DS28E22：DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM

Protect Your Development Investment with Crypto-Strong Authentication and Advanced Physical Security

DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Authenticator (DS28E22) combines crypto-strong, bidirectional, secure challenge-and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 2Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28E22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28E22 is authentic. Host-to-slave authentication is used to protect DS28E22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28E22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28E22 communicates over the single-contact 1-Wire® bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple device 1-Wire network. Our Secure Drug Delivery video shows how Maxim security products can be used to authenticate remote drug delivery.

Key Features

Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
Strong Authentication with a High Bit Count, User-Programmable Secret, and Input Challenge
2048 Bits of User EEPROM Partitioned Into 8 Pages of 256 Bits
User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
Unique, Factory-Programmed 64-Bit Identification Number
Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
Operating Range: 3.3V ±10%, -40°C to +85°C
Low-Power 5μA (typ) Standby
±8kV Human Body Model ESD Protection (typ)
6-Pin TDFN, 6-Lead TSOC Packages

DS28E22: Typical Application Circuit

Applications/Uses

Authentication of Network-Attached Appliances
Key Generation and Exchange for Cryptographic Systems
Printer Cartridge ID/Authentication
Reference Design License Management
Secure Feature Setting for Configurable Systems
Sensor/Accessory Authentication and Calibration
System Intellectual Property Protection

DataSheet

title	Download file
DS28E22 Data Sheet	DS28E22.pdf

Parametrics

Part Number	Applications	Memory Type	Memory Size	Bus Type	V_SUPPLY (V)	Deep Cover	Oper. Temp. (°C)	Package/Pins	Budgetary Price
Part Number	Applications	Memory Type	Memory Size	Bus Type	V_SUPPLY (V)	Deep Cover	Oper. Temp. (°C)	Package/Pins	See Notes
DS28E22	IP Protection Medical Consumable ID PCB ID and Authentication Print Cartridge Authentication	EEPROM	2K x 1	1-Wire	2.97 to 3.63	Yes	-40 to +85	TDFN-EP/6 TSOC/6	$0.93 @1k

Design kits & evaluation modules

DS28E22EVKIT

Quality and Environmental Data

DS28E22.pdf

Ordering Information

Part Number	Status	Package	Temp	RoHS
DS28E22P+	Active	TSOC,;6 pin;17.8 mm²	-40°C to +85°C	Lead Free
DS28E22P+T	Active	TSOC,;6 pin;17.8 mm²	-40°C to +85°C	Lead Free
DS28E22Q+T	Active	TDFN-EP,;6 pin;9.6 mm²	-40°C to +85°C	Lead Free
DS28E22Q+U	Active	TDFN-EP,;6 pin;9.6 mm²	-40°C to +85°C	Lead Free