EVALUATION KIT AVAILABLE Request Security User Guide and Developer Software Click here to ask about the production status of specific part numbers. DS28E38 DeepCover Secure ECDSA Authenticator with ChipDNA PUF Protection General Description Benefits and Features The DS28E38 is an ECDSA public key-based secure Robust Countermeasures Protect Against Security authenticator that incorporates Maxims patented Attacks ChipDNA PUF technology. ChipDNA technology Patented Physically Unclonable Function Secures involves a physically unclonable function (PUF) that Device Data enables the DS28E38 to deliver cost-effective protec- Actively Monitored Die Shield Detects and Reacts to Intrusion Attempts tion against invasive physical attacks. Using the random variation of semiconductor device characteristics that All Stored Data Cryptographically Protected from Discovery naturally occur during wafer fabrication, the ChipDNA circuit generates a unique output value that is repeatable Efficient Public-Key Authentication Solution to over time, temperature, and operating voltage. Attempts Authenticate Peripherals to probe or observe ChipDNA operation modifies the FIPS 186-Compliant ECDSA P256 Signature for underlying circuit characteristics, preventing discovery Challenge/Response Authentication of the unique value used by the chip cryptographic func- Options for ECDSA Public/Private Key Pair Source tions. The DS28E38 utilizes the ChipDNA output as key Include ChipDNA Generated, Chip Computed, and content to cryptographically secure all device stored data User Installed and optionally, under user control, as the private key for TRNG with NIST SP 800-90B Compliant Entropy the ECDSA signing operation. With ChipDNA capabil- Source ity, the device provides a core set of cryptographic tools Supplemental Features Enable Easy Integration into derived from integrated blocks including an asymmetric End Applications (ECC-P256) hardware engine, a FIPS/NIST-compliant 17-Bit One-Time Settable, Nonvolatile Decrement- true random number generator (TRNG), 2Kb of secured Only Counter with Authenticated Read EEPROM, a decrement-only counter and a unique 64-bit 2Kbits of EEPROM for User Data, Key, Control ROM identification number (ROM ID). The ECC public/ Registers, and Certificate private key capabilities operate from the NIST-defined Unique and Unalterable Factory Programmed P-256 curve to provide a FIPS 186-compliant ECDSA 64-Bit Identification Number (ROM ID) signature generation function. The unique ROM ID is Single-Contact, 1-Wire Interface Communication used as a fundamental input parameter for cryptographic with Host at 11.7kbps and 62.5kbps operations and serves as an electronic serial number Operating Range: 3.3V 10%, -40C to +85C within the application. The DS28E38 communicates over 6-Pin TDFN-EP Package (3mm x 3mm) the single-contact 1-Wire bus at both standard and 2-Pad SFN Package (3.5mm x 6.5mm) overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network. Ordering Information appears at end of data sheet. Applications Authentication of Medical Sensors and Tools DeepCover and 1-Wire are registered trademarks and ChipDNA is a trademark of Maxim Integrated Products, Inc. Secure Management of Limited Use Consumables IoT Node Authentication Peripheral Authentication Reference Design License Management Printer Cartridge Identification and Authentication 19-100093 Rev 2 5/20 DS28E38 DeepCover Secure ECDSA Authenticator with ChipDNA PUF Protection Typical Application Circuit V CC 100k R PUP Q1 V 1k CC PIOX *PMV65XP DS28E38 BIDIRECTIONAL PIOY IO C EXT OPEN DRAIN PORT C X GND V CC C Rp V CC 2 I C PIOA IO SDA PORT SCL PIOB IO DS2476 GND *NOTE: USE A Q1 LOW-IMPEDANCE BYPASS OR EQUALLY DRIVE LOGIC 1 WITH PIOY. Maxim Integrated 2 www.maximintegrated.com