Security Module for Raspberry Pi

Easy to integrate. Hard to penetrate.

  • Multifactor Device ID & Authentication
  • Data Encryption & Signing
  • Key Storage & Generation
  • Physical Tamper Detection
  • Secure Element Root of Trust

Zymkey secures all your digital assets
from cyber-physical threats.

Layered security with a hardware root of trust.

Simple API makes it easy to integrate Zymkey with your Linux application.

Easy To Integrate.

Ready to Scale

USB Stick

I2C Module

RPi compatible

SMT Chip

OEM features available

Essential security made easy.

Accessible through a simple API running on your host device.

Multifactor Device ID
and Authentication

Arrow-Two-Way-1

ZYMKEY enables remote attestation of host device hardware configuration.

  • Unique ID token created using multiple device specific measurements
  • Cryptographically derived ID token never exposed
  • Custom input factors available to OEMs
  • ID tokens bound to host permanently for manufacture, or temporarily for development
  • Changes in host configuration trigger local hard and API responses, policy dependent

Data Integrity
Encryption & Signing

Arrow-Two-Way-1

ZYMKEY's cryptographic engine uses some of the strongest commercially available cipher functions to encrypt, sign and authenticate data.

  • Strong cipher suite includes ECDSA, ECDH, AES-256, SHA256
  • AES-256 encrypt/decrypt data service
  • Integrates with TLS client-side certificates
  • TRNG - true random number generator, suitable seed for FIPS PUB 140-2, 140-3 DRNG.

Key Security
Generation & Storage

Arrow-Two-Way-1

ZYMKEY generates and stores key pairs in tamper resistant silicon to support a variety of secure services.

  • Multiple key slots, pre-defined and user available
  • Private keys never exposed outside of silicon
  • Fuseable keys available, policy dependent

Physical Tamper Detection

Arrow-Two-Way-1

ZYMKEY monitors the physical environment for symptoms of physical tampering .

  • Power quality monitor detects anomolies like brown-out events
  • Optional accelerometer detects shock and orientation change events
  • Optional perimeter integrity circuits detect breaks in user defined wire loops/mesh
  • Event reporting and response according to pre-defined policies

Real Time Clock

Arrow-Two-Way-1

ZYMKEY includes an optional battery-backed real time clock to support off grid applications.

  • 18-36 month operation, application dependent
  • RTC clock service, available to client applications
  • RTC/UTC anamoly alerts available with zymbit security services
  • 20ppm accuracy (standard). 5ppm accuracy (precision, temperature compensated)

Ultra-Low Power Operation

ultra-low power operation

ZYMKEY delivers long term autonomous security from a battery:

  • ARM Cortex-M0 microcontroller
  • Years of secure operation from a coin cell - optional larger battery
  • Secure operation autonomous from host

Secure Element
Hardware Root of Trust

ultra-low-power

ZYMKEY provides multiple layers of hardware security:

  • Hard to penetrate dual secure-processor architecture
  • Secure elements from Microchip - ATECC608, ATECC508
  • Secure microcontroller isolates and supervises services
  • Hardware based cryptoengine and keystore

3P Integrations

Arrow-Two-Way-1

ZYMKEY is easy to integrate with third party host-side applications such as:

Designed and manufactured in California.

Zymbit products are designed, manufactured and programmed in California in an ISO9001 facility.

Feature summary


ZYMKEY 4i* ZYMKEY 5i
for blockchain
Communication

I2C (RPi compatible)

I2C (RPi compatible)
BUY NOW PRE-ORDER
DEVICE MULTI-FACTOR IDENTITY & AUTHENTICATION
ZYMKEY 4i* ZYMKEY 5i
Host hardware measurement
Host code measurement
Custom authentication factors
     
 DATA ENCRYPTION & SIGNING
ZYMKEY 4i* ZYMKEY 5i
 Encrypt root file system with dm-crypt & LUKS
 Encrypt data blobs with "zblock" function
 Encrypt data in flight with OpenSSL integration
     
 KEY STORAGE
ZYMKEY 4i* ZYMKEY 5i
 Generation of secure key pairs - private key never exposed
 Tamper resistant secure element key store
 Unique key slots, user available 3 32
     
 CRYPTOGRAPHIC PRIMITIVES
ZYMKEY 4i* ZYMKEY 5i
 TRNG (NIST SP800-22)
 ECC KOBLITZ P-256 (secp256k1)
 ECC NIST P-256 (secp256r1)
 ECDSA (FIPS186-3)
 ECDH (FIPS SP800-56A)
 AES-256 (FIPS 197)
     
PHYSICAL TAMPER DETECTION
ZYMKEY 4i* ZYMKEY 5i
Perimeter breach detection circuits 2 2
Accelerometer shock detection
Power rail monitor
     
 OTHER FEATURES
ZYMKEY 4i* ZYMKEY 5i
True Random Number Generator
Real time clock
Real time clock - high accuracy
OEM Custom features
     
 TLS CIPHER SUITE EXAMPLES
ZYMKEY 4i* ZYMKEY 5i
 AWS-IOT | TLS_ECDHE_ECDSA_AES256_SHA
 MS-AZURE | TLS_ECDHE_ECDSA_AES_128_GCM_SHA256_P256
     
 DOCUMENTATION
ZYMKEY 4i* ZYMKEY 5i
 GETTING STARTED
 API: Python, C, C++
 FILE ENCRYPTION
BUY NOW PRE ORDER

= standard feature
= OEM feature
* = zymkey 4i, standard version

OEM pricing, custom features.

Zymbit security modules can be firmware customized for volumes starting at 1000 pieces. Hardware build variants and embedded licenses are also available.

Contact us to discuss your specific needs.

Need help with your application?

We're here to answer your questions and find a solution that fits your needs.
Give us a call to discuss our standard products and OEM engineering services.

CONTACT

or call +1 805-318-3166