Authentication IC Technology

Maxim utilizes Federal Information Processing Standards (FIPS) standards-based cryptographic algorithms combined with unique device feature sets to implement secure authentication solutions. Specifically, FIPS 180 defined SHA algorithms are the foundation for symmetric-key SHA-256 devices and FIPS 186 for asymmetric-key ECDSA parts. In both cases authentication keys are stored in non-volatile memory using various die-level circuit techniques to provide the highest affordable protection against attacks deployed in an attempt to discover the value of the key. A factory programmed and per-device-unique 64-bit serial number is a fundamental data element that exists for cryptographic functions such as establishing unique secret/key values in each part. Additionally, all devices support user-controlled key management features to enable per-device unique key values as well as the ability to compute new key values without exposing results.

SHA-256 Based Symmetric-Key Authentication

 

SHA-256 Based Symmetric-Key Authentication

Sequence

  1. Host System generates random challenge data value and transmits to the SHA-256 Secure Authenticator (Slave Device) in the Accessory.
  2. Slave Device performs a SHA-256 computation of the Host Challenge; it's Secret-Key, and other stored data elements. This SHA-256 computation output is also known as the message authentication code or MAC. The MAC is transmitted back to the Host System to test for authenticity.
  3. Host System performs a SHA-256 computation of the challenge data sent to the Slave Device, the Secret-Key, and the data elements that are stored and openly readable in the Slave Device. Again this computation is a MAC value. Note the Host System SHA-256 operations are either done with a Secure Coprocessor or Secure Micro to protect the common Host-Slave Secret-Key.
  4. The Host System compares the MAC value received from the Slave Device to it's computed MAC value. If these MACs match, the Host System is assured that the Slave Device contains a Secret-Key value that is valid for the system and therefore the Accessory is authentic.

ECDSA Based Asymmetric-Key Authentication

 

ECDSA Based Asymmetric-Key Authentication

Sequence

  1. Host System generates random challenge data value and transmits to the ECDSA Secure Authenticator (Slave Device) in the Accessory.
  2. Slave Device first computes a SHA-256 hashed value of the host challenge and other stored data elements. The Slave Device then computes an ECDSA signature of this SHA-256 hashed value using its Private-Key and a random number that it also generates. The ECDSA signature is transmitted back to the Host System to test for verification.
  3. Host System computes a SHA-256 hashed value of the challenge data sent to the Slave Device and the data elements that are stored and openly readable in the Slave Device. The Host System then performs an ECDSA verification computation using the ECDSA signature received from the Slave Device, the host computed SHA-256 hashed value, and the Public-Key associated with the Slave Device Private-Key. Note the Host System SHA-256 and ECDSA operations are either done with a dedicated HW accelerated ECDSA Coprocessor or with a Host CPU with sufficient processing resources.
  4. The output of the ECDSA verification computation is a pass/value result. With a pass result the Host System is assured that the Slave Device contains a Private-Key value that is valid for the system and therefore the Accessory is authentic.

Summary Comparison: Secure Authentication with SHA-256 vs. ECDSA

Algorithm

Benefits

Tradeoff

SHA-256 Symmetric

  • Simpler algorithm
  • Lower IC cost
  • Lower authentication compute time
  • Enables Usage control
  • Must protect host side secret-key from compromise
  • Requires secure host micro and/or secure coprocessor

ECDSA Asymmetric

  • No protection needed for Host side public-key
  • System key distribution less complex, easier management of 3rd party parts
  • Secure host not required
  • Higher complexity algorithm
  • Increased IC cost
  • Longer authentication compute time

Maxim Options for Secure Authentication

To view Maxim products that provide Secure Authentication, please visit the Maxim DeepCover® page. For more technical information about secure authentication, please view the application notes listed in Technical Docs under the Related Resources heading at the top of this page.

In addition, if you are interested in learning more about the authentication algorithms used by Maxim, please visit the NIST Information Technology Laboratory, Security Standards page.

Resources