Top

Ultra Low-Power Cryptographic Controller with ChipDNATM for Embedded Devices

Cryptographic Functions for Root-of-Trust, Authentication, Secure Boot and Firmware Updates, Encryption, and TLS Support

Product Details

Key Features

Parametric specs for Secure Authenticators
Crypto Engine Asymmetric, Symmetric
End Equipment Access Control
Electronic Access Control
IoT Node Crypto-Protection
Medical Sensor Authentication and Calibration
Secure Authentication of Accessories and Peripherals
Secure Boot or Download
Bus Type SPI
Memory Type Secure Non-Volatile Memory
Memory Size 8 KB
Deep Cover Yes
Oper. Temp. (°C) -40 to 105 C
Package/Pins TDFN-CU/12
Budgetary
Price (See Notes)
0.83
View Less

Simplified Block Diagram

Technical Docs

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal .

Parameters

Parametric specs for Secure Authenticators
Crypto Engine Asymmetric, Symmetric
End Equipment Access Control
Electronic Access Control
IoT Node Crypto-Protection
Medical Sensor Authentication and Calibration
Secure Authentication of Accessories and Peripherals
Secure Boot or Download
Bus Type SPI
Memory Type Secure Non-Volatile Memory
Memory Size 8 KB
Deep Cover Yes
Oper. Temp. (°C) -40 to 105 C
Package/Pins TDFN-CU/12
Budgetary
Price (See Notes)
0.83

Key Features

  • ECC Compute Engine Using Curve NIST P-256
    • FIPS-186 ECDSA
    • NIST SP800-56Ar3 Key Exchange with Static Unified Model, C(0e, 2s, ECC CDH) with One-Step Key Derivation Using SHA-256
    • On-Board EC Key Generation with SP800-90B/A
  • SHA-2 Compute Engine
    • NIST FIPS-180-4 SHA2-256, HMAC-SHA-256
  • AES Compute Engine with 128 and 256 Key Sizes
    • ECB, CBC, CCM, GCM Cipher Modes
    • CBC-MAC, CMAC Message Authentication Codes
    • Onboard AES Key Generation with SP800-90A/B
  • True Random Number Generator (TRNG)
    • NIST SP800-90A/C Compliant
    • NIST SP800-90B Entropy Source
  • Secure Communication
    • TLS/DTLS 1.2 Handshake and Record Layer
      • ECDSA Authentication
      • ECDHE Key Exchange
      • AES-GCM or CCM Record Layer
    • SP800-56Ar3-Based Key Exchange
  • X.509 v3 Certificate Support
    • Storage of Root and Device Certificates
    • Onboard Verification of Chains of Certificates
    • ECDSA Verification on Supported Curves
  • High-Speed Interface for Host Microcontroller Communication
    • 10MHz SPI with Mode 0 or Mode 3 Operation
  • 8KB User Flash Array with ChipDNA PUF Encryption
  • Unique, Unalterable Factory-Programmed ID Number
  • Tamper Input Detects System-Level Intrusion
  • Secure Factory Provisioning Service
  • 12-Pin, 3mm x 3mm TDFN Package
  • -40°C to +105°C, 1.62V to 3.63V
  • Low-Power Operation: 100nA (typ) in Standby

ChipDNA is a trademark of Maxim Integrated Products, Inc.
DeepCover is a registered trademark of Maxim Integrated Products, Inc.




Applications/Uses

  • Anti-cloning, Anti-counterfeiting, Feature and Usage Control
  • Certificate Management
  • Mutual Authentication
  • Secure Boot, Secure Firmware Update
  • Secure Communication: Key Exchange, TLS
  • Secure Data Storage
  • System-Level Tamper Protection and Integrity

Description

The MAXQ1065 is a security coprocessor that provides turnkey cryptographic functions for root-of-trust, mutual authentication, data confidentiality and integrity, secure boot, secure firmware update, and secure communications with generic key exchange and bulk encryption or complete TLS support. The device integrates 8KB of secure storage for user data, keys, certificates, and counters with user-defined access control and life cycle management. It also has a configurable output pin and a tamper input pin. Commands are accessible through a standard SPI interface.

The MAXQ1065's low power consumption makes it suitable for battery-powered applications, and the extremely reduced footprint and pin count allow easy integration into medical and wearable devices. Its lifetime and operating range make it compatible with long-term deployments in harsh environments. The MAXQ1065 life cycle management allows flexible access control rules during the major life cycle stages of the device. Secure key loading protocol and secure factory preprogramming are available.

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced security to provide the most secure key storage possible. To protect against device-level security attacks, invasive and noninvasive countermeasures are implemented including active die shield, encrypted storage of keys using the ChipDNA PUF technology, and externally callable algorithmic subroutines.

Simplified Block Diagram

MAXQ1065:Functional Diagram MAXQ1065: Functional Diagram Zoom icon

Technical Docs

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal .