DeepCover Secure SHA-3 Authenticator with ChipDNA PUF Protection

Protect Your Development Investment with Crypto-Strong Authentication and Advanced Physical Security

Please check latest availability status for a specific part variant.


The DS28E50 secure authenticator combines FIPS202-compliant secure hash algorithm (SHA-3) challenge and response authentication with Maxim’s patented ChipDNA™ technology, a physically unclonable function (PUF) to provide a cost-effective solution with the ultimate protection against security attacks. The ChipDNA implementation utilizes the random variation of semiconductor device characteristics that naturally occur during wafer fabrication. The ChipDNA circuit generates a unique output value that is repeatable over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modifies the underlying circuit characteristics thus preventing discovery of the unique value used by the chip cryptographic functions. The DS28E50 utilizes the ChipDNA output as key content to cryptographically secure all device-stored data. With ChipDNA capability, the device provides a core set of cryptographic tools derived from integrated blocks including a SHA-3 engine, a FIPS/NIST compliant true random number generator (TRNG), 2Kb of secured EEPROM, a decrement-only counter and a unique 64-bit ROM identification number (ROM ID). The unique ROM ID is used as a fundamental input parameter for cryptographic operations and serves as an electronic serial number within the application. The DS28E50 communicates over the single-contact 1-Wire® bus at both standard and overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network.

DS28E50: Functional Diagram DS28E50: Functional Diagram Enlarge+

Key Features

  • Robust Countermeasures Protect Against Security Attacks
    • Patented Physically Unclonable Function Secures Device Data
    • Actively Monitored Die Shield Detects and Reacts to Intrusion Attempts
    • All Stored Data Cryptographically Protected from Discovery
  • Efficient Secure Hash Algorithm Authenticates Peripherals
    • FIPS 202-Compliant SHA-3 Algorithm for Challenge/Response Authentication
    • FIPS 198-Compliant Keyed-Hash Message Authentication Code (HMAC)
    • TRNG with NIST SP 800-90B Compliant Entropy Source
  • Supplemental Features Enable Easy Integration into End Applications
    • 17-Bit One-Time Settable, Nonvolatile Decrement-Only Counter with Authenticated Read
    • One GPIO Pin with Optional Authentication Control
    • 2Kb of EEPROM for User Data, Key, and Control Registers
    • Unique and Unalterable Factory Programmed 64-Bit Identification Number (ROM ID)
    • Single-Contact, 1-Wire Interface Communication with Host at 11.7kbps and 62.5kbps
    • Operating Range: 3.3V ±10%, -40°C to +85°C
    • 6-Pin TDFN-EP Package (3mm x 3mm)


  • Authentication of Medical Sensors and Tools
  • IoT Node Authentication
  • Peripheral Authentication
  • Printer Cartridge Identi cation and Authentication
  • Reference Design License Management
  • Secure Management of Limited Use Consumables

See parametric specs for Secure Authenticators (33)

Part NumberApplicationsMemory TypeMemory SizeBus TypeVSUPPLY
Deep CoverOper. Temp.
See Notes
Access Control
Asset Tracking
IP Protection
Identification Systems
Medical Consumable ID
Medical Sensor Authentication and Calibration
PCB ID and Authentication
Print Cartridge Authentication
Printer Cartridge Configuration and Monitoring
Rack Card Security
Secure Access Control
EEPROM2K x 11-Wire2.97 to 3.63Yes-40 to +85
$1.02 @1k

Pricing Notes:
This pricing is BUDGETARY, for comparing similar parts. Prices are in U.S. dollars and subject to change. Quantity pricing may vary substantially and international prices may differ due to local duties, taxes, fees, and exchange rates. For volume-specific and version-specific prices and delivery, please see the price and availability page or contact an authorized distributor.

DS28E50EVKIT: Evaluation Kit for the DS28E50 and DS2477

Technical Documents

Tutorial 7325 How Secure Authenticators and Coprocessors Can Simplify Cryptography
Tutorial 7324 Cryptography: Planning for Threats and Countermeasures
Tutorial 7274 Cryptography: Is a Hardware or Software Implementation More Effective?
Tutorial 7269 Cryptography: Understanding the Benefits of the Physically Unclonable Function (PUF)
White Paper 7258 A Reverse-Engineering Assessment of a Secure Authenticator with PUF Technology
Tutorial 7254 Cryptography: Fundamentals on the Modern Approach
White Paper 7218 How Physically Unclonable Function (PUF) Technology Protects Embedded Systems
App Note 7015 Back to Basics: Secure Hash Algorithms
App Note 6896 Why Now is a Good Time to Secure Your Embedded Systems with SHA-3
App Note 6891 Secure Authentication for Medical Disposables
App Note 6799 How to Multiplex a 1-Wire Master into Numerous Channels
User Guide 6796 DS28E39 Security User Guide
App Note 6767 How ChipDNA Physically Unclonable Function Technology Protects Embedded Systems
User Guide 6724 DS28E50 Security User Guide
App Note 4717 Injection Molding an IC into a Connector or Consumable Item
Tutorial 4702 Easily Add Memory, Security, Monitoring, and Control to Medical Sensors and Consumables
Tutorial 1796 Guide to 1-Wire Communication

Additional Resources

Introduction to the DS28E50 DeepCover® Secure SHA-3 Authenticator with ChipDNA™ PUF Protection

Security Short Subjects: Symmetric Cryptography

Security Short Subjects: Symmetric Authentication Details

Security Short Subjects: Symmetric Key Authentication

Request Reliability Report for: DS28E50 
Device   Fab Process   Technology   Sample size   Rejects   FIT at 25°C   FIT at 55°C   Material Composition  

Note : The failure rates are summarized by technology and mapped to the associated material part numbers. The failure rates are highly dependent on the number of units tested.

Quality Management System >
Environmental Management System >


Related Resources

1-Wire® to I2C/SPI Bridge with Command Sequencer

  • Operate Remote I2C or SPI Devices Using Single-Contact 1-Wire Interface
  • No External Power Required
  • Flexible 1-Wire and I2C/SPI Master Operational Modes
  • Easy to Integrate

DeepCover Cryptographic Coprocessor with ChipDNA

  • Secure Coprocessor with NIST-Compliant Hardware-Based Crypto
  • Robust Countermeasures Protect Against Security Attacks
  • Enables Fast Time-to-Market with Easy End Application Integration
  • -40°C to +105°C, 1.62V to 3.63V

  • DS28C16
    I²C Low-Voltage SHA-3 Authenticator

    • Robust Countermeasures Protect Against Security Attacks
    • Efficient Secure Hash Algorithm Authenticates Peripherals
    • Supplemental Features Enable Easy Integration into End Applications