All News | Boards | Chips | Devices | Software | Archive | About | Contact | Subscribe
Follow LinuxGizmos:
Twitter Facebook Pinterest RSS feed
*   get email updates   *

$15 plug-in crypto key supports RPi and other Linux devices

Sep 18, 2015 — by Eric Brown 5,413 views

Zymbit’s IoT-focused, $15 “ZymKey” encryption and authentication device offers 256-bit SHA security for the Raspberry Pi and other Linux devices.

In May, Zymbit unveiled its hackable, Raspberry Pi-based Zymbit Orange mini-PC for Internet of Things applications (see farther below). Now Zymbit has gone to Kickstarter to launch a $15 ZymKey encryption and authentication device that plugs into the expansion header on the Raspberry Pi, including the one built into the yet-to-be-released Zymbit Orange. There is also an identically priced USB version of ZymKey designed for other Linux-based devices.

ZymKey USB version (left) and Raspberry Pi model
(click images to enlarge)

The yet to be funded Kickstarter campaign runs through Oct. 16, and shipments are due in December. A prototype already exists, and in fact the device was announced back in May without the ZymKey name as an add-on to the Zymbit Orange.

ZymKey RPi version pre-loaded a Raspberry Pi SBC
(click image to enlarge)

The device provides high-speed public key algorithms in hardware with NIST standard P256 elliptic curve support, says Zymbit. Each ZymKey is factory programmed with unique private keys and comes with lifetime free key management service, says the company.

The module is based on an Atmel ATECC508a security subsystem featuring a 256-bit SHA crypto engine with optional HMAC, a FIPS random number generator, a 72-bit unique ID, and high-endurance monotonic counters. A real time clock (RTC) with battery backup is also available, along with an accelerometer to help detect tampering. An LED and push button combo are used to support authentication and pairing with cloud services.


The Raspberry Pi version uses a “stealth” mount for the SBC’s expansion header. The USB version for other devices “adds more functionality,” says the company, without explanation.

Stealth mounting on a Raspberry Pi
(click image to enlarge)

The ZymKey can be used independently of the Zymbit ecosystem, but it seems intended to introduce hackers to the Zymbit IoT platform, including the Zymbit.Connect IoT framework software and a newly announced Zymbit.City maker site. The Kickstarter packages include six month memberships and varying levels of storage and services in the subscription based developer site, which also offers ZymKey Connect based IoT aggregation services.

Examples of ZymBit’s customizable dashboard widgets
(click images to enlarge)

The ZymKey software provides a firmware from the Zymbit Connect IoT stack. The firmware provides single-console IoT remote device management, including OTA and admin services. You also get SSH publish and subscribe services, as well as a library of customizable dashboard widgets for embedding IoT sensor data in websites. A pub/sub engine is said to provide real-time updates.

Zymbit Orange background

The Zymbit Orange mini-PC platform for IoT prototyping is built around a Raspberry Pi 2, but you can run the system independently of the Raspberry Pi — and Linux — using its secure, Atmel ATSAME70 microcontroller. The modular Zymbit Orange also accepts Arduino Shields and Atmel Xplained Wingboards.

External and internal models of the Zymbit Orange
(click images to enlarge)

The Arduino support means that the device also supports Arduino Yún based endpoints out of the box, just as it can with the Raspberry Pi. The mini-PC also offers built-in WiFi and Bluetooth, as well as optional ZigBee, cellular, and PoE modules.

Zymbit Orange motherboard details and options
(click image to enlarge)

The Zymbit Orange offers multiple mounting options, and integrates a 4-36V power supply with 5V, 2.5A output. The Orange is sold with an optional Zymbit Iris interactive color touchscreen display, which fits onto the top of the enclosure. The unusual, programmable device combines a 128 × 64-pixel OLED display and four 64 × 48 OLED soft keys. There’s also a 9 × 9 LED matrix with an RGB perimeter that “indicates high-level conditions,” says Zymbit.

“Many communities are concerned about the release of toxic chemicals into the environment,” stated Mark Kram of Groundswell Technologies. “People can be exposed to harmful conditions without their knowledge because our air and breathing environments are rarely monitored continuously. With Zymbit, we can detect exposures whenever and wherever they occur around the devices, identify trends and automatically issue alerts. The ZymKey ensures we are receiving secure, authenticated data because if we’re going to warn people about a risk, we’d better not be wrong.”

Further information

The ZymKey is available on Kickstarter through Oct. 16, starting at $15, with various volume discounts, and shipments are due in December. Pricing and availability of the Zymbit Orange have yet to be announced. More information on the ZymKey may be found on Zymbit’s ZymKey Kickstarter page.

(advertise here)

Print Friendly, PDF & Email

2 responses to “$15 plug-in crypto key supports RPi and other Linux devices”

  1. Mark says:

    So, correct me if I’m wrong, but this thing comes pre-loaded with private keys. Private keys that presumably the company, and therefore the 5-eyes, know about and are in some way likely tied to a unique identifier. No thanks. Given it’s for a hobbyist system I’d prefer a key set by the user and locked courtesy of a little hardware switch like you get on SD cards.

    • Phil Strong says:

      Mark, the private keys are NOT preloaded, they are generated inside the silicon in response to a user requested service. There is no way for anyone to read the private keys outside of the device. This is core feature of the Atmel 508A device. The silicon itself has a grid protection system making it essentially impossible to get access by probing the die inside the chip packaging. So we know nothing about the private keys, nor does the factory that makes them, nor will the user.

Please comment here...