New Product Information

STMicroelectronics ST SECURITY Internet of Things solution

ST offers a full ecosystem with ready-to-use turnkey solutions to ensure device identity, systems and network integrity, for customers cautious about their brand, or willing to rely on a safe and secure IoT.

STMicroelectronics-ST-Security-product-picture

ST offers a full ecosystem with ready-to-use turnkey solutions to ensure device identity, systems and network integrity, for customers cautious about their brand, or willing to rely on a safe and secure IoT. It works as standalone and/or MCU/MPU solution, e.g STM32.ST secure element family ranges from optimized STSAFE-A, to flexible Java based KERKEYTM and TCG compliant TPM. Relying on CC EAL5+ certified chips on top of which runs an ST developed secure operating system, ST’s solutions ensure state-of-the-art security for the protection of objects and IoT networks.

 

Key features

  • Latest highly secure MCUs
  • CC EAL5+ AVA_VAN5 Common Criteria certified
  • Unique serial number on die
  • Elliptic curve

 

Additional features

  • Latest highly secure MCUs
  • CC EAL5+ AVA_VAN5 Common Criteria certified
  • Active shield
  • Monitoring of environmental parameters
  • Anti-fault protection
  • Unique serial number on die
  • Protection against side-channel attacks
  • Elliptic curve
    • cryptography (ECC); NIST or Brainpool 256-bit / 384-bit curves
    • digital signature algorithm (ECDSA: SHA-256 and SHA-384)
    • Diffie-Hellman (ECDH) for key establishment
  • More details: www.st.com/stsafe-a100
     

KERKEYTM

  • Platform: Java CardTM, GlobalPlatform, ISO/IEC 7816 & Common Personalization Compliant
  • AIS-31 class P2 compliant true random number generator (TRNG)
  • Enhanced cryptographic algorithms:
    • DES/3DES, RSA, ECC and AES
    • SEED, SHA-1, SHA-256, MD5 and CRC16
  • Password Authenticated Connection
  • Establishment (PACE) protocol
  • More details: www.st.com/kerkey

STSAFE-TPM

  • Active shield and environmental sensors
  • Memory protection unit (MPU) segregates TPM assets between TPM1.2 and TPM2.0 modes
  • Parameter monitoring
  • HW / SW protection against fault injection
  • FIPS compliant RNG built on an SP800-90A compliant SHA256 DRBG and an AIS-31 Class PTG2 compliant TRNG
  • Cryptographic algorithms: – RSA key generation (1024 or 2048 bits)
    • RSA signature and encryption
    • HMAC SHA-1 & SHA-256
    • AES-128-192-256
    • ECC 224 & 256 bits 
  • More details: http://www.st.com/stsafe

 

Applications

  • Authentication & Secure IoT
  • Smart Home & Smart Grid
  • PCs & Game controllers
  • Brand Protection (accessories, batteries, PCBs...)
  • TPM

 

ST Secure Family

STSAFE-A

Relying on a Common Criteria EAL5+ platform, STSAFE-A is a highly secure authentication solution whose security is certified by independent parties. Particularly well suited for applications exposed to fraud or counterfeiting, such as consumables like printer cartridges, , accessories for phones or gaming, USB type C devices , IoT objects running critical credential or operating valuable services , STSAFE-A is the ideal solution for customers wishing to build an ecosystem around their brand.

  • Authentication (of peripherals, IoT and USB Type-C devices)
  • Secure channel establishment with remote host including transport layer security (TLS) handshake
  • Signature verification service (secure boot and firmware upgrade)
  • Usage monitoring with secure counters
  • Pairing and secure channel with host application processor
  • Wrapping and unwrapping of local or remote host envelopes
  • On-chip key pair generation

 

KERKEYTM

With a flexible Global Platform and Java 3.0.4 -compliant command set, KERKEYTM is a versatile secure solution offering a wide range of cryptographic and secure services for applications which need to comply with apre-established schemes. Moreover, its EAL4+ Common Criteria certificate enables it to serve the smart grid market as well as those requiring strong security in concentrators, gateways, and IoT devices.

  • Protection profile for the Security Module of a Smart Meter Gateway (Security Module PP)
  • ECC support for NIST-P-256
  • Digital signature generation and verification with ECDSA
  • Key agreement with Diffie-Hellman (ECKAECDH) and El Gamal (ECKA-EG)
  • PACE with ECDH-GM-AES-CBC-CMAC-128 for secure messaging
  • On-chip ECC key pair generation
  • ISO7816-4 file system with EFs, DFs and ADFs, including nesting of DFs
  • Key pair, public key and PIN objects
  • Extended length APDUs
  • ECOPACK® 32-lead VFQFPN 5x5 mm (0.5mm pitch)

 

STSAFE-TPM

STSAFE-TPM, ST’s Trusted Platform Module, is an EAL4+ Common Criteria –certified solution compliant with the TCG (Trusted Computing Group) standard, designed to protect users' assets by monitoring platform integrity from the boot phase.

Used in devices where firmware integrity is a must, TPMs are largely deployed in desktops, notebooks, tablets, and servers and continue to spread into today's connected world, expanding from PCs to phones to home gateways to cars to infrastructures and more.

  • Flash based Trusted Platform Module (TPM)
  • Supporting 2 modes exclusively with either the TPM1.2 or the TPM2.0 command set
  • Supporting dynamic switch from one mode to another and capability to lock irreversibly one mode
  • For TPM1.2, compliant with Trusted Computing Group (TCG) Trusted Platform Module (TPM) Main specifications 1.2, Level 2, Revision 116 and TCG PC Client Specific TPM Interface Specifications 1.3
  • For TPM2.0, compliant with Trusted Computing Group (TCG) Trusted Platform Module (TPM) Library specifications 2.0, Level 0, Revision 116 and TCG PC Client Specific TPM Platform Specifications 0.43
  • TPM firmware code can be upgraded thanks to a persistent Application Flash Loader to support new standard evolutions
  • Targeting Common Criteria certificate according to the TPM 1.2 and TPM 2.0 protection profiles at EAL4+
  • Targeting FIPS 140-2 certification
  • SPI support up to 33 MHz
  • Support for software and hardware physical presence for TPM1.2 

BUY ONLINE AT AVNET EMEA STORE


Do you have a Question?

Contact EBV

If you need any assistance, please click below to find your closest EBV sales office.

Related documents



Related markets



Related technologies