Challenge & Response Authentication Using Symmetric SHA-256

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Host Computed Slave Secret Info

Secret

Info Select Page Page 0 Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12

Page Data

Authentication Result

Challenge

Attacks Replay Attack Man-in-the Middle (Modify Page Data)

Challenge and HMAC Intercepted by Intruder Page Data received from DS28C36 has been Modified by Intruder

Challenge & Response Authentication Using Asymmetric ECDSA

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Verify Slave is Part of System Info

Hash Input

Certificate R

Certificate S

Modify Hash Input Check box to test incorrect has input data

Info Select Page Page 0 Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12

Page Data

Public Key X

Public Key Y

Challenge

Info

Authentication Result

Signature R: Signature S:

Attacks Replay Attack Man-in-the Middle (Modify Page Data)

Challenge and Signature Intercepted by Intruder Page Data Received from DS28C36 has been Modified by Intruder

Authenticated SHA-256 Write

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Info Host Computed Slave Secret

Secret

Info Slave Page 0

Old Data

New Data

Auth HMAC

Compute HMAC

Press Compute HMAC (Required for Computation)

New Page Data

Page Data

Info Authenticate New Page Data

Challenge

Attacks Replay Attack Man-in-the Middle (Modify Page Data)

Challenge and HMAC Intercepted by Intruder Page Data received from DS28C36 has been Modified by Intruder.

Authenticated ECDSA Write

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Slave Authenticate Host Public Key Info

Public Key SX

Public Key SY

Customization

Signature R

Signature S

Generate Signature

Press Generate Signature (Required for Computation)

Info Slave Page 1

Old Data

New Data

Signature R

Signature S

Generate Write Signature

Press Generate Signature (Required for Computation)

Info Authenticate New Page Data

Page Data

Challenge

Device Public Key X

Device Public Key Y

Authentication Result

Signature R: Signature S:

Attacks Replay Attack Man in the Middle (Modify Page Data)

Challenge and ECDSA signature copied by intruder Page data from DS28C36 has been modified by intruder.

ECDH Key Establishment and Encrypted IO

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Verify Slave is Part of System Info

Hash Input

Certificate R

Certificate S

Compute Slave Session Key Info

Host Public Key X

Host Public Key Y

Customization

ECDH Customization

Signature R

Signature S

Generate Signature

Press Generate Signature (Required for Computation)

Compute Host Session Key Info

Device Public Key X

Device Public Key Y

ECDH Customization

Session Key

Compute Session Key

Press Compute Session Key (Required for Computation)

Encrypted Page Data (Using Page 2) Info

Encrypted Page Data

DS28C36 Challenge

Decrypted Page Data

Secure Download

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Verify Slave is Part of System Info

Hash Input

Certificate R

Certificate S

Sign Download Data Info

Vulnerabilities to attacks in critical systems are driving growing awareness for the need for improved security methods. Although the industry has relied largely on software-based cybersecurity methods, hardware-based methods are quickly gaining recognition as uniquely capable of delivering strong protection and providing a basis of trust well worth their incremental cost. The emergence of cost-effective silicon solutions enables designers to harden designs—dramatically reducing the risk of unauthorized access to embedded devices, peripherals, and systems, with minimal impact on overall cost.

Signature R

Signature S

Sign Data

Press Sign Data (Required for Computation)

Secure Encrypted GPIO

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Info Host Computed Slave Secret

Secret

Info GPIO Page

Encrypted Old Data

Decrypted Old Data

New Data

New Encrypted Data

Write Auth HMAC

Compute HMAC

Press Compute HMAC (Required for Computation)

Check Board to see GPIO Update

True Random Generator

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Select Number of RNG Bytes Info

Number of Bytes

RNG Bytes Received

Secure Counting

• Help
• Host Detect Device
• DS28C36

USB Adapter Connected

Secure Counting Info

Current Counter Value

Challenge & Response Authentication Using Asymmetric ECDSA

• Help
• Host Detect Device
• DS28E38

USB Adapter Connected

Verify Slave is Part of System Info

Hash Input

Certificate R

Certificate S

Simulate Incorrect Certificate Modify Hash Input

Info Select Page Page 0 Page 1 Page 2 Page 3 Page 4 Page 5

Page Data

Public Key X

Public Key Y

Challenge

Info Authentication Result

Signature R: Signature S:

Attacks Replay Attack Man-in-the Middle (Modify Page Data)

Challenge and Signature Intercepted by Intruder Page Data Received from DS28E36 has been Modified by Intruder.

True Random Generator

• Help
• Host Detect Device
• DS28E38

USB Adapter Connected

Select Number of RNG Bytes Info

Number of Bytes

RNG Bytes Received

Secure Counting

• Help
• Host Detect Device
• DS28E38

USB Adapter Connected

Secure Counting Info

Current Counter Value