Protect your design with a PUF

December 07, 2017

Protect your design with a PUF

Protecting your design can be quite simple and inexpensive. Don't leave home without it.

Protecting your design is a real issue these days and not something that should be taken lightly. To that end, Maxim has developed a method of making it far more difficult for the bad guys. The company’s DS28E38 is an ECDSA public key-based secure authenticator that incorporates the company’s ChipDNA physically-unclonable function (PUF), which enables the DS28E38 to deliver cost-effective protection against invasive physical attacks.

Using the random variation of semiconductor device characteristics that naturally occur during wafer fabrication, the ChipDNA circuit generates a unique output value that’s repeatable over time, temperature, and operating voltage. Attempts to probe or observe ChipDNA operation modifies the underlying circuit characteristics, preventing discovery of the unique value used by the chip cryptographic functions.

Potential applications for this technology include the authentication of medical devices and sensors, IoT end nodes and other peripherals, printer cartridge, and other limited-use consumables.

The DS28E38 utilizes the ChipDNA output as key content to cryptographically secure all device stored data and optionally, under user control, as the private key for the ECDSA signing operation. With ChipDNA capability, the device provides a core set of cryptographic tools derived from integrated blocks including an asymmetric (ECC-P256) hardware engine, a FIPS/NIST-compliant true random number generator (TRNG), 2 kbits of secured EEPROM, a decrement-only counter and a unique 64-bit ROM identification number.

The ECC public/ private key capabilities operate from the NIST-defined P-256 curve to provide a FIPS 186-compliant ECDSA signature generation function. The unique ROM ID serves as a fundamental input parameter for cryptographic operations and as an electronic serial number within the application.

The DS28E38 communicates over the single-contact 1-Wire bus at both standard and overdrive speeds. The communication follows the 1-Wire protocol with the ROM ID acting as node address in the case of a multidevice 1-Wire network. The part, housed in a 3- by 3-mm, six-pin TDFN-EP package, operates at 3.3 V in temperatures ranging from -40°C to +85°C. An evaluation kit is available.