DeepCover Secure Authenticator features strong public key cryptography
Maxim Integrated Products, Inc. is sampling the DS28E35 DeepCover Secure Authenticator, a highly secure cryptographic solution for a host controller to authenticate peripherals. The DS28E35 integrates a FIPS 186-based, Elliptic Curve Digital Signature Algorithm (ECDSA) engine to implement asymmetric (public-key) cryptography to operate a challenge-and-response authentication protocol between a host controller and attached peripherals, sensors, or modules.
Operating over a single pin on the 1-Wire interface, the DS28E35 reduces interconnect complexity, simplifies designs, and reduces cost. It provides crypto-strong authentication security for many applications, including medical sensors, industrial programmable logic controller (PLC) modules, and consumer devices.
The DS28E35 operates with a key pair: a public key that resides with the host and an associated private key stored in the DS28E35. As a primary benefit of ECDSA, there is no security requirement to protect the host public key. It is imperative, however, to protect the private key stored in the DS28E35. This is accomplished through Maxim’s DeepCover security technologies, which provide the strongest affordable protection against die-level attacks that attempt to discover the private key.
DeepCover technologies include advanced die routing and layout techniques, additional proprietary methods for private key protection, and circuits that actively monitor for tampering.
- ECDSA asymmetric, public-key cryptography saves cost: eliminates the need for additional secure authentication key storage ICs in the host system.
- High integration reduces costs, simplifies designs: ECDSA engine with a 1-Wire interface; nonvolatile (NV) memory; hardware random number generator for signatures and key-pair generation; decrement-only usage counter; and DeepCover invasive-attack protection circuitry.
- Reduces interconnect complexity: 1-Wire interface allows operation from a single dedicated contact which, in turn, improves reliability and performance.
- Easily adapts to a host-peripheral system where secure authentication is required.