Zymbit HSM4 & HSM6 security modules work with embedded Linux hardware, Raspberry Pi, Jetson Nano

Zymbit Zymkey security modules, now called Zymkey4i, were first introduced several years ago. Based on the Microchip ATECC508A CryptoAuthentication chip, the modules were available as a USB stick, an I2C module for Raspberry Pi boards, or an SMT component, and designed to enable multifactor device ID & authentication, data encryption & signing, key storage & generation, and physical tamper detection.

The company has now informed CNX Software they had launched HSM4 cryptographic protection module and HSM6 hardware wallet with a different form factor for easy integration into embedded applications, and devkits compatible with Jetson Nano and Raspberry Pi SBCs.

Zymbit HSM4 cryptographic protection module & devkit

Zymbit HSM4HSM4 crypto module key features and specifications:

  • HSM4 is built upon Zymkey4i module, and integrates an Arm Cortex-M0 microcontroller, as well as a secure element likely to be Microchip ATECC508A, or the more recent ATECC608B CryptoAuthentication chip if the company upgrade
  • System Identity & Authentication
    • Unique ID created from multiple device-specific measurements.
    • Authentication required to activate cryptographic services.
    • Permanent and temporary binding modes.
    • Custom input factors available to OEMs.
  • Data Encryption & Signing
    • Cipher suite includes ECDSA, ECDH, AES-256, SHA256
    • AES-256 encrypt/decrypt data service
    • TRNG, suitable seed for FIPS PUB 140-2, 140-3 DRNG.
    • Integrates with TLS client-side certificates
  • Secure Key Generation & Storage
    • Generates and stores key pairs.
    • Stored in tamper-resistant silicon.
    • Up to 3 private/public key pairs
  • Secure Element + Security Supervisor
    • Multiple layers of hardware security.
    • Dual secure-processor architecture.
    • Secure microcontroller supervises access to cryptographic services.
    • Secure element delivers crypto-engine and key functions.
  • Built-in RTC with 5ppm accuracy
  • Single 30-pin Hirose connector for host connection
  • Low power consumption for extended battery life

The module is designed for OEMs in mind with the 30-pin connector allowing easy integration into embedded boards, and the company released PCB footprint, schematic symbol, 3D models for Altium Designer & CircuitStudio
KiCAD, and Eagle, as well as mechanical drawings.

HSM4 devkit for Raspberry Pi, Jetson NanoBut that connector is not convenient for evaluation and early development, so the Zymbit also release the HSM4 development kit with an adapter board compatible with Raspberry Pi SBC and Jetson Nano developer kit, two HSM4 modules, and necessary accessories.

The company provides API’s for Python, C++, C, support for Ubuntu and Raspberry Pi OS, as well as documentation that includes getting started guides, how-to examples for disk encryption, and so on…

HSM4 module

Zymbit HSM6 hardware wallet

Zymbit HSM6HSM6 has the exact same form factor as HSM4, but adds support for many more private/public keys (512 in total instead of 3), as well as 128 foreign public keys, master key support, and extra cryptographic primitives including BIP 32/39/44 HD wallet, ECC KOBLITZ P-256 (secp256k1), and ECDH (FIPS SP800-56A).  The comparison table on Zymbit website confirms HSM4 and Zymkey4i have the same features set and HSM6 builds on that with extra features.

zymkey4i vs hsm4 vs hsm6
A subset from Zymbit’s comparison table

HSM6 will also be offered with a similar development kit as HSM4, but using HSM6 modules instead, and shares the same software and documentation.

Availability and pricing

Zymbit HSM4 module can be ordered now for $46.00, with the unit price dropping to $30+ for 1000 pieces or more, and the development kit goes for $125. HSM6 is still in closed beta, meaning you’d need to contact the company and provide details about the project before getting hold of samples. More information can be found on Zymbit website.

Share this:
FacebookTwitterHacker NewsSlashdotRedditLinkedInPinterestFlipboardMeWeLineEmailShare

Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress

ROCK 5 ITX RK3588 mini-ITX motherboard

One Reply to “Zymbit HSM4 & HSM6 security modules work with embedded Linux hardware, Raspberry Pi, Jetson Nano”

  1. Since those security modules add quite a lot of the BOM cost, I asked which specific applications it would target.

    Answer:

    The product is targeted at unattended equipment that transact resources of value, such as:
     

    1. Microgrid/energy trading – solar/wind/gensets
    2. Pay by the hour assets/machinery,
    3. Distributed asset transactions requiring chain of custody integrity and validation.

     
    Such assets typically have a large number of peer-to-peer interactions where value needs to be transferred securely.
     
    HSM6 provides the necessary identity, authentication, wallet structure, data encryption and signing functions, enclosed in a secure, easy to integrate module.

Leave a Reply

Your email address will not be published. Required fields are marked *

Boardcon Rockchip and Allwinner SoM and SBC products
Boardcon Rockchip and Allwinner SoM and SBC products