中国电子技术网

设为首页 网站地图 加入收藏

 

[原创] Maxim DS28C40Deep Cover汽车I C验证器解决方案

关键词:汽车电子 验证器 SHA-256 DS28C40

时间:2019-11-21 11:42:01       来源:中电网

Maxim公司的DS28C40是安全验证器,能从集成的异步(ECC-P256)和对称(SHA-256)安全功能提供核心集的加密工具.此外,由硬件加密引擎所提供的安全服务,器件集成了FIPS/NIST真随机号码发生器(TRNG),用于用户数据的6kb一次编程(OTP)存储器,密钥和证书,一个可配置的GPIO和独特的64位ROM识别号(ROM ID).ECC公共/个人密钥功能工作源于NIST所定义的P-256曲线,包括FIPS 186-4兼容ECDSA签名生成和验证,支持双向非对称密钥认证模式.SHA-256安全密钥功能和FIPS 180兼容,并且灵活和ECDSA一起操作或单独用于多个HMAC功能.器件具有ECC-P256计算引擎,FIPS 186 ECDSA P256签名生成与验证,用于会话密钥建立的ECDH密钥交换,以及可配置存储器的ECDSA验证R/W.SHA-256计算引擎具有用于双向验证的FIPS 198 HMAC,I2C通信高达1MHz,工作电压3.3V ±10%,工作温度-40℃到+125℃,满足AEC-Q100 Grade 1汽车规范,主要用在汽车安全验证,汽车部件/工具/附件的识别和校准,IoT节点加密保护,附件和外设的安全识别,用于主控制器的安全存储和加密密钥,安全引导或下载固件和/或系统参数.本文介绍了DS28C40主要优势和特性,简化框图,典型应用电路图以及评估板DS28C40 EVS主要特性,电路图,材料清单和PCB设计图.

The DS28C40 is a secure authenticator that provides a core set of cryptographic tools derived from integrat­ed asymmetric (ECC-P256) and symmetric (SHA-256) security functions. In addition to the security services provided by the hardware implemented crypto engines, the device integrates a FIPS/NIST true random number generator (TRNG), 6kb of one-time programmable (OTP) memory for user data, keys and certificates, one configurable GPIO, and a unique 64-bit ROM identifica­tion number (ROM ID). The ECC public/private key capabilities operate from the NIST defined P-256 curve and include FIPS 186-4 compliant ECDSA signature generation and verification to support a bidirectional asymmetric key authentica­tion model. The SHA-256 secret-key capabilities are compliant with FIPS 180 and are flexibly used either in conjunction with ECDSA operations or independently for multiple HMAC functions. The GPIO pin can be operated under command control and include configurability supporting authenticated and nonauthenticated operation including an ECDSA-based crypto-robust mode to support secure boot of a host processor. DeepCover® embedded security solutions cloak sensi­tive data under multiple layers of advanced security to provide the most secure key storage possible. To pro­tect against device-level security attacks, invasive and noninvasive countermeasures are implemented includ­ing active die shield, encrypted storage of keys, and al­gorithmic methods.

DS28C40主要优势和特性:

•ECC-P256 Compute Engine
•FIPS 186 ECDSA P256 Signature Generation andVerification
•ECDH Key Exchange for Session KeyEstablishment
•ECDSA Authenticated R/W of ConfigurableMemory
•SHA-256 Compute Engine•FIPS 198 HMAC for Bidirectional Authentication
•SHA-256 One-Time Pad Encrypted R/W ofConfigurable Memory Using an ECDH EstablishedKey
•One GPIO Pin with Optional Authentication Control
•Open-Drain, 4mA/0.4V
•Optional SHA-256 or ECDSA Authenticated On/Off and State Read
•Optional ECDSA Certificate Verification to Set On/Off after Multiblock Hash for Secure Boot
•TRNG with NIST SP 800-90B Compliant EntropySource with Function to Read Out
•Optional Chip Generated Private/Public (Pr/Pu) KeyPairs for ECC Operations
•6Kb of One-Time Programmable (OTP) for UserData, Keys, and Certificates
•Unique and Unalterable Factory Programmed 64-BitIdentification Number(ROM ID)
•Optional Input Data Component to Crypto and KeyOperations
•I2C Communication Up to 1MHz
•3.3V ±10%,40℃ to +125℃ Operating Range
•10-Pin, 3mm x 4mm TDFN Package
•AEC-Q100 Grade 1

DS28C40应用:

•Automotive Secure Authentication
•Identification and Calibration Automotive Parts/Tools/Accessories
•IoT Node Crypto-Protection
•Secure Authentication of Accessories andPeripherals
•Secure Storage of Cryptographic Keys for a HostController
•Secure Boot or Download of Firmware and/orSystem Parameters

图1.DS28C40简化框图

图2.DS28C40典型应用电路图

评估板DS28C40 EVS

The DS28C40 evaluation system (EV system) provides the hardware and software necessary to exercise the features of the DS28C40. The EV system consists of five DS28C40 devices in a 10-pin TDFN package, a DS9121CQ+ evaluation TDFN socket board, and a DS9481P-300# USB-to-I2C/1-Wire® adapter. The evaluation software runs under Windows® 10, Windows 8, and Windows 7 operating systems, both 64- and 32-bit versions. It pro­vides a handy user interface to exercise the features of the DS28C40.

评估板DS28C40 EVS主要特性:

Demonstrates the Features of the DS28C40 DeepCover Secure Authenticator
Logs 1-Wire/I2C Communication to Aid Firmware Designers Understanding of DS28C40
1-Wire/I2C USB Adapter Creates a Virtual COM Port on Any PC
Fully Compliant with USB Specification v2.0
Software Runs on Windows 10, Windows 8, and Windows 7 for Both 64- and 32-Bit Versions
3.3V ±3% I2C Operating Voltage
Convenient On-Board Test Points, TDFN Socket
Evaluation Software Available by Request

图3.评估板DS28C40 EVS外形图

图4.DS9481QA-300和DS9121CQ外形图

图5.评估板DS28C40 EVS电路图
评估板DS28C40 EVS材料清单:



图6.评估板DS28C40 EVS PCB设计图(1)

图7.评估板DS28C40 EVS PCB设计图(2)

图8.评估板DS28C40 EVS PCB设计图(2)
详情请见:
https://datasheets.maximintegrated.com/en/ds/DS28C40.pdf
https://datasheets.maximintegrated.com/en/ds/DS28C40EVKIT.pdf
DS28C40.pdf
DS28C40EVKIT.pdf

  • 分享到:

 

猜你喜欢