DS28EL22
DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM
Protect Your Development Investment with Crypto-Strong Authentication and Advanced Physical Security
Maxim Confidential 
MyMaxim SubscriptionsProduct Details
DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Authenticator (DS28EL22) combines crypto-strong, bidirectional, secure challenge-and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 2Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28EL22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28EL22 is authentic. Host-to-slave authentication is used to protect DS28EL22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28EL22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL22 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple-device 1-Wire network.
Our Secure Drug Delivery video shows how Maxim security products can be used to authenticate remote drug delivery.Key Features
- Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
- Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
- Strong Authentication with a High Bit Count, User-Programmable Secret, and Input Challenge
- 2048 Bits of User EEPROM Partitioned Into 8 Pages of 256 Bits
- User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
- Unique, Factory-Programmed 64-Bit Identification Number
- Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
- Operating Range: 1.8V ±5%, -40°C to +85°C
- Low-Power 5µA (typ) Standby
- ±8kV Human Body Model ESD Protection (typ)
- 6-Pin TDFN Package
Applications/Uses
- Authentication of Network-Attached Appliances
- Key Generation and Exchange for Cryptographic Systems
- Printer Cartridge ID/Authentication
- Reference Design License Management
- Secure Feature Setting for Configurable Systems
- Sensor/Accessory Authentication and Calibration
- System Intellectual Property Protection
| Crypto Engine | Symmetric |
| Applications | IP Protection Medical Consumable ID PCB ID and Authentication Print Cartridge Authentication |
| Bus Type | 1-Wire |
| Memory Type | EEPROM |
| Memory Size | 2K x 1 |
| Deep Cover | Yes |
| Oper. Temp. (°C) | -40 to +85 |
| Package/Pins | TDFN/6 |
| Budgetary Price (See Notes) | $1.21 @1k |
Technical Docs
Click any title below to view the detail page where available.
Description
Features
- Complete EV System:
- Five DS28EL22 ICs in TDFN-EP Package
- One USB-to-I2C Module (DS9400#) Provides PC Connection
- DS2465 EV Board Provides 1-Wire Interface and SHA-256 Coprocessor
- One EV Board (DS9120Q+) with TDFN-EP Socket Provides Easy Chip Evaluation
- USB-to-I2C Module Contains Prolific PL-2303HXD USB-to-UART Chip
- Enumerates as a Virtual PC COM Port
- Windows Certified Logo USB Device Driver Available
- Standard USB Cable Interface
- I2C Host Interface Supports 400kHz I2C Communication Speeds
- EV Board Contains Convenient On-Board Test Points
- Evaluation Software Will Be Provided Along with Full Evaluation Kit Data Sheet
Description
The DS9481R-200 is a USB-to-1-Wire® adapter for easy PC connectivity to 1-Wire devices. The adapter provides an RJ11 connector with the signals to communicate with all 1-Wire and iButton® devices that support a 1.8V data I/O level. Additionally, the adapter provides the support and signaling to program 1-Wire/iButton EEPROM devices. To provide a total hardware solution, the DS9481R-200 can readily be used with the family of DS9120 socket adapters to create a 1-Wire PC programmer for 1-Wire slave devices (contact factory for more information). The equivalent slave hardware solution for the iButton is the DS1402D-DR8.
View DetailsFeatures
- Driver Support for Windows® 8, Windows 7, and Windows Vista® Operating Systems
- Enumerates as a Virtual PC COM Port by Use of the Prolific PL-2303HXD USB-to-UART Bridge IC
- Emulates the DS2480B 1-Wire Line Driving Functionality
- 1-Wire EEPROM Programming
- 1.8V Read/Write Operation to 1-Wire/iButton Devices
- RJ11 Interface for Standard Connectivity Accessories such as the DS9120 Family of Socket Adapters
- Supports Standard and Overdrive 1-Wire Communication
- Provides Strong Pullup to 1.8V
- Fully Compliant with USB 2.0 Specification
Programming Secure Authenticators
Support & Training
Search our knowledge base for answers to your technical questions.
Filtered SearchOur dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal
Parameters
| Crypto Engine | Symmetric |
| Applications | IP Protection Medical Consumable ID PCB ID and Authentication Print Cartridge Authentication |
| Bus Type | 1-Wire |
| Memory Type | EEPROM |
| Memory Size | 2K x 1 |
| Deep Cover | Yes |
| Oper. Temp. (°C) | -40 to +85 |
| Package/Pins | TDFN/6 |
| Budgetary Price (See Notes) | $1.21 @1k |
Key Features
- Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
- Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
- Strong Authentication with a High Bit Count, User-Programmable Secret, and Input Challenge
- 2048 Bits of User EEPROM Partitioned Into 8 Pages of 256 Bits
- User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
- Unique, Factory-Programmed 64-Bit Identification Number
- Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
- Operating Range: 1.8V ±5%, -40°C to +85°C
- Low-Power 5µA (typ) Standby
- ±8kV Human Body Model ESD Protection (typ)
- 6-Pin TDFN Package
Applications/Uses
- Authentication of Network-Attached Appliances
- Key Generation and Exchange for Cryptographic Systems
- Printer Cartridge ID/Authentication
- Reference Design License Management
- Secure Feature Setting for Configurable Systems
- Sensor/Accessory Authentication and Calibration
- System Intellectual Property Protection
Description
DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Authenticator (DS28EL22) combines crypto-strong, bidirectional, secure challenge-and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 2Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28EL22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28EL22 is authentic. Host-to-slave authentication is used to protect DS28EL22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28EL22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL22 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple-device 1-Wire network.
Our Secure Drug Delivery video shows how Maxim security products can be used to authenticate remote drug delivery.Technical Docs
Support & Training
Search our knowledge base for answers to your technical questions.
Filtered SearchOur dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal
Request a Quote