Analog Devices / Maxim Integrated DS28E39 DeepCover Secure Authenticator
Analog Devices DS28E39 DeepCover Secure Authenticator is an ECDSA public-key-based bidirectional secure authenticator incorporating Analog Devices patented ChipDNA™ feature. This feature is a physically unclonable function (PUF) to provide a cost-effective solution with the ultimate protection against security attacks. Using the random variation of semiconductor device characteristics occurring naturally during wafer fabrication, the ChipDNA circuit generates a unique, repeatable output value over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modify the underlying circuit characteristics, preventing the discovery of the unique value used by the chip's cryptographic functions.
The DS28E39 utilizes the ChipDNA output as crucial content to cryptographically secure all device-stored data and, optionally, under user control, as the private key for the ECDSA signing operation. With ChipDNA capability, the Analog Devices DS28E39 DeepCover Secure Authenticator provides a core set of cryptographic tools derived from integrated blocks, including an asymmetric (ECC-P256) hardware engine, a FIPS/NIST-compliant true random number generator (TRNG), 2Kb of secured EEPROM, a decrement-only counter and a unique 64-bit ROM identification number (ROM ID).
The ECC public/private key capabilities operate from the NIST-defined P-256 curve to provide a FIPS 186-compliant ECDSA signature generation function. The unique ROM ID is a fundamental input parameter for cryptographic operations and is an electronic serial number within the application. The Analog Devices DS28E39 DeepCover Secure Authenticator communicates over the single-contact 1-Wire® bus at standard and overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network.
Features
- Robust countermeasures protect against security attacks
- Patented physically unclonable function secures device data
- Actively monitored die shield detects and reacts to intrusion attempts
- All stored data cryptographically protected from discovery
- ECDSA authenticated R/W of stored data and counter
- Efficient public-key authentication solution to authenticate peripherals
- FIPS 186-compliant ECDSA P256 signature for challenge/response authentication
- ChipDNA generated public/private key pair
- TRNG with NIST SP 800-90B compliant entropy source
- Supplemental features enable easy integration into end applications
- 17-bit one-time settable, nonvolatile decrement-only counter with authenticated read
- 2Kbits of EEPROM for user data, key, control registers, and certificate
- Unique and unalterable factory-programmed 64-bit identification number (ROM ID)
- Single-contact, 1-wire interface communication with host at 11.7kbps and 62.5kbps
- 3.3V ±10%, -40°C to +85°C operating range
- 6-pin TDFN-EP package (3mm x 3mm)
Applications
- Authentication of medical sensors and tools
- Secure management of limited-use consumables
- IoT node authentication
- Peripheral authentication
- Reference design license management
- Printer cartridge identification and authentication
Block Diagram
Development Tool
Analog Devices / Maxim Integrated DS28E39EVKIT Evaluation System
Provides the hardware and software necessary to exercise the features of the DS28E39.