Infineon Technologies AG has launched its OPTIGA Authenticate IDoT anti-counterfeit turnkey solution with enhanced authentication to protect consumer devices, home appliances, and industrial machines from counterfeit spares and accessories. Use cases include single-use disposables for HVAC and water filters, rechargeable batteries for portable devices, light electric vehicles as well as computing and robotic systems in eMobility, industrial, and IoT environments.
The OPTIGA Authenticate IDoT provides unique on-chip turnkey digital certificates and key pairs. The embedded security solution also offers enhanced hardware Elliptic Curve Cryptography (ECC)-based security in a robust NSNP SMD housing that measures as small as 1.5 x 1.5 x 0.38 mm3.
“The OPTIGA Authenticate IDoT has multiple hardware and software countermeasures to protect against attacks,” Michael Armentrout, Americas Marketing and Business Development Management, Device Authentication, Infineon Technologies, told Electronic Products. “Creating counterfeit devices almost always involves a hardware attack, such as side channel analysis or reverse engineering of the IC. Standard MCUs do not have any protections against this type of attack but a dedicated security IC like the OPTIGA Authenticate IDoT does. It also includes advanced countermeasures that protect against reverse engineering and extend the security lifetime.”
Designers can select from three temperature ranges, including an extended operating temperature range of -40°C to 120°C, which makes the solution suitable for industrial applications. It supports four ECC authentication modes: one-way, mutual, host binding and host support. Other options include two communication profiles, three sets of memory, and four integrated secured decremental counters with secured lifecycle management, capless LDO and robust ESD protection.
Application diagram of OPTIGA Authenticate IDoT with I2C connectivity (Image: Infineon)
This IC works by using a cryptographic handshake between the OPTIGA Authenticate IDoT and a host MCU using Elliptic Curve Cryptography, explained Armentrout. “A device with the host MCU has a public key, which does not need to be kept secure. This is used to authenticate a battery, water filter or other accessory that contains the OPTIGA security chip, which has a protected, private key. The authentication process determines if the accessory is genuine, thus protecting against a counterfeit or clones (i.e, unauthorized refills/device).”
Armentrout also noted that the OPTIGA Authenticate IDoT can also be used to verify the host to ensure it is talking to a legitimate device. “It also has an optional feature to bind itself to a single host so it can’t be reused with other devices,” he said.
Compared to other authentication ICs on the market, the OPTIGA Authenticate IDoT has improved security features, more flexibility and is easier to implement, Armentrout added. In addition to the advanced security protections, this chip has features such as four protected lifecycle counters, an integrated optional kill feature, access-controlled NVM, and a GPO that can be triggered by the authentication step and provide a HW signal that authentication has passed, he said.
“The flexibility of this chip is highlighted in the options for host authentication and binding, up to 5 kb of protected NVM, options for I2C or SWI interfaces, and temperature ratings up to 120°C,” said Armentrout. “The implementation of this product is easy since the entire device is custom configured and provisioned for each customer in our Common Criteria security certified facilities. This enables customers to order their version of the part that is fully ready to use. We also provide the host code used to communicate with this chip so that integration in the system is as simple as possible.”
Samples are available now, along with evaluation and development kits together with full SDK, host code library, and C-base application interface (AIP).These tools are based on the latest PSoC 6 BLE prototyping kit with full programmer and debugger, BLE, and Wi-Fi capabilities.
The security solutions will be on display at Infineon’s Embedded Solutions Conference.
Infineon offers a range of OPTIGA security solutions including the OPTIGA Trust M and OPTIGA TRUST X.
Advertisement
Learn more about Infineon Technologies
