DS2476 Datasheet, PDF(1/8 Page) Maxim Integrated Products

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

DS2476 Datasheet, PDF (1/8 Pages) Maxim Integrated Products – DeepCover Secure Coprocessor

DS2476

ABRIDGED DATA SHEET

EVALUATION KIT AVAILABLE

DeepCover Secure Coprocessor

General Description

The DS2476 is a secure ECDSA and HMAC SHA-256

coprocessor companion to the DS28C36. The copro-

cessor can compute any required HMACs or ECDSA

signatures to do any operation on the DS28C36. The

DS2476 provides a core set of cryptographic tools derived

from integrated asymmetric (ECC-P256) and symmetric

(SHA-256) security functions. In addition to the security

services provided by the hardware implemented crypto

engines, the device integrates a FIPS/NIST true random

number generator (RNG), 8Kb of secured EEPROM, a

decrement-only counter, two pins of configurable GPIO,

and a unique 64-bit ROM identification number (ROM ID).

The ECC public/private key capabilities operate from

the NIST defined P-256 curve and include FIPS 186

compliant ECDSA signature generation and verification

to support a bidirectional asymmetric key authentication

model. The SHA-256 secret-key capabilities are compli-

ant with FIPS 180 and are flexibly used either in conjunc-

tion with ECDSA operations or independently for multiple

HMAC functions.

Two GPIO pins can be independently operated under

command control and include configurability supporting

authenticated and nonauthenticated operation including

an ECDSA-based crypto-robust mode to support secure-

boot of a host processor. This secure boot method can

also be used to enable the coprocessor functions.

DeepCover embedded security solutions cloak sensitive

data under multiple layers of advanced security to provide

the most secure key storage possible. To protect against

device-level security attacks, invasive and noninvasive

countermeasures are implemented including active die

shield, encrypted storage of keys, and algorithmic methods.

Applications

ââ IoT Node Crypto-Protection

ââ Accessory and Peripheral Secure Authentication

ââ Secure Storage of Cryptographic Keys for a Host

Controller

ââ Secure Boot or Download of Firmware and/or System

Parameters

Benefits and Features

ââ ECC-256 Compute Engine

â¢ FIPS 186 ECDSA P256 Signature and Verification

â¢ ECDH Key Exchange with Authentication Prevents

Man-in-the-Middle Attacks

â¢ ECDSA Authenticated R/W of Configurable

Memory

ââ FIPS 180 SHA-256 Compute Engine

â¢ HMAC

ââ SHA-256 OTP (One-Time Pad) Encrypted R/W of

Configurable Memory Through ECDH Established Key

ââ Two GPIO Pins with Optional Authentication Control

â¢ Open-Drain, 4mA/0.4V

â¢ Optional SHA-256 or ECDSA Authenticated On/Off

and State Read

â¢ Optional ECDSA Certificate to Set On/Off after

Multiblock Hash for Secure Boot

ââ RNG with NIST SP 800-90B Compliant Entropy

Source with Function to Read Out

ââ Optional Chip Generated Pr/Pu Key Pairs for ECC

Operations

ââ 17-Bit One-Time Settable, Nonvolatile Decrement-

Only Counter with Authenticated Read

ââ 8Kbits of EEPROM for User Data, Keys, and

Certificates

ââ Unique and Unalterable Factory Programmed 64-Bit

Identification Number (ROM ID)

â¢ Optional Input Data Component to Crypto and Key

Operations

ââ I2C Communication, 100kHz and 400kHz

ââ Operating Range: 3.3V Â±10%, -40Â°C to +85Â°C

ââ 6-Pin TDFN Package

Ordering Information appears at end of data sheet.

Typical Application Circuit appears at end of data sheet.

19-8589; Rev 0; 7/16

▷