Protect your design with a PUF

December 7, 2017 Rich Nass

Protecting your design is a real issue these days and not something that should be taken lightly. To that end, Maxim has developed a method of making it far more difficult for the bad guys. The company’s DS28E38 is an ECDSA public key-based secure authenticator that incorporates the company’s ChipDNA physically-unclonable function (PUF), which enables the DS28E38 to deliver cost-effective protection against invasive physical attacks.

Using the random variation of semiconductor device characteristics that naturally occur during wafer fabrication, the ChipDNA circuit generates a unique output value that’s repeatable over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modifies the underlying circuit characteristics, preventing discovery of the unique value used by the chip cryptographic functions.

Potential applications for this technology include the authentication of medical devices and sensors, IoT end nodes and other peripherals, printer cartridge, and other limited-use consumables.

The DS28E38 utilizes the ChipDNA output as key content to cryptographically secure all device stored data and optionally, under user control, as the private key for the ECDSA signing operation. With ChipDNA capability, the device provides a core set of cryptographic tools derived from integrated blocks including an asymmetric (ECC-P256) hardware engine, a FIPS/NIST-compliant true random number generator (TRNG), 2 kbits of secured EEPROM, a decrement-only counter and a unique 64-bit ROM identification number.

The ECC public/ private key capabilities operate from the NIST-defined P-256 curve to provide a FIPS 186-compliant ECDSA signature generation function. The unique ROM ID serves as a fundamental input parameter for cryptographic operations and as an electronic serial number within the application.

The DS28E38 communicates over the single-contact 1-Wire bus at both standard and overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network. The part, housed in a 3- by 3-mm, six-pin TDFN-EP package, operates at 3.3 V in temperatures ranging from -40°C to +85°C. An evaluation kit is available.

About the Author

Rich Nass

Richard Nass is the Executive Vice-President of OpenSystems Media. His key responsibilities include setting the direction for all aspects of OpenSystems Media’s Embedded and IoT product portfolios, including web sites, e-newsletters, print and digital magazines, and various other digital and print activities. He was instrumental in developing the company's on-line educational portal, Embedded University. Previously, Nass was the Brand Director for UBM’s award-winning Design News property. Prior to that, he led the content team for UBM Canon’s Medical Devices Group, as well all custom properties and events in the U.S., Europe, and Asia. Nass has been in the engineering OEM industry for more than 25 years. In prior stints, he led the Content Team at EE Times, handling the Embedded and Custom groups and the TechOnline DesignLine network of design engineering web sites. Nass holds a BSEE degree from the New Jersey Institute of Technology.

Follow on Twitter Follow on Linkedin Visit Website More Content by Rich Nass
Previous Article
Marvell pushes WiFi technology with 802.11ax devices

The company sets now offers complete 802.11ax support, allowing a full MU-MIMO and OFDMA uplink and downlin...

Next Article
Connect to the IoT through NB-IoT
Connect to the IoT through NB-IoT

Riot Micro is backing the narrow-band protocol, known as NB-IoT, with its RM1000 baseband modem IC.