Click here to ask about the production status of specific part numbers. DS28C40 DeepCover Automotive 2 I C Authenticator General Description Benefits and Features The DS28C40 is a secure authenticator that provides a ECC-P256 Compute Engine core set of cryptographic tools derived from integrated FIPS 186 ECDSA P256 Signature Generation and asymmetric (ECC-P256) and symmetric (SHA-256) secu- Verification rity functions. In addition to the security services provided ECDH Key Exchange for Session Key by the hardware implemented crypto engines, the device Establishment integrates a FIPS/NIST true random number generator ECDSA Authenticated R/W of Configurable Memory (TRNG), 6kb of one-time programmable (OTP) memory SHA-256 Compute Engine for user data, keys and certificates, one configurable FIPS 198 HMAC for Bidirectional Authentication GPIO, and a unique 64-bit ROM identification number SHA-256 One-Time Pad Encrypted R/W of (ROM ID). Configurable Memory Using an ECDH Established The ECC public/private key capabilities operate from the Key NIST defined P-256 curve and include FIPS 186-4 compli- One GPIO Pin with Optional Authentication Control ant ECDSA signature generation and verification to sup- Open-Drain, 4mA/0.4V port a bidirectional asymmetric key authentication model. Optional SHA-256 or ECDSA Authenticated On/Off The SHA-256 secret-key capabilities are compliant with and State Read FIPS 180 and are flexibly used either in conjunction with Optional ECDSA Certificate Verification to Set On/ ECDSA operations or independently for multiple HMAC Off after Multiblock Hash for Secure Boot functions. TRNG with NIST SP 800-90B Compliant Entropy The GPIO pin can be operated under command control Source with Function to Read Out and include configurability supporting authenticated and Optional Chip Generated Private/Public (Pr/Pu) Key nonauthenticated operation including an ECDSA-based Pairs for ECC Operations crypto-robust mode to support secure boot of a host 6Kb of One-Time Programmable (OTP) for User Data, processor. Keys, and Certificates DeepCover embedded security solutions cloak sensitive Unique and Unalterable Factory Programmed 64-Bit data under multiple layers of advanced security to provide Identification Number (ROM ID) the most secure key storage possible. To protect against Optional Input Data Component to Crypto and Key device-level security attacks, invasive and noninvasive Operations countermeasures are implemented including active die 2 I C Communication Up to 1MHz shield, encrypted storage of keys, and algorithmic meth- 3.3V 10%, -40C to +125C Operating Range ods. 10-Pin TDFN Package 3mm x 4mm TDFN Package Applications 3mm x 3mm, Side-Wettable TDFN Package Automotive Secure Authentication AEC-Q100 Grade 1 Identification and Calibration Automotive Parts/Tools/ Accessories IoT Node Crypto-Protection Secure Authentication of Accessories and Peripherals Request DS28C40 Secure Storage of Cryptographic Keys for a Host Controller Security User Guide Secure Boot or Download of Firmware and/or System Parameters Ordering Information appears at end of data sheet. DeepCover is a registered trademark of Maxim Integrated Products, Inc. 19-100551 Rev 1 1/21DS28C40 DeepCover Automotive 2 I C Authenticator Simplified Block Diagram VCC DS28C40DS28C40 64-BIT ROM ID 2 I C FUNCTION SDA BUFFER CONTROL AND ECC-P256 SCL COMMAND SHA-256 TRNG OTP ARRAY USER MEMORY KEYS & CERTIFICATES COMPUTE AUTHENTICATED GPIO CONTROL GPIO www.maximintegrated.com Maxim Integrated 2