Security specialist Zymbit has launched a hardware security module designed specifically with embedded Linux computers in mind, and has launched a development kit with out-of-the-box compatibility with the Raspberry Pi and NVIDIA Jetson families of single-board computers: the Zymbit HSM4, and its in-beta stable-mate the HSM6.
"HSM4 is a ‘snap in’ security module designed for easy integration within a secure manufacturing environment," Zymbit explains of the design, which builds on its earlier Zymkey4. "All connections are through a single, 30 pin connector that is hidden underneath the module. No soldering is required, which simplifies installation, provisioning and supply chain management.
"Software APIs are available in Python, C and C++. Example code and online documentation provide a simple, low-risk way to integrate Zymbit security features into your application running on standard Raspbian and Ubuntu."
Where the Zymkey4 connected directly to the Raspberry Pi's general-purpose input/output (GPIO) header, though, the HSM4 is a dedicated module designed for production. To get people started with the device, the company has announced a developer kit which includes a Hardware Attached on Top (HAT) board hosting an HSM4 module — while those who have previously worked with the Zymkey4 will find the software fully compatible.
The HSM4 is designed to offer an impressive suite of security functionalities: The module includes unique ID generation and authentication capabilities, secure key generation and storage, data encryption and signing, a true random number generator (TRNG), a battery-backed real-time clock, support for full disk encryption with
dm-crypt and LUKS integration, and two physical hardware tamper-detection circuits capable of issuing an alert or destroying stored keys upon a detected breach.
The HSM4 is out now, but the company is already working on a successor: Sampling in beta now, the HSM6 includes all the features of the HSM4 with extensions to support cryptocurrency operations. The upgraded module includes the ability to handle BIP-format cryptocurrency wallets and enough memory to handle 700 foreign and private/public key slots.
The HSM4 is now available on Zymbit's website at $46 for the bare module or $125 for the Raspberry Pi and NVIDIA Jetson compatible developer kit with two HSM4 modules included. Those interested in the HSM6, meanwhile, can sign up for the beta on the product page.