Defend designs from attack with cost-effective security
Designers can now simply, proactively, and inexpensively protect their intellectual property and products with a solution immune to invasive physical attacks — the DS28E38 DeepCover secure authenticator from Maxim Integrated Products.
Cyberattacks continue to make headlines and IoT devices have been vulnerable point. Yet, design security remains an afterthought, with many engineers thinking that implementing security is difficult, expensive, and time-consuming, or expecting software to protect their systems. Also, when secure ICs are used, some are compromised by direct, sophisticated, silicon-level attacks that are usually launched in an attempt to obtain cryptographic keys and secured data from these ICs.
The DS28E38 features the company's ChipDNA physically unclonable function (PUF) technology, which makes it immune to invasive attacks because the root cryptographic key does not exist in memory or any other static state. Instead, the PUF circuit relies on the naturally occurring random analog characteristics of fundamental MOSFET semiconductor devices to produce cryptographic keys. When required, the circuit generates the per-device unique key, which instantly disappears when it is no longer in use. If the device were to come under an invasive physical attack, it would cause the sensitive electrical characteristics of the circuit to change, further impeding the breach. For protection benefits, the technology eliminates or simplifies the need for complicated secure IC key management as the key can be used directly for cryptographic operations. The circuit has also shown high reliability over voltage, process, temperature, and ageing. Also, to address cryptographic quality, PUF output evaluation to the NIST-based randomness test suite was successful with pass results. Using the device, engineers can, from the start, build into their designs a defence against hacking. The IC is low-cost and simple to integrate into a customer’s design via the company's single-contact 1-Wire interface combined with a low-complexity fixed-function command set including cryptographic operations.