Allowing the connection to only known, legitimate devices is a key element to any system security; the OPTIGA Trust P generates and securely stores encryption keys for one-way and mutual authentication, protecting a device from malware, and controlling access mechanisms for secure software updates. The programmability of the OPTIGA Trust P makes it a flexible solution, enabling these features to be adapted by a wide variety of connected systems. Any product that stores and exchanges confidential data - whether used in smart homes or factories - can rely on the encrypted communications capability of OPTIGA Trust P to enable information privacy. This helps to defend from attackers trying to obtain personal or company data or attempting to tamper with programming through Internet connections or machine-to-machine (M2M) communications links.
The OPTIGA Trust P is a Common Criteria EAL 5+ (high) certified secure trust anchor that addresses counterfeiting, privacy and security concerns. It uses public key cryptography to support both one-way and mutual authentication for anti-cloning applications. On-board key generation, key storage and secure key exchange allow creation of a secure communications channel and encryption of transmitted data. This can provide data privacy as well as the information verification between senders and receivers. The integrated key management and the access controls expand the use of the secure channel to encompass protection by permitting for secure remote updates and local access restrictions to the devices.
As a programmable device, the OPTIGA Trust P is flexible and easy to integrate into existing systems. It includes a JavaCard operating system to run security applets that can be configured for the specific needs of the system. Infineon provides the reference JavaCard security applets for most common functions, host code, and development tools to minimise development efforts.
The OPTIGA Trust P SLJ 52ACA authentication chip occupies a VQFN-32 (5 x 5mm) package, with 150 kB memory. It runs the JavaCard OS, supports ECC, RSA, AES, TDES and