DeepCover Secure Authenticator with 1-Wire ECDSA and 1Kb User EEPROM

Provides Affordable Elliptic-Curve Public-Key Authentication Security to Protect Your Development Investment

Please check latest availability status for a specific part variant.


DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible.

The DeepCover Secure Authenticator (DS28E35) provides a highly secure solution for a host controller to authenticate peripherals based on the industry standard (FIPS 186) public-key based Elliptic Curve Digital Signature Algorithm (ECDSA). The ECDSA engine computes keys and signatures using a pseudorandom curve over a prime field according to the “Standards for Efficient Cryptography (SEC)”. The private and public key can be computed by the device or installed by the user and optionally locked. Separate memory space is set aside to store and lock a public-key certificate as it is needed to verify authenticity. In addition to ECDSA-related memory, the device has 1024 bits of user memory that is organized as four pages of 256 bits. Page protection modes include write protection, read protection, and one-time-programmable (OTP) memory emulation modes. The DS28E35 also features a one-time settable, nonvolatile 17-bit decrement-on-command counter, which can be used to keep track of the lifetime of the object to which the DS28E35 is attached. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. The DS28E35 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multi-device 1-Wire network.

Key Features

  • ECDSA Engine for Public-Key Signature Using a Defined SEC Domain Parameter Set
  • On-Chip Hardware Random Number Generator
  • Private and Public Key Can Be Computed by the Device or Loaded from Outside with Optional Automatic Locking
  • Separate User-Programmable and Lockable Memory Space to Store a Public-Key Certificate
  • 17-Bit One-Time Settable, Nonvolatile Decrement-On-Command Counter
  • SHA-256 Engine to Compute a Hash of EEPROM Page Data and Host Challenge for Subsequent ECDSA Signing
  • 1024 Bit of User EEPROM Organized as Four Pages of 256 Bits
  • Programmable and Irreversible User EEPROM Protection Modes Including Write Protection, Read Protection, and OTP/EPROM Emulation for Individual Memory Pages
  • Unique Factory-Programmed 64-Bit Identification Number
  • Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
  • Operating Range: 3.3V ±10%, -40°C to +85°C
  • ±8kV HBM ESD Protection (typ) for IO Pin
  • 8-Pin TDFN and 6-Pin TSOC Packages


  • Authentication of Consumables
  • Medical Sensors
  • Peripheral Authentication
  • Printer Cartridge Identification and Authentication

Pricing Notes:
This pricing is BUDGETARY, for comparing similar parts. Prices are in U.S. dollars and subject to change. Quantity pricing may vary substantially and international prices may differ due to local duties, taxes, fees, and exchange rates. For volume-specific and version-specific prices and delivery, please see the price and availability page or contact an authorized distributor.

DS28E35EVKIT: Evaluation System for the DS28E35
Product Reliability Reports: DS28E35.pdf 
Device   Fab Process   Technology   Sample size   Rejects   FIT at 25°C   FIT at 55°C   Material Composition  

Note : The failure rates are summarized by technology and mapped to the associated material part numbers. The failure rates are highly dependent on the number of units tested.

Quality Management System >
Environmental Management System >


Related Resources

1-Wire Dual-Port Link

  • Two-Contact Solution Enables Advance TWS Features
  • Full Range of Capabilities for Earbud and Charging Case Detection
  • Minimalist Dual 1-Wire Interface Reduces Cost and Complexity

1-Wire® to I2C/SPI Bridge with Command Sequencer

  • Operate Remote I2C or SPI Devices Using Single-Contact 1-Wire Interface
  • No External Power Required
  • Flexible 1-Wire and I2C/SPI Master Operational Modes
  • Easy to Integrate

I²C Low-Voltage SHA-3 Authenticator

  • Robust Countermeasures Protect Against Security Attacks
  • Efficient Secure Hash Algorithm Authenticates Peripherals
  • Supplemental Features Enable Easy Integration into End Applications