ABRIDGED DATA SHEET EVALUATION KIT AVAILABLE DS28E22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM General Description Features M DeepCover embedded security solutions cloak sensitive S Symmetric Key-Based Bidirectional Secure data under multiple layers of advanced physical security Authentication Model Based on SHA-256 to provide the most secure key storage possible. S Dedicated Hardware-Accelerated SHA Engine for The DeepCover Secure Authenticator (DS28E22) com- Generating SHA-256 MACs bines crypto-strong, bidirectional, secure challenge- S Strong Authentication with a High Bit Count, User- and-response authentication functionality with an imple- Programmable Secret, and Input Challenge mentation based on the FIPS 180-3-specified Secure S 2048 Bits of User EEPROM Partitioned Into 8 Hash Algorithm (SHA-256). A 2Kb user-programmable Pages of 256 Bits EEPROM array provides nonvolatile storage of applica- S User-Programmable and Irreversible EEPROM tion data and additional protected memory holds a read- protected secret for SHA-256 operations and settings Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation for user memory control. Each device has its own guar- anteed unique 64-bit ROM identification number (ROM S Unique, Factory-Programmed 64-Bit Identification ID) that is factory programmed into the chip. This unique Number ROM ID is used as a fundamental input parameter for S Single-Contact 1-Wire Interface Communicates cryptographic operations and also serves as an elec- with Host at Up to 76.9kbps tronic serial number within the application. A bidirectional S Operating Range: 3.3V 10%, -40NC to +85NC security model enables two-way authentication between a host system and slave-embedded DS28E22. Slave-to- S Low-Power 5A (typ) Standby host authentication is used by a host system to securely S 8kV Human Body Model ESD Protection (typ) validate that an attached or embedded DS28E22 is S 6-Pin TDFN, 6-Lead TSOC Packages authentic. Host-to-slave authentication is used to protect DS28E22 user memory from being modified by a non- Typical Application Circuit authentic host. The SHA-256 message authentication code (MAC), which the DS28E22 generates, is computed from data in the user memory, an on-chip secret, a host 3.3V random challenge, and the 64-bit ROM ID. The DS28E22 M R P communicates over the single-contact 1-Wire bus at R = 1.1k P VCC overdrive speed. The communication follows the 1-Wire 2 MAXIMUM I C BUS CAPACITANCE 320pF SDA 2 (I C PORT) protocol with the ROM ID acting as node address in the SCL case of a multiple-device 1-Wire network. DS2465 C 1-Wire LINE Applications SLPZ IO Authentication of Network-Attached Appliances DS28E22 Printer Cartridge ID/Authentication Reference Design License Management System Intellectual Property Protection Sensor/Accessory Authentication and Calibration Ordering Information appears at end of data sheet. Secure Feature Setting for Configurable Systems Key Generation and Exchange for Cryptographic Systems DeepCover and 1-Wire are registered trademark of Maxim Integrated Products, Inc. For related parts and recommended products to use with this part, refer to: www.maximintegrated.com/DS28E22.related For pricing, delivery, and ordering information, please contact Maxim Direct at 219-0020 Rev 2 12/12 1-888-629-4642, or visit Maxim Integrateds website at www.maximintegrated.com.ABRIDGED DATA SHEET DS28E22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM ABSOLUTE MAXIMUM RATINGS IO Voltage Range to GND ...................................... -0.5V to 4.0V Storage Temperature Range ............................ -55NC to +125NC IO Sink Current ...................................................................20mA Lead Temperature (soldering, 10s) ................................+300NC Operating Temperature Range ......................... -40NC to +85NC Soldering Temperature (reflow) ......................................+260NC Junction Temperature .....................................................+150NC Stresses beyond those listed under Absolute Maximum Ratings may cause permanent damage to the device. These are stress ratings only, and functional opera- tion of the device at these or any other conditions beyond those indicated in the operational sections of the specifications is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. ELECTRICAL CHARACTERISTICS (T = -40NC to +85NC, unless otherwise noted.) (Note 1) A PARAMETER SYMBOL CONDITIONS MIN TYP MAX UNITS IO PIN: GENERAL DATA 1-Wire Pullup Voltage V (Note 2) 2.97 3.63 V PUP 1-Wire Pullup Resistance R V = 3.3V Q 10% (Note 3) 300 1500 I PUP PUP Input Capacitance C (Notes 4, 5) 1500 pF IO Input Load Current I IO pin at V 5 19.5 FA L PUP High-to-Low Switching Threshold V (Notes 6, 7) 0.65 x V V TL PUP Input Low Voltage V (Notes 2, 8) 0.3 V IL Low-to-High Switching Threshold V (Notes 6, 9) 0.75 x V V TH PUP Switching Hysteresis V (Notes 6, 10) 0.3 V HY Output Low Voltage V I = 4mA (Note 11) 0.4 V OL OL Recovery Time t R = 1500I (Notes 2, 12) 5 Fs REC PUP Time-Slot Duration t (Notes 2, 13) 13 Fs SLOT IO PIN: 1-Wire RESET, PRESENCE-DETECT CYCLE Reset Low Time t (Note 2) 48 80 Fs RSTL Reset High Time t (Note 14) 48 Fs RSTH Presence-Detect Sample Time t (Notes 2, 15) 8 10 Fs MSP IO PIN: 1-Wire WRITE Write-Zero Low Time t (Notes 2, 16) 8 16 Fs W0L Write-One Low Time t (Notes 2, 16) 1 2 Fs W1L IO PIN: 1-Wire READ Read Low Time t (Notes 2, 17) 1 Fs 2 - d RL Read Sample Time t (Notes 2, 17) 2 Fs t + d MSR RL EEPROM Programming Current I V = 3.63V (Notes 5, 18) 1 mA PROG PUP Programming Time for a 32-Bit t ms PRD Segment or Page Protection Refer to the full data sheet. Programming Time for the Secret t ms PRS Write/Erase Cycling Endurance N T = +85NC (Notes 21, 22) 100k CY A Data Retention t T = +85NC (Notes 23, 24, 25) 10 Years DR A Maxim Integrated 2