ABRIDGED DATA SHEET EVALUATION KIT AVAILABLE Click here for production status of specific part numbers. DS28C36 DeepCover Secure Authenticator General Description Benefits and Features The DS28C36 is a DeepCover secure authenticator ECC-256 Compute Engine FIPS 186 ECDSA P256 Signature and Verification that provides a core set of cryptographic tools derived from integrated asymmetric (ECC-P256) and symmetric ECDH Key Exchange with Authentication Prevents Man-in-the-Middle Attacks (SHA-256) security functions. In addition to the security ECDSA Authenticated R/W of Configurable services provided by the hardware implemented crypto Memory engines, the device integrates a FIPS/NIST true random number generator (RNG), 8Kb of secured EEPROM, a FIPS 180 SHA-256 Compute Engine decrement-only counter, two pins of configurable GPIO, HMAC and a unique 64-bit ROM identification number (ROM ID). SHA-256 OTP (One-Time Pad) Encrypted R/W of The ECC public/private key capabilities operate from Configurable Memory Through ECDH Established Key the NIST defined P-256 curve and include FIPS 186 Two GPIO Pins with Optional Authentication Control compliant ECDSA signature generation and verification Open-Drain, 4mA/0.4V to support a bidirectional asymmetric key authentication Optional SHA-256 or ECDSA Authenticated On/Off model. The SHA-256 secret-key capabilities are compli- and State Read ant with FIPS 180 and are flexibly used either in conjunc- Optional ECDSA Certificate to Set On/Off after tion with ECDSA operations or independently for multiple Multiblock Hash for Secure Boot HMAC functions. RNG with NIST SP 800-90B Compliant Entropy Two GPIO pins can be independently operated under Source with Function to Read Out command control and include configurability supporting Optional Chip Generated Pr/Pu Key Pairs for ECC authenticated and nonauthenticated operation including Operations an ECDSA-based crypto-robust mode to support secure- 17-Bit One-Time Settable, Nonvolatile Decrement- boot of a host processor. Only Counter with Authenticated Read DeepCover embedded security solutions cloak sensitive 8Kbits of EEPROM for User Data, Keys, and data under multiple layers of advanced security to provide Certificates the most secure key storage possible. To protect against device-level security attacks, invasive and noninvasive Unique and Unalterable Factory Programmed 64-Bit countermeasures are implemented including active die Identification Number (ROM ID) shield, encrypted storage of keys, and algorithmic methods. Optional Input Data Component to Crypto and Key Operations Applications 2 I C Communication Up to 1MHz IoT Node Crypto-Protection Operating Range: 2.2V to 3.63V, -40C to +85C Accessory and Peripheral Secure Authentication 6-Pin TDFN Package Secure Storage of Cryptographic Keys for a Host Controller Secure Boot or Download of Firmware and/or System Ordering Information appears at end of data sheet. Parameters Typical Application Circuit appears at end of data sheet. DeepCover is a registered trademark of Maxim Integrated Products, Inc. 19-8564 Rev 3 12/20ABRIDGED DATA SHEET DS28C36 DeepCover Secure Authenticator Absolute Maximum Ratings Voltage Range on Any Pin Relative to GND ..........-0.5V to 4.0V Storage Temperature Range ............................ -55C to +125C Maximum Current into Any Pin...........................................20mA Lead temperature (soldering, 10s) ..................................+300C Operating Temperature Range ........................... -40C to +85C Soldering Temperature (reflow) ...................................... +260C Junction Temperature ......................................................+125C Stresses beyond those listed under Absolute Maximum Ratings may cause permanent damage to the device. These are stress ratings only, and functional operation of the device at these or any other conditions beyond those indicated in the operational sections of the specifications is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. Package Information 6 TDFN-EP Package Code T633+2 Outline Number 21-0137 Land Pattern Number 90-0058 Thermal Resistance, Single-Layer Board: Junction to Ambient ( ) 55C/W JA Junction to Case ( ) 9C/W JC Thermal Resistance, Four-Layer Board: Junction to Ambient ( ) 42C/W JA Junction to Case ( ) 9C/W JC For the latest package outline information and land patterns (footprints), go to www.maximintegrated.com/packages. Note that a +, , or - in the package code indicates RoHS status only. Package drawings may show a different suffix character, but the drawing pertains to the package regardless of RoHS status. Package thermal resistances were obtained using the method described in JEDEC specification JESD51-7, using a four-layer board. For detailed information on package thermal considerations, refer to www.maximintegrated.com/thermal-tutorial. Electrical Characteristics (T = -40C to +85C.) (Note 1) A PARAMETER SYMBOL CONDITIONS MIN TYP MAX UNITS DS28C36 2.97 Supply Voltage V 3.3 3.63 V CC DS28C36B 2.2 Active Supply Current I (Note 2) 300 A CC Standby Supply Current I 250 A CCS Computation Current I (Note 3) 7.5 mA CMP GPIO Output Low PIOV 0.4 V OL V x CC Input Low PIOV -0.3 V IL 0.3 V x V + CC CC Input High PIOV V IH 0.7 0.3 DS28C36 -10 +10 Leakage current I A L DS28C36B -1 +1 ECC ENGINE Generate ECDSA Signature Time t 50 ms GES Generate ECC Key Pair t 100 ms GKP Verify ECDSA Signature or Compute t 150 ms VES ECDH Time SHA-256 ENGINE Computation Time (HMAC or RNG) t 3 ms CMP Maxim Integrated 2 www.maximintegrated.com