SPI ve I²C Bus Cripto Çipi

[M.Salim GÜLLÜCE]

MicroChip'in otmobiller için ürettiği Cyripto çipi.

Acaip de geniş özelliklerden bahsedilmiş.

Features
• Advanced Crypto Engine (ACE) for Execution of All Cryptography Commands
• Fast Crypto Engine (FCE) – High-Speed Hardware Cryptographic Functions
– AES-CMAC (128-bit) calculation and validation at SPI bus speed (up to 16 MHz)
– SHA-256, HMAC-SHA256 at SPI bus speed (up to 16 MHz)
• Elliptic Curves Support: ECC
– P-224 – Elliptic Curve Digital Signature Algorithm (ECDSA) sign, verify, KeyGen, Elliptic Curve Diffie–
Hellman (ECDH) and Elliptic-Curve Burmester-Desmedt (ECBD)
– P-256 – ECDSA sign, verify, KeyGen and ECDH
– P-384 – ECDSA sign, verify, KeyGen and ECDH
– Secp256k1 (Bitcoin/Blockchain) – ECDSA sign, verify and KeyGen
– 256-bit Brainpool – ECDSA sign, verify, KeyGen and ECDH
• RSA Support:
– 1024-bit, 2048-bit RSA-OAEP encrypt/decrypt
– 2048-bit RSA signature generation and verification
– 3072-bit RSA signature verification only
• Symmetric Cryptography and Algorithm Support
– AES Key Generation (16 byte keys)
– AES-ECB encryption/decryption (128-bit,). Support for external API software implementation with host
MCU of alternate ciphers CBC, CCM, Counter mode and others
– AES-CMAC (128-bit) calculation and validation
– Authenticated Encryption with Associated Data (AEAD) using AES-GCM (128-bit single mode support)
– SHA-256 and HMAC-SHA256 digest calculation
• ECDH Key Management Capability with Integrated KDF in Counter Mode Using HMAC-SHA256
• Multiple Key Derivation Functions (KDF) are Supported
– Includes PRF, HKDF, SP800-108 KDF and SHA-256 one-step KDF
– TLS V1.2 – Full-session establishment support including PRF KDF in conjunction with host SW
– TLS V1.3 – Full-session establishment support including HKDF in conjunction with host SW
– Cryptographic support for HDCP V2.2 including two specific AES options for key management
• Certifications
– NIST SP800-90 A/B/C Random Number Generator (RNG)
– NIST compliance mode to allow FIPS 140-2 security rules to be enforced. Allows for formal NIST
certification
– Vulnerability Assessment Rating of JIL High
• 6k to 11k Bytes of Available User Memory (Varies with the Number of Stored Keys)
• Multiple I/O Options for Security Commands Include:
– 1 MHz standard I2C interface
– 16 MHz SPI interface Modes 0 and 3
• Package Options:
– 8-lead SOIC
– 24-pad 4 mm x 4 mm VQFN
• Voltage Supply Range: 2.7V to 5.5V
• AEC-Q100 Automotive Qualified
• Automotive Grade 1 Temperature Range: -40°C to +125°C Ambient Operating Range

Use Cases
• Validation of Code Integrity via Full or Partial Secure Boot
• Secure Firmware Update
• CAN Message Authentication
• WPC 1.3 Qi High Power Transmitter Authentication
• High-Bandwidth Digital Content Protection (HDCP) Cryptographic Support
• Secure Network Authentication and Session Establishment using TLS
• Electric Vehicle (EV) Battery Authentication



SPI



I²C



TA100 Datasheet