ABRIDGED DATA SHEET EVALUATION KIT AVAILABLE DS28EL22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM General Description Features DeepCover embedded security solutions cloak sensitive Symmetric Key-Based Bidirectional Secure data under multiple layers of advanced physical secu- Authentication Model Based on SHA-256 rity to provide the most secure key storage possible. The Dedicated Hardware-Accelerated SHA Engine for DeepCover Secure Authenticator (DS28EL22) combines Generating SHA-256 MACs crypto-strong, bidirectional, secure challenge-and-response Strong Authentication with a High Bit Count, User- authentication functionality with an implementation based on Programmable Secret, and Input Challenge the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). 2048 Bits of User EEPROM Partitioned Into 8 A 2Kb user-programmable EEPROM array provides non- Pages of 256 Bits volatile storage of application data and additional protected memory holds a read-protected secret for SHA-256 opera- User-Programmable and Irreversible EEPROM tions and settings for user memory control. Each device has Protection Modes Including Authentication, Write its own guaranteed unique 64-bit ROM identification number and Read Protect, and OTP/EPROM Emulation (ROM ID) that is factory programmed into the chip. This Unique, Factory-Programmed 64-Bit Identification unique ROM ID is used as a fundamental input parameter Number for cryptographic operations and also serves as an electronic Single-Contact 1-Wire Interface Communicates serial number within the application. A bidirectional security with Host at Up to 76.9kbps model enables two-way authentication between a host sys- tem and slave-embedded DS28EL22. Slave-to-host authen- Operating Range: 1.8V 5%, -40C to +85C tication is used by a host system to securely validate that an Low-Power 5A (typ) Standby attached or embedded DS28EL22 is authentic. Host-to-slave 8kV Human Body Model ESD Protection (typ) authentication is used to protect DS28EL22 user memory from being modified by a nonauthentic host. The SHA-256 6-Pin TDFN Package message authentication code (MAC), which the DS28EL22 generates, is computed from data in the user memory, an Typical Application Circuit on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL22 communicates over the single-contact 1-Wire bus at overdrive speed. The communication follows 1.8V the 1-Wire protocol with the ROM ID acting as node address R P in the case of a multiple-device 1-Wire network. R = 820 P VCC 2 MAXIMUM I C BUS CAPACITANCE 400pF SDA 2 (I C PORT) SCL Applications DS24L65 C Authentication of Network-Attached Appliances 1-Wire LINE SLPZ IO Printer Cartridge ID/Authentication Reference Design License Management DS28EL22 System Intellectual Property Protection Sensor/Accessory Authentication and Calibration Secure Feature Setting for Configurable Systems Key Generation and Exchange for Cryptographic Systems Ordering Information appears at end of data sheet. DeepCover and 1-Wire are registered trademarks of Maxim Integrated Products, Inc. For related parts and recommended products to use with this part, refer to: www.maximintegrated.com/DS28EL22.related For pricing, delivery, and ordering information, please contact Maxim Direct at 219-0023 Rev 2 5/21 1-888-629-4642, or visit Maxim Integrateds website at www.maximintegrated.com.ABRIDGED DATA SHEET DS28EL22 DeepCover Secure Authenticator with 1-Wire SHA-256 and 2Kb User EEPROM ABSOLUTE MAXIMUM RATINGS IO Voltage Range to GND ......................................-0.5V to 4.0V Storage Temperature Range ............................ -55C to +125C IO Sink Current...................................................................20mA Lead Temperature (soldering, 10s) .................................+300C Operating Temperature Range ........................... -40C to +85C Soldering Temperature (reflow) .......................................+260C Junction Temperature ......................................................+150C Stresses beyond those listed under Absolute Maximum Ratings may cause permanent damage to the device. These are stress ratings only, and functional operation of the device at these or any other conditions beyond those indicated in the operational sections of the specifications is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. ELECTRICAL CHARACTERISTICS (T = -40C to +85C, unless otherwise noted.) (Note 1) A PARAMETER SYMBOL CONDITIONS MIN TYP MAX UNITS IO PIN: GENERAL DATA 1-Wire Pullup Voltage V (Note 2) 1.71 1.89 V PUP 1-Wire Pullup Resistance R V = 1.8V 5% (Note 3) 300 750 PUP PUP Input Capacitance C (Notes 4, 5) 1500 pF IO Input Load Current I IO pin at V 5 19.5 A L PUP High-to-Low Switching Threshold V (Notes 6, 7) 0.65 x V V TL PUP Input Low Voltage V (Notes 2, 8) 0.3 V IL Low-to-High Switching Threshold V (Notes 6, 9) 0.75 x V V TH PUP Switching Hysteresis V (Notes 6, 10) 0.3 V HY Output Low Voltage V I = 4mA (Note 11) 0.4 V OL OL Recovery Time t R = 750 (Notes 2, 12) 5 s REC PUP Time-Slot Duration t (Notes 2, 13) 13 s SLOT IO PIN: 1-Wire RESET, PRESENCE-DETECT CYCLE Reset Low Time t (Note 2) 48 80 s RSTL Reset High Time t (Note 14) 48 s RSTH Presence-Detect Sample Time t (Notes 2, 15) 8 10 s MSP IO PIN: 1-Wire WRITE Write-Zero Low Time t (Notes 2, 16) 8 16 s W0L Write-One Low Time t (Notes 2, 16) 0.25 2 s W1L IO PIN: 1-Wire READ Read Low Time t (Notes 2, 17) 0.25 s 2 - d RL Read Sample Time t (Notes 2, 17) 2 s t + d MSR RL EEPROM Programming Current I V = 1.89V (Notes 5, 18) 1 mA PROG PUP Programming Time for a 32-Bit t ms PRD Segment or Page Protection Refer to the full data sheet. Programming Time for the Secret t ms PRS Write/Erase Cycling Endurance N T = +85C (Notes 21, 22) 100k CY A Data Retention t T = +85C (Notes 23, 24, 25) 10 Years DR A Maxim Integrated 2