEY 4i ZYMKEY 4i Lite
Host hardware measurement
Cloudless binding of host and unique ID token
Host code measurement  
Custom authentication factors  
     
 DATA ENCRYPTION & SIGNING
ZYMKEY 4i ZYMKEY 4i Lite
 Encrypt root file system and data at rest
 Secure file system with LUKS integration
 Encrypt data in flight with OpenSSL integration
     
 KEY STORAGE
ZYMKEY 4i ZYMKEY 4i Lite
 Secure private key generation (never exposed)
 Tamper resistant secure element key store
 Unique key pairs, user available 3 3
     
PHYSICAL TAMPER DETECTION
ZYMKEY 4i ZYMKEY 4i Lite
Perimeter breach detection  
Accelerometer shock detection  
Power rail monitor  
     
 OTHER FEATURES
ZYMKEY 4i ZYMKEY 4i Lite
True Random Number Generator
Real time clock  
Real time clock - high accuracy  
OEM Custom features
     
 CRYPTOGRAPHIC PRIMATIVES
ZYMKEY 4i ZYMKEY 4i Lite
 TRNG (NIST SP800-22)
 ECC P-256
 SHA256 (FIPS 180-4)
 ECDSA (FIPS186-3)
 ECDH (FIPS SP800-56A)
 AES-256 (FIPS 197)
     
 TLS CIPHER SUITE EXAMPLES
ZYMKEY 4i ZYMKEY 4i Lite
 AWS-IOT | TLS_ECDHE_ECDSA_AES256_SHA
 MS-AZURE | TLS_ECDHE_ECDSA_AES_128_GCM_SHA256_P256
     
BUY NOW BUY NOW

= standard feature
= OEM feature

OEM pricing, custom features.

Zymbit security modules can be firmware customized for volumes starting at 1000 pieces. Hardware build variants and embedded licenses are also available.

Contact us to discuss your specific needs.

Need help with your application?

We're here to answer your questions and find a solution that fits your needs.
Give us a call to discuss our standard products and OEM engineering services.

CONTACT

or call +1 805-318-3166