Analog Devices Inc. DS28S60 DeepCover® Cryptographic Coprocessor
Analog Devices DS28S60 DeepCover® Cryptographic Coprocessor easily integrates into embedded systems, enabling confidentiality, authentication, and integrity of information. With a fixed command set and no device-level firmware development required, the DS28S60 makes it fast and easy to implement full security for IoT devices. Communication with the device is performed using the industry-standard SPI slave interface at up to 20Mbps with a simple set of commands that provide a comprehensive security toolbox utilizing HW-based cryptographic blocks. As a coprocessor to an SPI- SPI-interfaced host controller, the command functionality includes ECDSA-P256 signature and verification, SHA-256-based digital signature, and AES-128 packet encryption/decryption. It includes ECDHE key exchange for session key generation and access to high-quality random numbers. A NIST SP800-90B compliant true random number generator (TRNG) is integrated for on-chip cryptographic operations and provides random data and nonces to the host controller if required. Nonvolatile storage for secrets, certificates, public/private keys, and application-specific sensitive data is supported with 3.6KB of secured flash memory.
The DS28S60 integrates Maxim's patented ChipDNA™ feature, a physically unclonable function (PUF) that provides a cost-effective solution with the ultimate protection against security attacks. Using the random variation of semiconductor device characteristics occurring naturally during wafer fabrication, the ChipDNA circuit generates a unique, repeatable output value over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modify the underlying circuit characteristics, preventing the discovery of the unique value used by the chip's cryptographic functions. ChipDNA output is utilized as key content to cryptographically secure all device-stored data and, optionally, under user control, key content for specific cryptographic operations.
Features
- Secure coprocessor with NIST-compliant hardware-based crypto
- FIPS-180 SHA-256 MAC and FIPS-198 HMAC hash
- FIPS-197 AES-128 with GCM
- FIPS-186 ECDSA-P256 elliptic curve digital signature/verification
- SP800-56A ECDHE-P256 key exchange
- SP800-90B compliant TRNG
- Robust countermeasures protect against security attacks
- ChipDNA produced key cryptographically protects all stored data
- Actively monitored die shield detects and reacts to intrusion attempts
- Enables fast time-to-market with easy end-application integration
- Fixed-function command set, no device-level firmware
- C-source SDK for host micro SW development
- 3.6KB Flash array for secure key, certificate, and data storage
- High-speed interface for host microcontroller communication, 20MHz SPI with Mode 0 or Mode 3 operation
- Supplemental features enable easy integration into end applications
- Unique and unalterable factory-programmed, 64-bit identification number (ROM ID)
- Low-power operation
- 100nA power-down mode
- 0.35mA idle
- 12-Pin 3mm x 3mm TDFN package
- -40°C to +105°C operating temperature range
- 1.62V to 3.63V voltage range
Applications
- End-point authentication
- End-to-end encryption
- Internet of Things (IoT) device security
- Key management and exchange
- Prevention of counterfeit products
Simplified Block Diagram
Additional Resources
Related Development Tool
Analog Devices Inc. DS28S60EVKIT Evaluation System
Provides the hardware and software necessary to demonstrate the features of the DS28S60Q+.
Associated Solutions
Analog Devices Inc. Variable Speed Driver Solutions
Enables energy-efficient manufacturing/complete signal chain solutions for variable speed drives.