Maxim Integrated DS28E38 - secure ECDSA authenticator
DS28E38 - DeepCover secure ECDSA authenticator with ChipDNA PUF protection: Protect your design using crypto-strong authentication secured with a physically unclonable function
The DS28E38 is an ECDSA public key-based secure authenticator that incorporates Maxim’s patented ChipDNA™ PUF technology. ChipDNA technology involves a physically unclonable function (PUF) that enables the DS28E38 to deliver cost-effective protection against invasive physical attacks. Using the random variation of semiconductor device characteristics that naturally occur during wafer fabrication, the ChipDNA circuit generates a unique output value that is repeatable over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modifies the underlying circuit characteristics, preventing discovery of the unique value used by the chip cryptographic functions.
The DS28E38 utilizes the ChipDNA output as key content to cryptographically secure all device stored data and optionally, under user control, as the private key for the ECDSA signing operation. With ChipDNA capability, the device provides a core set of cryptographic tools derived from integrated blocks including an asymmetric (ECC-P256) hardware engine, a FIPS/NIST-compliant true random number generator (TRNG), 2Kb of secured EEPROM, a decrement-only counter and a unique 64-bit ROM identification number (ROM ID).
The ECC public/ private key capabilities operate from the NIST-defined P-256 curve to provide a FIPS 186-compliant ECDSA signature generation function. The unique ROM ID is used as a fundamental input parameter for cryptographic operations and serves as an electronic serial number within the application. The DS28E38 communicates over the single-contact 1-Wire® bus at both standard and overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network.
- Robust countermeasures protect against security attacks
- Patented physically unclonable function secures device data
- Actively monitored die shield detects and reacts to intrusion attempts
- All stored data cryptographically protected from discovery
- Efficient public-key authentication solution to authenticate peripherals
- FIPS 186-compliant ECDSA P256 signature for challenge/response authentication
- Options for ECDSA public/private key pair source include ChipDNA generated, chip computed, and user installed
- TRNG with NIST SP 800-90B compliant entropy source
- Supplemental features enable easy integration into end applications
- 17-Bit one-time settable, nonvolatile decrement-only counter with authenticated read
- 2Kbits of EEPROM for user data, key, control registers, and certificate
- Unique and unalterable factory programmed 64-Bit identification number (ROM ID)
- Single-contact, 1-wire interface communication with host at 11.7kbps and 62.5kbps operating range: 3.3V ±10%, -40°C to +85°C
- 6-Pin TDFN-EP Package (3mm x 3mm)
- Authentication of medical sensors and tools
- IoT node authentication
- Peripheral authentication
- Printer cartridge identification and authentication
- Reference design license management
- Secure management of limited use consumables
Evaluation kit available!
The DS28E38 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28E38 and DS2476.
DS28E38 Evaluation Kit
The DS28E38 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28E38.
Have a question? Contact us