Security for embedded systems with Maxim's Secure Authenticator

September 24, 2013 // By Graham Prophet
DeepCover devices from Maxim Integrated guards embedded designs, peripherals, or sensors with strong symmetric-key cryptography implementing bidirectional challenge-and-response SHA-256 authentication and encryption

You can protect data and IP in your product designs using the DeepCover Secure Authenticator (DS28C22) from Maxim; DS28C22 is a highly secure cryptographic solution for a host controller to authenticate peripherals or embedded designs, and it offers encrypted communication as an added benefit.

DeepCover embedded security solutions protect sensitive data with multiple layers of advanced physical security and provide highly secure storage of the authentication secret keys. Using the FIPS 180 based SHA-256 authentication algorithm, the DS28C22 combines crypto-strong, bidirectional, secure challenge-and-response authentication with small message encryption.

Through bidirectional authentication, the host and the peripheral authenticate one another, protecting the IP in the peripheral from a non-authentic host trying to modify operation of the peripheral. The DS28C22 enables a high level of security for many applications, including peripherals/disposables, sensors, network equipment, IP licensing, and industrial applications such as programmable logic controllers (PLCs).

IP is protected from being compromised by counterfeiters or hackers: A bidirectional security model enables two-way authentication and encryption between a host system and slave-embedded DS28C22. Strong die-level protection securely stores the authentication key. The device includes 3k bits of user memory with four user-programmable modes of protection; SHA-256 option enables you to securely control end-product features through data settings. Using factory pre-programming, an optional DS28C22 pre-programming service prevents supply chain vendors from compromising a solution, ensuring no exposure of cryptographic keys. DS28C22 includes a dedicated hardware-accelerated engine for SHA computations.

In an 8-pin TDFN package, the part costs from $0.90 (1000).