Same Encryption key for 2 Zymkeys

Hello,

I am thinking to use zymkey in a raspberry network that communicates with each other. I was thinking of using zymkey to encrypt data before transmitting it into the network.My worry is that the receiving raspberry pi (with zymkey) should be able to decrypt the message. Is it possible to keep the same encryption key for two zymkeys used in two different raspberry pis?

Vivek

Basically, is it possible to define/rewrite the encryption key fused by Zymkey’s AES 256 module?

Hi Vivek,
There is no way to rewrite the secret key. They are locked at the time of manufacturing making each zymkey unique by design.

Using true random number generator (TRNG) feature, you can create your own secret key, then lock it to the system using the zymkey lock method. The newly generated key is then used to encrypt/decrypt messages, and is protected by the unique, secret key onboard the zymbit trust module (zymkey).

Evan

Hi Evan,

Thank you for the quick response. Can I share the secret key generated by trng of one zymkey with another.

My purpose is to use the same key as shared symmetric key for the aes 256 module.

Vivek

Vivek,
Just to clarify, the TRNG can be used for creating a secret used in generating the key itself (through LUKS for example).

We are currently developing a toolchain that (we believe) will resolve your issue and allow you to easily share keys locked to each RPi + zymkey system. I will have more details early next week. It will be based off the zymkey command line utility. Stay tuned! :grin:

Evan

Hi Vivek

Reading this thread, we might have a simpler solution for your need.

It would be easier/more efficient f we could discussion your application in more detail.

is there a good number/time when we can call you ?

Phil

Hello Phil,

You can reach me at +6598662329. Please call me anytime today (Singapore time! :))

Thank you.

Regards
Vivek

Hello Vivek

Following our call yesterday, I am moving our conversation to email.

Phil

Hi,

I try to develop the same kind of application where many RPI equipped with Zymbit have to communicate with the same AES key. Is there any news about the toolchain you were developing @evan?

Thanks a lot

Valere

Hi,

I have a similar use-case, using ethereum for storage. I want to encrypt the data on a raspberry pi (acting as a sensor-data generating node) and decrypt it on another machine (acting as a sensor-data consuming node).
Can I have more details please ?

Hi,I’m encrypting data in one raspberrypi and need to decrypt in another raspberrypi.Both raspberry pi’s are having different zymkey’s.Is there any solution for this?

Is there a way to export zymkey public key to another raspberry pi?

You can export the public keys from any of the key slots on the Zymkey 4i. For example, in python:

import zymkey

zymkey.client.get_ecdsa_public_key(slot=0)

However, currently this is only useful for verifying signatures generated by Zymkey or for generating a Certificate Signing Request (CSR). Future Zymkey models will have ECDH capability so a shared secret could be derived for symmetric encryption.

Thank you for the response.I have 2 raspberry pi3 B+ devices ,both are having seperate zymkey 4i models .I need to encrypt data in one pi using another pi’s zymkey’s public key and decrypt that data in another pi using that zymkey’s private key.Is this possible ?