Multifactor Device ID
and Authentication

ZYMKEY enables remote attestation of host device hardware configuration.

• Unique ID token created using multiple device specific measurements
• Cryptographically derived ID token never exposed
• Custom input factors available to OEMs
• ID tokens bound to host permanently for manufacture, or temporarily for development
• Changes in host configuration trigger local hard and API responses, policy dependent

Data Integrity
Encryption & Signing

ZYMKEY's cryptographic engine uses some of the strongest commercially available cipher functions to encrypt, sign and authenticate data.

• Strong cipher suite includes ECDSA, ECDH, AES-256, SHA256
• AES-256 encrypt/decrypt data service
• Integrates with TLS client-side certificates
• TRNG - true random number generator, suitable seed for FIPS PUB 140-2, 140-3 DRNG.

Key Security
Generation & Storage

ZYMKEY generates and stores key pairs in tamper resistant silicon to support a variety of secure services.

• Multiple key slots, pre-defined and user available
• Private keys never exposed outside of silicon
• Fuseable keys available, policy dependent

Physical Tamper Detection

ZYMKEY monitors the physical environment for symptoms of physical tampering .

• Power rail monitor detects anomolies like brown-out events
• Optional accelerometer detects shock and orientation change events
• Optional perimeter integrity circuits detect breaks in user defined wire loops/mesh
• Event reporting and response according to pre-defined policies

Real Time Clock

ZYMKEY includes an optional battery-backed real time clock to support off grid applications.

• 18-36 month operation, application dependent
• RTC clock service, available to client applications
• RTC/UTC anamoly alerts available with zymbit security services
• 20ppm accuracy (standard). 5ppm accuracy (precision, temperature compensated)

3P Integrations

ZYMKEY is easy to integrate with third party host-side applications such as:

• LUKS file encryption
• OpenSSL
• AWS IoT
• InfluxDB