Microchip’s CryptoAuthentication device and partner programme protect IP
The ATECC608A CryptoAuthentication device from Microchip is a secure element that allows developers to add hardware-based security to their designs. Microchip also announced a Security Design Partner Programme for connecting developers with third-party partners to enhance and expedite secure designs.
The hardware security and a partnership help to protect against security threats, from remote cyber-attacks to the creation of counterfeit products. These threats affect all industries and can result in substantial losses in recovery costs, service revenue and in brand equity. Microchip argues that implementing robust security into new and existing designs to protect intellectual property (IP) and enable trusted authentication of connected devices is critical.
Secured communication creates, protects and authenticates a device’s unique and trusted identity. By keeping a device’s private keys isolated from the system in a secured area, coupled with its industry-leading cryptography practices, the ATECC608A provides a level of security that can be used in nearly any type of design, says Microchip.
The ATECC608A key generation complies to the Federal Information Processing Standard (FIPS)-compliant Random Number Generator (RNG). It generates unique keys compliant with the latest requirements from the National Institute of Standards and Technology (NIST), providing an easier path to a whole-system FIPS certification.
Another feature is boot validation capabilities for small systems. New commands facilitate the signature validation and digest computation of the host microcontroller firmware for systems with small microcontrollers, such as an Arm Cortex-M0+, as well as for more robust embedded systems.
The AES-128 engine also makes security deployments for LoRa infrastructures possible by enabling authentication of trusted nodes within a network. In addition, the hardware-based integrated elliptical curve cryptography (ECC) algorithms create smaller keys and establish a certificate-based root of trust more quickly and securely than other implementation approaches that rely on legacy methods.
Anti-tampering techniques protect keys from physical attacks and attempted intrusions after deployment. These techniques allow the system to preserve a secured and trusted identity.
Companies can use Microchip’s secured manufacturing facilities to safely provision their keys and certificates, eliminating the risk of exposure during manufacturing.
Customers also have access to Microchip’s Security Design Partner Programme. Companies, including Amazon Web Services (AWS) and Google Cloud Platform, provide complementary cloud-driven security models and infrastructure. Other partners are familiar with implementing Microchip’s security devices and libraries. Designers can secure an IoT application or add authentication capabilities for consumables, such as cartridges, or accessories, using the expertise of the Security Design Partners to reduce both development cost and time to market.
For rapid prototyping of secure solutions designers can use the CryptoAuth Xplained Pro evaluation and development kit with the ATCryptoAuth-XPRO-B add-on board, which is compatible with any Microchip Xplained or XplainedPro evaluation board.