Cryptographic controller for embedded devices

December 09, 2016 // By Graham Prophet
Maxim Integrated has posted initial details of its DeepCover cryptographic controller, MAXQ1061, designed to protect the confidentiality, authenticity and integrity of software IP, communication and revenue models, in connected embedded devices, industrial networking, PLC, and network appliances.

Maxim describes the device as a turnkey solution for secure storage, digital signature, encryption, secure boot, and TLS/SSL communication. DeepCover embedded security devices apply multiple layers of advanced physical security to provide the most secure key storage possible. An embedded cryptographic toolbox provides key generation and storage up to full SSL/TLS/DTLS support by offering a high level of abstraction including TLS/DTLS key negotiation, ECDSA-based TLS/DTLS authentication, digital signature generation and verification, SSL/TLS/DTLS packet encryption, and MAC algorithms. It can also serve as a secure bootloader for an external generic microcontroller.


32 kB of user-programmable EEPROM securely store certificates, public keys, private and secret keys, monotonic counters, and arbitrary data. A flexible file system manages access rights for the objects. The device is controlled over a SPI or I²C interface. Protocols for life cycle management and a secure key loading are provided.


Cryptographic algorithms supported by the device include AES, ECC, ECDSA signature scheme, SHA, and MAC digest algorithms. The true random number generator can be used for on-chip key generation. A separate hardware AES engine over SPI, allows it to function as a coprocessor for stream encryption. Maxim designed the physical, environmental and logical protections to meet the stringent requirements of FIPS and Common Criteria EAL4+ certifications.


Use the device, Maxim suggests, in certificate distribution and management; cybersecurity for critical infrastructures; electronic signature generation; secure access control; and smart metering.


At time of posting, Maxim is requiring an NDA (non-disclosure agreement) to access the part's full data sheet; see;