Maxim Integrated utilizes Federal Information Processing Standards (FIPS) standards-based cryptographic algorithms combined with unique device feature sets to implement secure authentication solutions. Specifically, FIPS 180 defined SHA algorithms are the foundation for symmetric-key SHA-256, FIPS 202 for symmetric-key SHA3-256, and FIPS 186 for asymmetric-key ECDSA parts. In all cases authentication keys are stored in secure non-volatile memory using various die-level circuit techniques to provide the highest affordable protection against attacks deployed in an attempt to discover the value of the key. A factory programmed and per-device-unique 64-bit serial number is a fundamental data element that exists for cryptographic functions such as establishing unique secret/key values in each part. Additionally, all devices support user-controlled key management features to enable per-device unique key values as well as the ability to compute new key values without exposing results.
SHA-256 Based Symmetric-Key Authentication
- Host System generates random challenge data value and transmits to the SHA-256 Secure Authenticator (Slave Device) in the Accessory.
- Slave Device performs a SHA-256 computation of the Host Challenge; it's Secret-Key, and other stored data elements. This SHA-256 computation output is also known as the message authentication code or MAC. The MAC is transmitted back to the Host System to test for authenticity.
- Host System performs a SHA-256 computation of the challenge data sent to the Slave Device, the Secret-Key, and the data elements that are stored and openly readable in the Slave Device. Again this computation is a MAC value. Note the Host System SHA-256 operations are either done with a Secure Coprocessor or Secure Micro to protect the common Host-Slave Secret-Key.
- The Host System compares the MAC value received from the Slave Device to it's computed MAC value. If these MACs match, the Host System is assured that the Slave Device contains a Secret-Key value that is valid for the system and therefore the Accessory is authentic.
ECDSA Based Asymmetric-Key Authentication
- Host System generates random challenge data value and transmits to the ECDSA Secure Authenticator (Slave Device) in the Accessory.
- Slave Device first computes a SHA-256 hashed value of the host challenge and other stored data elements. The Slave Device then computes an ECDSA signature of this SHA-256 hashed value using its Private-Key and a random number that it also generates. The ECDSA signature is transmitted back to the Host System to test for verification.
- Host System computes a SHA-256 hashed value of the challenge data sent to the Slave Device and the data elements that are stored and openly readable in the Slave Device. The Host System then performs an ECDSA verification computation using the ECDSA signature received from the Slave Device, the host computed SHA-256 hashed value, and the Public-Key associated with the Slave Device Private-Key. Note the Host System SHA-256 and ECDSA operations are either done with a dedicated HW accelerated ECDSA Coprocessor or with a Host CPU with sufficient processing resources.
- The output of the ECDSA verification computation is a pass/fail result. With a pass result the Host System is assured that the Slave Device contains a Private-Key value that is valid for the system and therefore the Accessory is authentic.
Secure Authentication with SHA-256/SHA3-256 vs. ECDSA
| || |
| || |
Maxim Options for Secure Authentication
The Secure Authenticator page provides details on Maxim Integrated’s latest products including a broad selection of application notes and design resources.
In addition, if you are interested in learning more about the authentication algorithms used by Maxim, please visit the NIST Information Technology Laboratory, Security Standards page.