Secure memory, not just storage
ZeroKeyUSB uses an industrial-grade ST M24C64-WMN6TP EEPROM, a 64-kilobit non-volatile memory chip (8 KB total).It was selected not for capacity, but for reliability and long-term data integrity β critical for a device expected to safeguard your credentials for years. All information inside this chip is encrypted by the MCU before being written.
Even if the memory were physically removed, it would reveal only ciphertext blocks β never readable data.
Key characteristics
| Specification | Description |
|---|---|
| Chip model | ST M24C64-WMN6TP |
| Capacity | 64 Kbit (8 192 bytes) |
| Interface | IΒ²C, 2-byte addressing |
| Endurance | > 1 000 000 write cycles |
| Data retention | > 40 years |
| Operating voltage | 1.8 V β 5.5 V |
| Page size | 32 bytes |
The IΒ²C bus itself is not encrypted β instead, data is encrypted in firmware before transmission, ensuring confidentiality even if the bus were intercepted.
Internal structure overview
ZeroKeyUSBβs EEPROM is divided into isolated regions.Each serves a dedicated security function and is accessed exclusively through firmware routines.
| Address range | Size | Purpose |
|---|---|---|
0x0000β0x0001 | 2 B | Configuration flags / setup marker |
0x0002 | 1 B | Failed-attempts counter (persistent across power cycles) |
0x0005β0x000C | 8 B | PIN verification signature |
0x0010β0x001F | 16 B | AES Initialization Vector (IV) |
0x0020β0x03DF | β 960 B | System & TOTP metadata (including 2 bytes per slot status) |
0x03E0β0x03EF | 8 B | Last TOTP epoch (Unix time, 64-bit) |
0x0400β0x1FFF | β 7 KB | Encrypted credential storage (user data) |
- Site / service name
- Username or email
- Password
Data segmentation
Storing each field in a separate encrypted page offers key advantages:- π Independent encryption: Every field (site, user, password, TOTP) is encrypted separately.
- 𧩠No pattern correlation: Even identical credentials produce different ciphertext.
- π₯ Corruption isolation: If a page fails, others remain intact.
- β‘ Efficient writes: Editing one field only rewrites that page, prolonging EEPROM life.
Security metadata
π Initialization Vector (IV)
A unique 16-byte value generated from analog noise on a floating pin during first startup.It ensures that even identical data encrypted twice produces different ciphertext.
𧩠PIN signature block
An 8-byte cryptographic fingerprint stored at address0x0005.It lets ZeroKeyUSB verify the correct Master PIN without storing the PIN itself.
π Failed-attempts counter
Stored at0x0002, this byte tracks consecutive failed PIN entries.If a user enters an incorrect PIN multiple times, the firmware applies exponential delays before the next attempt.
Because the counter is stored in EEPROM, lockout timers persist even after power cycling or unplugging the device.
β±οΈ Last TOTP epoch
A 64-bit Unix timestamp representing the last synchronized time.It allows offline TOTP generation without re-syncing on every use.
Credential layout example
| Page | Content | Encrypted? | Size |
|---|---|---|---|
| 0 | Site / domain | β | 32 B |
| 1 | Username | β | 32 B |
| 2 | Password | β | 32 B |
| 3 | TOTP secret (optional) | β | 32 B |
| β | β | β | β |
| Total per slot | β | β | 96β128 B |
Data integrity and error handling
Every EEPROM write is acknowledged at the IΒ²C level to confirm success.If a write fails or times out, the firmware retries automatically.
Persistent errors trigger an on-screen message (
EEPROM Error) and abort the operation safely.
ZeroKeyUSB never stores plaintext or partial records β credentials are either fully encrypted or not written at all.
Why it matters
Typical password managers depend on OS storage and software encryption.ZeroKeyUSB keeps everything in hardware, with:
- A dedicated EEPROM rated for 40 + years of retention.
- Encryption and IV generation handled by the SAMD21 microcontroller.
- No wireless interfaces and no Internet connectivity to exploit.
Transparency builds trust: the memory map is public so that anyone can verify firmware behavior, yet all regions remain encrypted and locked during normal operation.