ZYMKEY4

Plug-in security module for Raspberry Pi
  • Encrypted file system
  • Hardware root of trust
  • Secure key generation & storage
  • Measured system identity & authentication
  • Data encryption & signing
  • Multiple tamper sensors
  • Real time clock
zymbit plug-in security module HSM for raspberry pi

Overview

Essential security for Raspberry Pi

Removing an SD card and copying contents is easy, especially for unattended devices deployed outside the security of a physical building. ZYMKEY4 provides essential physical and digital security features to protect against such real world exploits.
zymbit HSM for raspberry pi - essential security plugin module
MEASURED SYSTEM IDENTITY
PHYSICAL TAMPER SENSORS
DATA ENCRYPTION & SIGNING
FILE SYSTEM ENCRYPTION
KEY STORAGE & GENERATION
CRYPTOGRAPHIC ENGINE
ULTRA LOW POWER
REAL TIME CLOCK
Zymkey security module. Plugin HSM for raspberry Pi

Easy to integrate hardware

Zymbit HSM for raspberry Pi. Plugin security module. Easy to integrate.

File system encryption

  • Encrypt root file system with dm-crypt.
  • Protect data, applications and credentials.
  • ZYMKEY integrates seamlessly with LUKS key manager. 
  • Step-by-step guide with prewritten scripts that streamline the process.
Zymbit HSM for Raspberry Pi encrypts and protects file system on SD card.
zymbit HSM for raspberry pi - tamper sensors protect against perimeter attacks

Perimeter tamper detect

  • Two independent perimeter circuits  provide layered protection. 
  • User configured policies and actions.
  • Notify or destroy keys on perimeter-breach event.
  • Continuous operation with onboard battery.

Layered security with hardware root of trust

Zymbit security modules provide multiple layers of physical and digital protection for your digital assets, managed through a simple API.

Zymbit security module for raspberry pi. Plugin security module with simple API protects credentials, data and IP.

Easy integration with AWS

TLS Client Certificate Authentication
  • Generate Zymkey secured client certs.
  • Bring Your Own Certificate or use AWS.
  • Attach custom policies.
  • Secure connect  client authenticated TLS
Just In Time Client Registration
  • Simplifies large scale fleet deployments
  • Lambda function client registration

Embedded version

  • All the features of  ZYMKEY4, ready to embed on your custom board.
  • Encapsulated module with single hidden connector.
  • More physical security.
  • Easy integration into high volume applications.
  • Developer HAT and hardware design resources.

HSM4

Embedded version of ZYMKEY4 for customer integration

Zymbit HSM6 - embedded hardware wallet for raspberry pi and other embedded linux computers.
protect sd card on raspberry pi
protect sd card
zymbit secures manufacturing environment

Manufacturing tools

Zymbit manufacturing tools and services help you transition to volume manufacturing quickly and securely.

Specifications

Private / public key pairs 3
Cryptographic Services TRNG (NIST SP800-22)
ECC NIST P-256 (secp256r1)
ECDSA (FIPS186-3)
AES-256 (FIPS 197)
Tamper Sensors 2 x Perimeter breach detection circuits
Accelerometer shock & orientation sensor 
Main power monitor
Software API Python, C++, C
Physical Format Plug in mini-hat (pins 1 – 10)
Dimensions 39.0 x 15.0 x 5.1 mm
1.53 x 0.59 x 0.20 Inches
Connectors GPIO: 5x2pin header, 0.1inch
Perimeter: 5pin microUSB receptacle
Communication I2C, default address, user changeable
GPIO4, user changeable
Production mode lock Cut physical tab
Measured system identity & authentication Standard factors include RPI host, SD card, Zymkey
Data encryption & signing applications. Encrypt root file system with dm-crypt, with LUKS key manager hook
Encrypt data blobs with “zblock” function
Encrypt data in flight with OpenSSL integration
Real time clock 24-36 month operation, application dependent, 5ppm accuracy.
Backup battery Used for RTC and perimeter circuits
Requires coin cell, type CR1025 (not included)
Recommend Panasonic or Renata
Backup battery monitor No
Last Gasp battery removal detection No
OEM Custom features Contact Zymbit
Example Cipher Suites AWS-IOT | TLS_ECDHE_ECDSA_AES256_SHA
MS-AZURE | TLS_ECDHE_ECDSA_AES_128_GCM_SHA256_P256
Accessories & related products Perimeter adapters
Warranty 18 months

Documentation

Using Product >
  • Getting started
  • Software APIs – python, C, C++
  • Tutorials
  • FAQ & troubleshooting
Conformity Documents >
  • EU Declaration of Conformity
  • FCC Declaration of Conformity
  • RoHS/Reach Declaration of Conformity
  • California Prop 65 Declaration of
CAD Files >
  • Mechanical dimensions
  • Step model
Manufacturing Tools >
  • Secure high speed encryption appliance
  • Programming and provisioning

Need help choosing product?

Explore and choose the best Zymbit product for your application. If you have questions or need something custom then were ready to help.
I’M READY TO BUY
Zymbit products are available from major distributors around the world, or directly from our webstore.
I HAVE QUESTIONS
If you need help with your application, or want to discuss a custom solution then contact us today.
https://www.zymbit.com/wp-content/uploads/2017/11/Zymbit-Logo-noBG-small.png

120 Cremona Drive, Goleta, 

California, 93117, USA

+1 (805) 481 4570

GET UPDATES

Subscribe to email updates.