• End-Point Authentication
• End-to-End Encryption
• Internet of Things (IoT) Device Security
• Key Management and Exchange
• Prevention of Counterfeit Products

The DS28S60 DeepCover^® cryptographic coprocessor easily integrates into embedded systems enabling confidentiality, authentication and integrity of information. With a fixed command set and no device-level firmware development required, the DS28S60 makes it fast and easy to implement full security for IoT devices. Communication with the device is performed using the industry-standard SPI slave interface at up to 20Mbps with a simple set of commands that provide a comprehensive security toolbox utilizing hardware-based cryptographic blocks. As a co-processor to an SPI-interfaced host controller, the command functionality includes ECDSA-P256 signature and verification, SHA-256 based digital signature, AES-128 packet encryption/decryption, ECDHE key exchange for session key generation, and access to high-quality random numbers. An NIST SP800-90B compliant true random number generator (TRNG) is integrated for on-chip cryptographic operations as well as providing random data and nonces to the host controller, if required. Nonvolatile storage for secrets, certificates, public/private keys, and application-specific sensitive data is supported with 3.6KB of secured flash memory.

The DS28S60 integrates Maxim’s patented ChipDNA™ feature, a physically unclonable function (PUF) to provide a cost-effective solution with the ultimate protection against security attacks. Using the random variation of semiconductor device characteristics that naturally occur during wafer fabrication, the ChipDNA circuit generates a unique output value that is repeatable over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modifies the underlying circuit characteristics, preventing discovery of the unique value used by the chip's cryptographic functions. ChipDNA output is utilized as key content to cryptographically secure all device-stored data.