Top

DeepCover Secure Memory with I2C SHA-256 and 3Kb User EEPROM

Protect Your Development Investment with SHA-256 Crypto-Strong Authentication and Encryption

Product Details

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Memory (DS28C22) combines crypto-strong, bidirectional, secure challenge-and-response authentication and small message encryption functionality with an implementation based on the FIPS 180-specified Secure Hash Algorithm (SHA-256). A 3Kb user-programmable EEPROM array provides nonvolatile storage for application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique and unalterable 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication and encryption between a host system and slave-embedded DS28C22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28C22 is authentic. Host-to-slave authentication is used to protect DS28C22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28C22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The device also facilitates encrypted read and write between host and slave using a one time pad computed by the SHA-256 engine. When not in use, the DS28C22 can be put in sleep mode where power consumption is minimal.

Key Features

  • Symmetric Key-Based Bidirectional Secure Authentication and Encryption Model Based on SHA-256
  • Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
  • Strong Authentication with a 256-Bit, User-Programmable Secret, and Input Challenge
  • 3072 Bits of User EEPROM Partitioned Into 12 Pages of 256 Bits
  • User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, Encryptions, and OTP/EPROM Emulation
  • Supports 100kHz and 400kHz I2C Communication Speeds
  • Supports Power-Saving Sleep Mode at 0.5µA (typ)
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • 8-Pin TDFN Package

Applications/Uses

  • Authentication of Network-Attached Appliances
  • Key Generation and Secure Exchange for Cryptographic Systems
  • Secure Feature Setting for Configurable Systems
  • System Intellectual Property Protection
Parametric specs for Secure Authenticators
Crypto Engine Symmetric
Applications IP Protection
PCB ID and Authentication
Bus Type I2C
Memory Type EEPROM
Memory Size 3K x 1
Deep Cover Yes
Oper. Temp. (°C) -40 to +85
Package/Pins TDFN/8
Budgetary
Price (See Notes)
$1.04 @1k
View More

Simplified Block Diagram

DS28C22: Typical Application Circuit DS28C22: Typical Application Circuit Zoom icon

Technical Docs

Design & Development

Click any title below to view the detail page where available.

Description

The DS28C22 evaluation system (EV system) provides the hardware and software necessary to evaluate and program the DS28C22 DeepCover® Secure Authenticator. EV system operation requires a host PC for user-friendly evaluation.
This evaluation system includes a DS9400 USB-to-I2C PC adapter, a DS9121Q+ evaluation socket board for a TDFN DS28C22, and five DS28C22 sample devices in a TDFN package. The EV software runs on Windows® 8, Windows 7, Windows Vista®, and Windows XP® operating systems. Detailed instructions for downloading and installing software, as well as general EV system operation is included in the EV system data sheet; software and documentation are available at the link above.
Note: The DS2465 EV board and DS9400# subcomponents are not available for direct sale outside of evaluation systems. A data sheet specific to DS9400# is not available.

View Details

Features

  • Complete EV System:
    • Five DS28C22 ICs in TDFN-EP Package
    • One USB-to-I2C Module (DS9400#) Provides PC Connection
    • One EV Board (DS9121Q+) with TDFN-EP Socket Provides Easy Chip Evaluation
  • USB-to-I2C Module Contains Prolific PL-2303HXD USB-to-UART Chip
    • Enumerates as a Virtual PC COM Port
    • Windows Certified Logo USB Device Driver Available
    • Standard USB Cable Interface
  • I2C Host Interface Supports 400kHz I2C Communication Speeds
  • EV Board Contains Convenient On-Board Test Points
  • Evaluation Software Will Be Provided Along with Full Evaluation Kit Data Sheet

/en/design/design-tools/ee-sim.html?

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.

Parameters

Parametric specs for Secure Authenticators
Crypto Engine Symmetric
Applications IP Protection
PCB ID and Authentication
Bus Type I2C
Memory Type EEPROM
Memory Size 3K x 1
Deep Cover Yes
Oper. Temp. (°C) -40 to +85
Package/Pins TDFN/8
Budgetary
Price (See Notes)
$1.04 @1k

Key Features

  • Symmetric Key-Based Bidirectional Secure Authentication and Encryption Model Based on SHA-256
  • Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
  • Strong Authentication with a 256-Bit, User-Programmable Secret, and Input Challenge
  • 3072 Bits of User EEPROM Partitioned Into 12 Pages of 256 Bits
  • User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, Encryptions, and OTP/EPROM Emulation
  • Supports 100kHz and 400kHz I2C Communication Speeds
  • Supports Power-Saving Sleep Mode at 0.5µA (typ)
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • 8-Pin TDFN Package

Applications/Uses

  • Authentication of Network-Attached Appliances
  • Key Generation and Secure Exchange for Cryptographic Systems
  • Secure Feature Setting for Configurable Systems
  • System Intellectual Property Protection

Description

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Memory (DS28C22) combines crypto-strong, bidirectional, secure challenge-and-response authentication and small message encryption functionality with an implementation based on the FIPS 180-specified Secure Hash Algorithm (SHA-256). A 3Kb user-programmable EEPROM array provides nonvolatile storage for application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique and unalterable 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication and encryption between a host system and slave-embedded DS28C22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28C22 is authentic. Host-to-slave authentication is used to protect DS28C22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28C22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The device also facilitates encrypted read and write between host and slave using a one time pad computed by the SHA-256 engine. When not in use, the DS28C22 can be put in sleep mode where power consumption is minimal.

Simplified Block Diagram

DS28C22: Typical Application Circuit DS28C22: Typical Application Circuit Zoom icon

Technical Docs

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.