Top

DeepCover Cryptographic Controller for Embedded Devices

A Turnkey Solution for Secure Storage, Digital Signature, Encryption, Secure Boot, and TLS/SSL Communication Protocol

Product Details

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible.

The MAXQ1061/MAXQ1062 cryptographic controller makes it fast and easy to implement full security for embedded, connected products without requiring firmware development. The MAXQ1061/MAXQ1062 coprocessor can be designed-in from the start or added to an existing design to guarantee confidentiality, authenticity, and integrity of the device. It is ideal for connected embedded devices, industrial networking, PLC, and network appliances.

The embedded, comprehensive cryptographic toolbox provides key generation and storage up to full SSL/TLS/DTLS support by offering a high level of abstraction including TLS/DTLS key negotiation, ECDSA-based TLS/DTLS authentication, digital signature generation and verification, SSL/TLS/DTLS packet encryption, and MAC algorithms. It can also serve as a secure bootloader for an external generic micro controller.

32KB of user-programmable EEPROM of MAXQ1061 or 8KB of MAXQ1062 securely store certificates, public keys, private and secret keys, monotonic counters, and arbitrary data. A flexible file system manages access rights for the objects. The device is controlled over a SPI or I2C interface. Life cycle management and a secure key loading protocols are provided.

Cryptographic algorithms supported by the device include AES, ECC, ECDSA signature scheme, SHA, and MAC digest algorithms. The true random number generator can be used for on-chip key generation. A separate hardware AES engine over SPI allows the MAXQ1061/MAXQ1062 to function as a coprocessor for stream encryption.

The advanced physical, environmental and logical protections, are designed to meet the stringent requirements of FIPS and Common Criteria EAL4+ certifications.

Key Features

  • Advanced Cryptographic Tool Box Seamlessly Supports Highly Secure Key Storage
    • Certificates Chain Management
    • Secure 32KB or 8KB File System Based on Nonvolatile EEPROM (500K Cycles) for Extensive Key and Certificate Storage for MAXQ1061 and MAXQ1062, Respectively
    • Symmetric-key: AES-128/-256 (ECB, CBC, CCM)
    • Asymmetric-key: ECC NIST P-256, -521, -384 and Brainpool BP-256, -384, -512
    • Secure Hash: SHA-256, -384, -512
    • MAC Digest: CBC-MAC, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512, ECIES
    • Signature Schemes: ECDSA (FIPS 186-4)
    • Key Exchange: EC Diffie-Hellman (TLS)
    • 128-Bit AES Stream Encryption Engine Over SPI (up to 20Mb/s) Supporting AES-GCM and AES-ECB Modes
    • On-Chip Key Generation: ECC, AES
    • Random Number Generation: True RNG
  • No Firmware Development Required Significantly Reduces Time to Market
  • High-Level Functions Simplify SSL/TLS/DTLS Implementations
    • TLS/DTLS Key Negotiation (PSK, ECDH, ECDHE)
    • ECDSA Based TLS/DTLS Authentication, Digital Signature Generation and Verification
    • SSL/TLS/DTLS Packet Encryption (AES)
    • MAC Algorithm (HMAC-SHA256)
  • Extensive Host/System Services Increase Flexibility and Reduce System Cost
    • Watchdog Timer
    • Power-On Reset/Brownout Reset
    • Secure Boot Function
    • Tamper Detection
    • Life Cycle Management and Key Loading Protocol
    • Flexible File System With User-Programmable Access Conditions for Each Object Software Reset
    • Software Reset, Shutdown, and Wake-Up Functions
  • Multiple Communication Interface Options for Simpler Connection to a Host Processor
    • I²C Slave Controller
    • SPI Slave Controller with a Dedicated DMA Channel and 128-Bit AES Stream Encryption Engine Supporting AES-GCM and AES-ECB Modes

Applications/Uses

  • Internet of Things (IoT)
  • Portable Medical Devices
  • Building and Home Automation
  • Smart Metering
  • Certificate Distribution and Management
  • Secure Access Control
  • Electronic Signature Generation
  • Cybersecurity for Critical Infrastructures
Parametric specs for All Microcontrollers
MCU Core MAXQ30 (RISC)
Data Processing 32-bit
Internal SRAM (KBytes) 16
Package/Pins TQFN-CU/20
TSSOP/14
View More

Design & Development

Click any title below to view the detail page where available.

Description

The MAXQ1061/MAXQ1062 evaluation kits (EV kits) provide a platform for evaluating the capabilities of the MAXQ1061/MAXQ1062 cryptographic controllers. They provide embedded security solutions to cloak sensitive data under multiple layers of advanced physical security and provide the most secure key storage possible.

View Details

Features

  • Compatible with Raspberry Pi 3 Model B/B+ and Raspberry Pi 2 Model B
  • Compatible with 3.3V Arduino Uno Motherboards
  • Host Connector for the TotalPhase Aardvark™ I2C/ SPI Host Adapter Probe
  • Selectable Communication Protocol (SPI/I2C)
  • Selectable Mode (AES-SPI/REMOTE/TLS)
  • Tamper Jumper with Tamper LED
  • Socket for MAXQ1061 or MAXQ1062 IC
  • On-Board Regulator

Description

The MAXQ1061/MAXQ1062 evaluation kits (EV kits) provide a platform for evaluating the capabilities of the MAXQ1061/MAXQ1062 cryptographic controllers. They provide embedded security solutions to cloak sensitive data under multiple layers of advanced physical security and provide the most secure key storage possible.

View Details

Features

  • Compatible with Raspberry Pi 3 Model B/B+ and Raspberry Pi 2 Model B
  • Compatible with 3.3V Arduino Uno Motherboards
  • Host Connector for the TotalPhase Aardvark™ I2C/ SPI Host Adapter Probe
  • Selectable Communication Protocol (SPI/I2C)
  • Selectable Mode (AES-SPI/REMOTE/TLS)
  • Tamper Jumper with Tamper LED
  • Socket for MAXQ1061 or MAXQ1062 IC
  • On-Board Regulator

/en/design/design-tools/ee-sim.html?

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.

Parameters

Parametric specs for All Microcontrollers
MCU Core MAXQ30 (RISC)
Data Processing 32-bit
Internal SRAM (KBytes) 16
Package/Pins TQFN-CU/20
TSSOP/14

Key Features

  • Advanced Cryptographic Tool Box Seamlessly Supports Highly Secure Key Storage
    • Certificates Chain Management
    • Secure 32KB or 8KB File System Based on Nonvolatile EEPROM (500K Cycles) for Extensive Key and Certificate Storage for MAXQ1061 and MAXQ1062, Respectively
    • Symmetric-key: AES-128/-256 (ECB, CBC, CCM)
    • Asymmetric-key: ECC NIST P-256, -521, -384 and Brainpool BP-256, -384, -512
    • Secure Hash: SHA-256, -384, -512
    • MAC Digest: CBC-MAC, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512, ECIES
    • Signature Schemes: ECDSA (FIPS 186-4)
    • Key Exchange: EC Diffie-Hellman (TLS)
    • 128-Bit AES Stream Encryption Engine Over SPI (up to 20Mb/s) Supporting AES-GCM and AES-ECB Modes
    • On-Chip Key Generation: ECC, AES
    • Random Number Generation: True RNG
  • No Firmware Development Required Significantly Reduces Time to Market
  • High-Level Functions Simplify SSL/TLS/DTLS Implementations
    • TLS/DTLS Key Negotiation (PSK, ECDH, ECDHE)
    • ECDSA Based TLS/DTLS Authentication, Digital Signature Generation and Verification
    • SSL/TLS/DTLS Packet Encryption (AES)
    • MAC Algorithm (HMAC-SHA256)
  • Extensive Host/System Services Increase Flexibility and Reduce System Cost
    • Watchdog Timer
    • Power-On Reset/Brownout Reset
    • Secure Boot Function
    • Tamper Detection
    • Life Cycle Management and Key Loading Protocol
    • Flexible File System With User-Programmable Access Conditions for Each Object Software Reset
    • Software Reset, Shutdown, and Wake-Up Functions
  • Multiple Communication Interface Options for Simpler Connection to a Host Processor
    • I²C Slave Controller
    • SPI Slave Controller with a Dedicated DMA Channel and 128-Bit AES Stream Encryption Engine Supporting AES-GCM and AES-ECB Modes

Applications/Uses

  • Internet of Things (IoT)
  • Portable Medical Devices
  • Building and Home Automation
  • Smart Metering
  • Certificate Distribution and Management
  • Secure Access Control
  • Electronic Signature Generation
  • Cybersecurity for Critical Infrastructures

Description

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible.

The MAXQ1061/MAXQ1062 cryptographic controller makes it fast and easy to implement full security for embedded, connected products without requiring firmware development. The MAXQ1061/MAXQ1062 coprocessor can be designed-in from the start or added to an existing design to guarantee confidentiality, authenticity, and integrity of the device. It is ideal for connected embedded devices, industrial networking, PLC, and network appliances.

The embedded, comprehensive cryptographic toolbox provides key generation and storage up to full SSL/TLS/DTLS support by offering a high level of abstraction including TLS/DTLS key negotiation, ECDSA-based TLS/DTLS authentication, digital signature generation and verification, SSL/TLS/DTLS packet encryption, and MAC algorithms. It can also serve as a secure bootloader for an external generic micro controller.

32KB of user-programmable EEPROM of MAXQ1061 or 8KB of MAXQ1062 securely store certificates, public keys, private and secret keys, monotonic counters, and arbitrary data. A flexible file system manages access rights for the objects. The device is controlled over a SPI or I2C interface. Life cycle management and a secure key loading protocols are provided.

Cryptographic algorithms supported by the device include AES, ECC, ECDSA signature scheme, SHA, and MAC digest algorithms. The true random number generator can be used for on-chip key generation. A separate hardware AES engine over SPI allows the MAXQ1061/MAXQ1062 to function as a coprocessor for stream encryption.

The advanced physical, environmental and logical protections, are designed to meet the stringent requirements of FIPS and Common Criteria EAL4+ certifications.

Support & Training

Search our knowledge base for answers to your technical questions.

Filtered Search

Our dedicated team of Applications Engineers are also available to answer your technical questions. Visit our support portal.