Zymbit Zymkey security modules, now called Zymkey4i, were first introduced several years ago. Based on the Microchip ATECC508A CryptoAuthentication chip, the modules were available as a USB stick, an I2C module for Raspberry Pi boards, or an SMT component, and designed to enable multifactor device ID & authentication, data encryption & signing, key storage & generation, and physical tamper detection.
The company has now informed CNX Software they had launched HSM4 cryptographic protection module and HSM6 hardware wallet with a different form factor for easy integration into embedded applications, and devkits compatible with Jetson Nano and Raspberry Pi SBCs.
- HSM4 is built upon Zymkey4i module, and integrates an Arm Cortex-M0 microcontroller, as well as a secure element likely to be Microchip ATECC508A, or the more recent ATECC608B CryptoAuthentication chip if the company upgrade
- System Identity & Authentication
- Unique ID created from multiple device-specific measurements.
- Authentication required to activate cryptographic services.
- Permanent and temporary binding modes.
- Custom input factors available to OEMs.
- Data Encryption & Signing
- Cipher suite includes ECDSA, ECDH, AES-256, SHA256
- AES-256 encrypt/decrypt data service
- TRNG, suitable seed for FIPS PUB 140-2, 140-3 DRNG.
- Integrates with TLS client-side certificates
- Secure Key Generation & Storage
- Generates and stores key pairs.
- Stored in tamper-resistant silicon.
- Up to 3 private/public key pairs
- Secure Element + Security Supervisor
- Multiple layers of hardware security.
- Dual secure-processor architecture.
- Secure microcontroller supervises access to cryptographic services.
- Secure element delivers crypto-engine and key functions.
- Built-in RTC with 5ppm accuracy
- Single 30-pin Hirose connector for host connection
- Low power consumption for extended battery life
The module is designed for OEMs in mind with the 30-pin connector allowing easy integration into embedded boards, and the company released PCB footprint, schematic symbol, 3D models for Altium Designer & CircuitStudio
KiCAD, and Eagle, as well as mechanical drawings.
But that connector is not convenient for evaluation and early development, so the Zymbit also release the HSM4 development kit with an adapter board compatible with Raspberry Pi SBC and Jetson Nano developer kit, two HSM4 modules, and necessary accessories.
The company provides API’s for Python, C++, C, support for Ubuntu and Raspberry Pi OS, as well as documentation that includes getting started guides, how-to examples for disk encryption, and so on…
HSM6 has the exact same form factor as HSM4, but adds support for many more private/public keys (512 in total instead of 3), as well as 128 foreign public keys, master key support, and extra cryptographic primitives including BIP 32/39/44 HD wallet, ECC KOBLITZ P-256 (secp256k1), and ECDH (FIPS SP800-56A). The comparison table on Zymbit website confirms HSM4 and Zymkey4i have the same features set and HSM6 builds on that with extra features.
HSM6 will also be offered with a similar development kit as HSM4, but using HSM6 modules instead, and shares the same software and documentation.
Zymbit HSM4 module can be ordered now for $46.00, with the unit price dropping to $30+ for 1000 pieces or more, and the development kit goes for $125. HSM6 is still in closed beta, meaning you’d need to contact the company and provide details about the project before getting hold of samples. More information can be found on Zymbit website.