Microchip Technology ATECC608B CryptoAuthentication™ Devices
Microchip Technology ATECC608B CryptoAuthentication™ Devices are high-security cryptographic devices that secure hardware-based key storage of up to 16 keys. These devices combine world-class hardware-based key storage with hardware cryptographic accelerators to implement various authentication and encryption protocols. The ATECC608B devices provide security enhancements over that of the ATECC608A while providing complete backward compatibility. These devices feature two high-endurance monotonic counters, a unique 72-bit serial number, and an internal high-quality NIST SP 800-90A/B/C Random Number Generator (RNG).
The ATECC608B devices from Microchip Technology are a secure element integrating both Elliptic Curve Diffie Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA) security protocols. The hardware-based security for LoRaWAN applications is applied through the AES hardware accelerator, which enables secure boot capabilities for very small microcontrollers.
The ATECC608B CryptoAuthentication devices support full ECDSA code signature validation, optional communication key disablement prior to secure boot, and authentication for messages to prevent onboard attacks. These devices operate from 2V to 5.5V supply voltage range, -40°C to +85°C standard temperature range, and -40°C to +100°C extended temperature range. Typical application includes encryption for small messages and PII data, secure boot and protected download, ecosystem control, and anti-cloning.
The Microchip Technology ATECC608B CryptoAuthentication Devices are offered in 8-pad UDFN, 8-lead SOIC, and 3-lead contact package options for design flexibility
Features
- Cryptographic co-processor with secure hardware-based key storage
- Protected storage for up to 16 keys, certificates, or data
- Hardware support for an asymmetric sign, verify, and key agreement
- ECDSA: FIPS186-3 Elliptic Curve Digital Signature
- ECDH: FIPS SP800-56A Elliptic Curve Diffie-Hellman
- NIST standard P256 elliptic curve support
- Hardware support for symmetric algorithms
- SHA-256 and HMAC hash including off-chip context save/restore
- AES-128: Encrypt/Decrypt and Galois field multiply for GCM
- Secure boot support
- Full ECDSA code signature validation, optional stored digest/signature
- Optional communication key disablement prior to secure boot
- Encryption/authentication for messages to prevent onboard attacks
- Internal high-quality NIST SP 800-90A/B/C Random Number Generator (RNG)
- Two high-endurance monotonic counters
- Unique 72-bit serial number
- <150nA sleep current
- Networking key management support
- Turnkey PRF/HKDF calculation for TLS 1.2 and 1.3
- Ephemeral key generation and key agreement in SRAM
- Small message encryption with keys entirely protected
- Two interface options available
- High-speed single-wire interface with one GPIO pin
- 1MHz Standard I2C interface
- 1.8V to 5.5V IO Levels and 2.0V to 5.5V supply voltage range
- Two temperature ranges available
- -40°C to +85°C standard industrial temperature range
- -40°C to +100°C extended industrial temperature range
Applications
- IoT network endpoint key management and exchange
- Encryption for small messages and PII data
- Secure boot and protected download
- Ecosystem control and anti-cloning