Hardware Security Module for Raspberry Pi & NVIDIA Jetson Nano

ZYMKEY4 protects credentials, data and IP
from physical and digital attacks.


Essential Security with Simple API


Measured System Identity & Authentication

  • Unique ID created from multiple device-specific measurements.
  • Authentication required to activate cryptographic services.
  • Permanent and temporary binding modes.
  • Custom input factors available to OEMs.

Data Encryption & Signing

  • Strong cipher suite includes ECDSA, ECDH, AES-256, SHA256
  • AES-256 encrypt/decrypt data service
  • TRNG, suitable seed for FIPS PUB 140-2, 140-3 DRNG.
  • Integrates with TLS client-side certificates

Secure Key Generation & Storage

  • Generates and stores key pairs.
  • Stored in tamper resistant silicon.
  • ZYMKEY4, HSM4 supports 3 private/public key pairs.
  • HSM6 supports 512 private/public keys, and 128 foreign public keys.
  • Learn more >

Secure Element + Security Supervisor

  • Multiple layers of hardware security.
  • Dual secure-processor architecture.
  • Secure microcontroller supervises access to cryptographic services.
  • Secure element delivers crypto-engine and key functions.  

Ultra-low-Power Operation

  • ARM Cortex-M0 microcontroller minimizes emissions footprint.
  • Enable years of secure operation from a single coin cell.
  • Delivers autonomous physical and digital security.

Real Time Clock

  • Battery-backed real time clock to support off grid applications.
  • 24-36 month operation, application dependent.
  • RTC clock service available to client applications.
  • 5ppm accuracy.

Secure Integrations with ZYMKEY4

Detailed examples provide step-by-step instructions on how to integrate Zymbit into your application.

Full Disk Encryption

  • Encrypt root file system with dm-crypt.
  • Protect data, applications and credentials.
  • ZYMKEY integrates seamlessly with LUKS key manager. 
  • Step-by-step guide with prewritten scripts that streamline the process.

LUKS Key Management Integration


Physical Tamper Detect

  • Two independent perimeter circuits  provide layered protection. 
  • User configured policies and actions.
  • Notify or destroy keys on perimeter-breach event.
  • Continuous operation with onboard battery.
TLS Client Certificate Authentication
  • Generate Zymkey secured client certs.
  • Bring Your Own Certificate or use AWS.
  • Attach custom policies.
  • Secure connect  client authenticated TLS
Just In Time Client Registration
  • Simplifies large scale fleet deployments
  • Lambda function client registration

Compare Security Modules

Ready to Start?


120 Cremona Drive,  Santa Barbara
California, 93117, USA
+1 (805) 481 4570