General Description
DeepCoverK embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the industry’s most secure key storage possible. The Deepcover Secure Authenticator (DS28EL25) combines crypto-strong, bidirectional, secure challenge and-response authentication functionality with an implementation based on the FIPS 180-3-specified Secure Hash Algorithm (SHA-256). A 4Kb user-programmable EEPROM array provides nonvolatile storage of application data and additional protected memory holds a read protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication between a host system and slave-embedded DS28EL25. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28EL25 is authentic. Host to-slave authentication is used to protect DS28EL25 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28EL25 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL25 communicates over the single-contact 1-WireM bus at overdrive speed. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multiple device 1-Wire network.

FEATUREs
♦ Symmetric Key-Based Bidirectional Secure Authentication Model Based on SHA-256
♦ Dedicated Hardware-Accelerated SHA Engine for Generating SHA-256 MACs
♦ Strong Authentication with a High Bit Count, User Programmable Secret, and Input Challenge
♦ 4096 Bits of User EEPROM Partitioned Into 16 Pages of 256 Bits
♦ User-Programmable and Irreversible EEPROM Protection Modes Including Authentication, Write and Read Protect, and OTP/EPROM Emulation
♦ Unique, Factory-Programmed 64-Bit Identification Number
♦ Single-Contact 1-Wire Interface Communicates with Host at Up to 76.9kbps
♦ Operating Range: 1.8V ±5%, -40°C to +85°C
♦ Low-Power 5µA (typ) Standby
♦ ±8kV Human Body Model ESD Protection (typ)
♦ 6-Pin TDFN Package

APPLICATIONs
  Authentication of Network-Attached Appliances
  Printer Cartridge ID/Authentication
  Reference Design License Management
  System Intellectual Property Protection
  Sensor/Accessory Authentication and Calibration
  Secure Feature Setting for Configurable Systems
  Key Generation and Exchange for Cryptographic Systems