Top

DeepCover Secure Authenticator with 1-Wire SHA-256 and 4Kb User EEPROM

Protect Your Development Investment with Crypto-Strong Authentication and Advanced Physical Security

Product Details

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the industry’s most secure key storage possible. The Deepcover Secure Authenticator (DS28EL25) combines crypto-strong, bidirectional, secure challenge-and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 4Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28EL25. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28EL25 is authentic. Host-to-slave authentication is used to protect DS28EL25 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28EL25 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL25 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple-device 1-Wire network.

Our Secure Drug Delivery video shows how Maxim security products can be used to authenticate remote drug delivery.

Key Features

  • Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
  • Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
  • Strong Authentication with a High Bit Count, User-Programmable Secret, and Input Challenge
  • 4096 Bits of User EEPROM Partitioned Into 16 Pages of 256 Bits
  • User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
  • Unique, Factory-Programmed 64-Bit Identification Number
  • Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
  • Operating Range: 1.8V ±5%, -40°C to +85°C
  • Low-Power 5µA (typ) Standby
  • ±8kV Human Body Model ESD Protection (typ)
  • 6-Pin TDFN Package

Applications/Uses

  • Identification and authentication of consumables
  • Reference Design License Management
  • Sensor/Accessory Authentication and Calibration
  • System Intellectual Property Protection

Simplified Block Diagram

DS28EL25: Typical Application Circuit DS28EL25: Typical Application Circuit Zoom icon

Design & Development

Click any title below to view the detail page where available.

Additional Resources
Programming Options
Programming Secure Authenticators

Description

The DS28EL25 evaluation system (EV system) provides the hardware and software necessary to evaluate and program the DS28EL25 DeepCover® Secure Authenticator. EV system operation requires a host PC for user-friendly evaluation.
This evaluation system includes a DS9400 USB-to-I2C PC adapter, a DS2465 EV board, a DS9120Q+ evaluation socket board for a TDFN DS28EL25, and five DS28EL25 sample devices in a TDFN package. The EV software runs on Windows® 8, Windows 7, Windows Vista®, and Windows XP® operating systems. Detailed instructions for downloading and installing software, as well as general EV system operation are included in the EV system data sheet; software and documentation are available at the link above.
Note: The DS2465 EV board and DS9400# subcomponents are not available for direct sale outside of evaluation systems. A data sheet specific to DS9400# is not available.

View Details

Features

  • Complete EV System:
    • Five DS28EL25 ICs in TDFN-EP Package
    • One USB-to-I2C Module (DS9400#) Provides PC Connection
    • DS2465 EV Board Provides 1-Wire Interface and SHA-256 Coprocessor
    • One EV Board (DS9120Q+) with TDFN-EP Socket Provides Easy Chip Evaluation
  • USB-to-I2C Module Contains Prolific PL-2303HXD USB-to-UART Chip
    • Enumerates as a Virtual PC COM Port
    • Windows Certified Logo USB Device Driver Available
    • Standard USB Cable Interface
  • I2C Host Interface Supports 400kHz I2C Communication Speeds
  • EV Board Contains Convenient On-Board Test Points
  • Evaluation Software Will Be Provided Along with Full Evaluation Kit Data Sheet

Description

The DS9481R-200 is a USB-to-1-Wire® adapter for easy PC connectivity to 1-Wire devices. The adapter provides an RJ11 connector with the signals to communicate with all 1-Wire and iButton® devices that support a 1.8V data I/O level. Additionally, the adapter provides the support and signaling to program 1-Wire/iButton EEPROM devices. To provide a total hardware solution, the DS9481R-200 can readily be used with the family of DS9120 socket adapters to create a 1-Wire PC programmer for 1-Wire slave devices (contact factory for more information). The equivalent slave hardware solution for the iButton is the DS1402D-DR8.

View Details

Features

  • Driver Support for Windows® 8, Windows 7, and Windows Vista® Operating Systems
  • Enumerates as a Virtual PC COM Port by Use of the Prolific PL-2303HXD USB-to-UART Bridge IC
  • Emulates the DS2480B 1-Wire Line Driving Functionality
  • 1-Wire EEPROM Programming
  • 1.8V Read/Write Operation to 1-Wire/iButton Devices
  • RJ11 Interface for Standard Connectivity Accessories such as the DS9120 Family of Socket Adapters
  • Supports Standard and Overdrive 1-Wire Communication
  • Provides Strong Pullup to 1.8V
  • Fully Compliant with USB 2.0 Specification

/en/design/design-tools/ee-sim.html?

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal

Parameters

Key Features

  • Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
  • Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
  • Strong Authentication with a High Bit Count, User-Programmable Secret, and Input Challenge
  • 4096 Bits of User EEPROM Partitioned Into 16 Pages of 256 Bits
  • User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
  • Unique, Factory-Programmed 64-Bit Identification Number
  • Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
  • Operating Range: 1.8V ±5%, -40°C to +85°C
  • Low-Power 5µA (typ) Standby
  • ±8kV Human Body Model ESD Protection (typ)
  • 6-Pin TDFN Package

Applications/Uses

  • Identification and authentication of consumables
  • Reference Design License Management
  • Sensor/Accessory Authentication and Calibration
  • System Intellectual Property Protection

Description

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the industry’s most secure key storage possible. The Deepcover Secure Authenticator (DS28EL25) combines crypto-strong, bidirectional, secure challenge-and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 4Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28EL25. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28EL25 is authentic. Host-to-slave authentication is used to protect DS28EL25 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28EL25 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL25 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple-device 1-Wire network.

Our Secure Drug Delivery video shows how Maxim security products can be used to authenticate remote drug delivery.

Simplified Block Diagram

DS28EL25: Typical Application Circuit DS28EL25: Typical Application Circuit Zoom icon

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal