Offline by design
ZeroKeyUSB does not rely on the Internet, cloud storage, or companion apps. Everything — from encryption to key handling — happens inside the device, powered directly through USB. Your passwords never leave the hardware and cannot be accessed remotely, even by the manufacturer.Encryption architecture
All sensitive data is stored in the external EEPROM M24C64-WMN6TP, encrypted using AES-128 CBC (Cipher Block Chaining). The encryption key is derived from your Master PIN: the digits are hashed with SHA-256 and the first 16 bytes form the AES key. The original PIN is never stored or transmitted in plain text.| Element | Description |
|---|---|
| Encryption algorithm | AES-128 in CBC mode (industry-standard symmetric cipher). |
| Key source | Master PIN → SHA-256 → 128-bit AES key. |
| IV (Initialization Vector) | Generated from analog noise on first startup and stored securely in EEPROM. |
| Data blocks | Each credential uses three 32-byte encrypted pages (site, username, password). |
| Verification | Each write is confirmed via I²C acknowledgment to ensure completion. |
The Master PIN
Your PIN acts as your personal encryption key. It is never transmitted, stored in plain text, or shared with any external system. When you enter your PIN:- ZeroKeyUSB derives the AES-128 key.
- This key decrypts an 8-byte signature block stored in EEPROM.
- If the decrypted result matches the expected pattern, access is granted.
- Otherwise, the failed-attempt counter increments and the device enforces a delay before retry.
Intelligent lockout
Each incorrect PIN attempt increases the waiting time exponentially, and the count is stored persistently in EEPROM (0x0002):
| Failed attempts | Wait time |
|---|---|
| 1 | 5 seconds |
| 2 | 10 seconds |
| 3 | 20 seconds |
| 4 | 40 seconds |
| 5 | 80 seconds |
| … | up to 2560 seconds (≈ 43 minutes) |
Secure Initialization Vector (IV)
Every device generates a unique Initialization Vector on first startup. The IV is created using analog noise read from a floating pin on the SAMD21 and saved in the EEPROM. If the IV becomes corrupted or missing, it is regenerated automatically with fresh entropy. A single IV per device is used for all AES operations, ensuring every encryption chain is unique to that specific unit.Data segmentation
Each credential is divided into independent encrypted pages to minimize correlation:- Page 1 → Site or domain
- Page 2 → Username
- Page 3 → Password
- Page 4 (optional) → TOTP secret
Tamper protection
- The entire PCB is encapsulated in epoxy resin, making component access virtually impossible without destroying the device.
- No wireless interfaces (Wi-Fi, Bluetooth, NFC) are present.
- The firmware is static — flashed at the factory and cannot be updated remotely.
- All sensitive operations occur only in temporary RAM buffers, which are cleared immediately after use.
Transparency, not dependence
ZeroKeyUSB’s firmware is fully open-source and available for public audit and verification. Anyone can review how encryption, IV handling, and access control are implemented to confirm that:- There are no backdoors or remote commands.
- All cryptographic processes occur locally and deterministically.
- Security depends on design, not trust.
Dive deeper
AES-128 Encryption
Learn how the Master PIN turns into an AES key and how CBC mode protects each credential page.
PIN Verification
Explore the unlock flow, adaptive delays, and how retries are enforced in hardware.
IV Generation
Understand how entropy is gathered and how the IV is validated and regenerated.
ZeroKeyUSB’s encryption follows the same core principles found in certified hardware tokens and wallets —
with a focus on simplicity, transparency, and complete offline operation.