Top

DeepCover Secure Coprocessor

Provides Affordable Elliptic-Curve Public-Key Authentication Security to Protect Your Development Investment

Product Details

The DS2476 is a secure ECDSA and HMAC SHA-256 coprocessor companion to the DS28C36. The coprocessor can compute any required HMACs or ECDSA signatures to do any operation on the DS28C36. The DS2476 provides a core set of cryptographic tools derived from integrated asymmetric (ECC-P256) and symmetric (SHA-256) security functions. In addition to the security services provided by the hardware implemented crypto engines, the device integrates a FIPS/NIST true random number generator (RNG), 8Kb of secured EEPROM, a decrement-only counter, two pins of configurable GPIO, and a unique 64-bit ROM identification number (ROM ID).

The ECC public/private key capabilities operate from the NIST defined P-256 curve and include FIPS 186 compliant ECDSA signature generation and verification to support a bidirectional asymmetric key authentication model. The SHA-256 secret-key capabilities are compliant with FIPS 180 and are flexibly used either in conjunction with ECDSA operations or independently for multiple HMAC functions.

Two GPIO pins can be independently operated under command control and include configurability supporting authenticated and nonauthenticated operation including an ECDSA-based crypto-robust mode to support secure-boot of a host processor. This secure boot method can also be used to enable the coprocessor functions.

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced security to provide the most secure key storage possible. To protect against device-level security attacks, invasive and noninvasive countermeasures are implemented including active die shield, encrypted storage of keys, and algorithmic methods.

Key Features

  • ECC-256 Compute Engine
    • FIPS 186 ECDSA P256 Signature and Verification
    • ECDH Key Exchange with Authentication Prevents Man-in-the-Middle Attacks
    • ECDSA Authenticated R/W of Configurable Memory
  • FIPS 180 SHA-256 Compute Engine
    • HMAC
  • SHA-256 OTP (One-Time Pad) Encrypted R/W of Configurable Memory Through ECDH Established Key
  • Two GPIO Pins with Optional Authentication Control
    • Open-Drain, 4mA/0.4V
    • Optional SHA-256 or ECDSA Authenticated On/Off and State Read
    • Optional ECDSA Certificate to Set On/Off after Multiblock Hash for Secure Boot
  • RNG with NIST SP 800-90B Compliant Entropy Source with Function to Read Out
  • Optional Chip Generated Pr/Pu Key Pairs for ECC Operations
  • 17-Bit One-Time Settable, Nonvolatile Decrement-Only Counter with Authenticated Read
  • 8Kbits of EEPROM for User Data, Keys, and Certificates
  • Unique and Unalterable Factory Programmed 64-Bit Identification Number (ROM ID)
    • Optional Input Data Component to Crypto and Key Operations
  • I²C Communication, 100kHz and 400kHz
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • 6-Pin TDFN Package

Applications/Uses

  • Accessory and Peripheral Secure Authentication
  • Controller
  • IoT Node Crypto-Protection
  • Parameters
  • Secure Boot or Download of Firmware and/or System
  • Secure Storage of Cryptographic Keys for a Host
Parametric specs for Secure Authenticators
Crypto Engine Asymmetric
Applications Companion Coprocessor
IP Protection
Medical Consumable ID
Medical Sensor Authentication and Calibration
PCB ID and Authentication
Print Cartridge Authentication
Printer Cartridge Configuration and Monitoring
Secure Access Control
Bus Type I2C
Memory Type EEPROM
Memory Size 4K x 1
Deep Cover Yes
Oper. Temp. (°C) -40 to +85
Package/Pins TDFN/6
Budgetary
Price (See Notes)
$1.13 @1k
View More

Simplified Block Diagram

DS2476: Typical Application Circuit DS2476: Typical Application Circuit Zoom icon

Design & Development

Click any title below to view the detail page where available.

Description

The DS28C36 evaluation system (EV system) provides the hardware and software necessary to evaluate the DS28C36 and DS2476. The EV system consists of five DS28C36/DS2476 devices in a 6-pin TDFN package, a DS9121AQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs on Windows® 10, Windows 8, and Windows 7 operating systems (64- and 32-bit versions). The EV system provides a handy user interface to exercise the features of the DS28C36 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28C36 DeepCover® Secure Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • I2C Communication is Logged to Aid Firmware Designers Understanding of the DS2476 and DS28C36
  • I2C-USB Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V ±3% 1-Wire Operating Voltage
  • Convenient On-Board Test Points and TDFN Socket
  • Evaluation Software Available by Request
  • Proven PCB Layout
  • Fully Assembled and Tested

Description

The DS28E36 is a DeepCover® secure authenticator that provides a core set of cryptographic tools derived from integrated asymmetric (ECC-P256) and symmetric (SHA-256) security functions. In addition to the security services provided by the hardware implemented crypto engines, the device integrates a FIPS/NIST true random number generator (RNG), 8Kb of secured EEPROM, a decrement-only counter, two pins of configurable GPIO, and a unique 64-bit ROM identification number (ROM ID). This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. The DS28E36 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network.

The ECC public/private key capabilities operate from the NIST defined P-256 curve and include FIPS 186 compliant ECDSA signature generation and verification to support a bidirectional asymmetric key authentication model. The SHA-256 secret-key capabilities are compliant with FIPS 180 and are flexibly used either in conjunction with ECDSA operations or independently for multiple HMAC functions.

Two GPIO pins can be independently operated under command control and include configurability supporting authenticated and nonauthenticated operation including an ECDSA-based crypto-robust mode to support secure-boot of a host processor.

DeepCover embedded security solutions cloak sensitive data under multiple layers of advanced security to provide the most secure key storage possible. To protect against device-level security attacks, invasive and noninvasive countermeasures are implemented including active die shield, encrypted storage of keys, and algorithmic methods.

View Details

Features

  • ECC-256 Compute Engine
    • FIPS 186 ECDSA P256 Signature and Verification
    • ECDH Key Exchange with Authentication Prevents Man-in-the-Middle Attacks
    • ECDSA Authenticated R/W of Configurable Memory
  • SHA-256 Compute Engine
    • FIPS 180 MAC for Secure Download/Boot Operations
    • FIPS 198 HMAC for Bidirectional Authentication and Optional GPIO Control
  • Two GPIO Pins with Optional Authentication Control
    • Open-Drain, 4mA/0.4V
    • Optional SHA-256 or ECDSA Authenticated On/Off and State Read
    • Optional Set On/Off after Multiblock Hash for Secure Boot/Download
  • RNG with NIST SP 800-90B Compliant Entropy Source with Function to Read Out
  • Optional Chip Generated Pr/Pu Key Pairs for ECC Operations
  • 17-Bit One-Time Settable, Nonvolatile Decrement-Only Counter with Authenticated Read
  • 8Kbits of EEPROM for User Data, Keys, and Certificates
  • Unique and Unalterable Factory Programmed 64-Bit Identification Number (ROM ID)
    • Optional Input Data Component to Crypto and Key Operations
  • Single-Contact 1-Wire Interface Communication with Host at 11.7kbps and 62.5kbps
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • 6-Pin TDFN-EP Package (3mm x 3mm)

Description

The DS28E36 evaluation system (EV system) provides the hardware and software necessary to evaluate the DS28E36 and DS2476. The EV system consists of five DS28E36/DS2476 devices in a 6-pin TDFN package, a DS9121AQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs on Windows®10, Windows 8, and Windows 7 operating systems (64- and 32-bit versions). The EV system provides a handy user interface to exercise the features of the DS28E36 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28E36 DeepCover® Secure Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • I2C and 1-Wire Communication is Logged to Aid Firmware Designers Understanding of the DS2476 and DS28E36
  • USB- I2C/1-Wire Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V ±3% 1-Wire Operating Voltage
  • Convenient On-Board Test Points and TDFN Socket
  • Evaluation Software Available by Request
  • Proven PCB Layout
  • Fully Assembled and Tested

Description

The DS28E83 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28E83. The EV system consists of five DS28E83/ DS2476 devices in a 6-pin TDFN package, a DS9121AQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs under Windows® 10, Windows 8, and Windows 7 operating systems, both 64-bit and 32-bit versions. It provides a handy user interface to exercise the features of the DS28E83 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28E83 DeepCover® Radiation Resistant 1-Wire Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • 1-Wire/I2C Communication Is Logged to Aid Firmware Designers Understanding of DS28E83 and DS2476
  • 1-Wire/I2C USB Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V ±3% 1-Wire Operating Voltage
  • Convenient On-Board Test Points, TDFN Socket
  • Evaluation Software Available by Request

Description

The DS28E39 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28E39. The EV system consists of five DS28E39/DS2476 devices in a 6-pin TDFN package, a DS9121AQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs under Windows®10, Windows 8, and Windows 7 operating systems, both 64-bit and 32-bit versions. It provides a handy user interface to exercise the features of the DS28E39 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28E39 DeepCover® Secure ChipDNA 1-Wire Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • 1-Wire/I2C Communication Is Logged to Aid Firmware Designers Understanding of DS28E39 and DS2476
  • 1-Wire/I2C USB Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V &plusmn3% 1-Wire Operating Voltage
  • Convenient On-Board Test Points, TDFN Socket
  • Evaluation Software Available by Request

Description

The DS28E84 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28E84. The EV system consists of five DS28E84/DS2476 devices in a 6-pin TDFN package, two DS9121AQ+ evaluation TDFN socket boards, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs under Windows® 10, Windows 8, and Windows 7 operating systems, both 64-bit and 32-bit versions. It provides a handy user interface to exercise the features of the DS28E84 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28E84 DeepCover® Radiation Resistant 1-Wire Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • 1-Wire/I2C Communication Is Logged to Aid Firmware Designers Understanding of DS28E84 and DS2476
  • 1-Wire/I2C USB Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V ±3% 1-Wire Operating Voltage
  • Convenient On-Board Test Points, TDFN Socket
  • Evaluation Software Available by Request

Description

The DS28C39 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28C39. The EV system consists of five DS28C39/DS2476 devices in a 6-pin TDFN package, a DS9121AQ+ evaluation TDFN socket board, a DS9121BQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs under Windows® 10, Windows 8, and Windows 7 operating systems, both 64-bit and 32-bit versions. It provides a handy user interface to exercise the features of the DS28C39 and DS2476.

View Details

Features

  • Demonstrates the Features of the DS28C39 DeepCover® ECDSA Authenticator
  • Demonstrates the Features of the DS2476 DeepCover Secure Coprocessor
  • I2C Communication Is Logged to Aid Firmware Designers Understanding of DS28C39 and DS2476
  • I2C USB Adapter Creates a Virtual COM Port on Any PC
  • Fully Compliant with USB Specification v2.0
  • Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64-Bit and 32-Bit Versions
  • 3.3V ±10% I2C Operating Voltage
  • Convenient On-Board Test Points, TDFN Socket
  • Evaluation Software Available by Request

/en/design/design-tools/ee-sim.html?

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.

Parameters

Parametric specs for Secure Authenticators
Crypto Engine Asymmetric
Applications Companion Coprocessor
IP Protection
Medical Consumable ID
Medical Sensor Authentication and Calibration
PCB ID and Authentication
Print Cartridge Authentication
Printer Cartridge Configuration and Monitoring
Secure Access Control
Bus Type I2C
Memory Type EEPROM
Memory Size 4K x 1
Deep Cover Yes
Oper. Temp. (°C) -40 to +85
Package/Pins TDFN/6
Budgetary
Price (See Notes)
$1.13 @1k

Key Features

  • ECC-256 Compute Engine
    • FIPS 186 ECDSA P256 Signature and Verification
    • ECDH Key Exchange with Authentication Prevents Man-in-the-Middle Attacks
    • ECDSA Authenticated R/W of Configurable Memory
  • FIPS 180 SHA-256 Compute Engine
    • HMAC
  • SHA-256 OTP (One-Time Pad) Encrypted R/W of Configurable Memory Through ECDH Established Key
  • Two GPIO Pins with Optional Authentication Control
    • Open-Drain, 4mA/0.4V
    • Optional SHA-256 or ECDSA Authenticated On/Off and State Read
    • Optional ECDSA Certificate to Set On/Off after Multiblock Hash for Secure Boot
  • RNG with NIST SP 800-90B Compliant Entropy Source with Function to Read Out
  • Optional Chip Generated Pr/Pu Key Pairs for ECC Operations
  • 17-Bit One-Time Settable, Nonvolatile Decrement-Only Counter with Authenticated Read
  • 8Kbits of EEPROM for User Data, Keys, and Certificates
  • Unique and Unalterable Factory Programmed 64-Bit Identification Number (ROM ID)
    • Optional Input Data Component to Crypto and Key Operations
  • I²C Communication, 100kHz and 400kHz
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • 6-Pin TDFN Package

Applications/Uses

  • Accessory and Peripheral Secure Authentication
  • Controller
  • IoT Node Crypto-Protection
  • Parameters
  • Secure Boot or Download of Firmware and/or System
  • Secure Storage of Cryptographic Keys for a Host

Description

The DS2476 is a secure ECDSA and HMAC SHA-256 coprocessor companion to the DS28C36. The coprocessor can compute any required HMACs or ECDSA signatures to do any operation on the DS28C36. The DS2476 provides a core set of cryptographic tools derived from integrated asymmetric (ECC-P256) and symmetric (SHA-256) security functions. In addition to the security services provided by the hardware implemented crypto engines, the device integrates a FIPS/NIST true random number generator (RNG), 8Kb of secured EEPROM, a decrement-only counter, two pins of configurable GPIO, and a unique 64-bit ROM identification number (ROM ID).

The ECC public/private key capabilities operate from the NIST defined P-256 curve and include FIPS 186 compliant ECDSA signature generation and verification to support a bidirectional asymmetric key authentication model. The SHA-256 secret-key capabilities are compliant with FIPS 180 and are flexibly used either in conjunction with ECDSA operations or independently for multiple HMAC functions.

Two GPIO pins can be independently operated under command control and include configurability supporting authenticated and nonauthenticated operation including an ECDSA-based crypto-robust mode to support secure-boot of a host processor. This secure boot method can also be used to enable the coprocessor functions.

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced security to provide the most secure key storage possible. To protect against device-level security attacks, invasive and noninvasive countermeasures are implemented including active die shield, encrypted storage of keys, and algorithmic methods.

Simplified Block Diagram

DS2476: Typical Application Circuit DS2476: Typical Application Circuit Zoom icon

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.