ABRIDGED DATA SHEET Evaluation Kit Design Tools Support Available Resources and Models Click here to ask an associate for production status of specific part numbers. DeepCover Secure Authenticator DS28EL25 with 1-Wire SHA-256 with 4Kb User EEPROM General Description Features DeepCover embedded security solutions cloak sensitive Symmetric Key-Based Bidirectional Secure data under multiple layers of advanced physical security Authentication Model Based on SHA-256 to provide the industrys most secure key storage pos- Dedicated Hardware-Accelerated SHA Engine for sible. The Deepcover Secure Authenticator (DS28EL25) Generating SHA-256 MACs combines crypto-strong, bidirectional, secure challenge- Strong Authentication with a High Bit Count, User- and-response authentication functionality with an imple- Programmable Secret, and Input Challenge mentation based on the FIPS 180-3-specified Secure 4096 Bits of User EEPROM Partitioned Into 16 Hash Algorithm (SHA-256). A 4Kb user-programmable EEPROM array provides nonvolatile storage of applica- Pages of 256 Bits tion data and additional protected memory holds a read- User-Programmable and Irreversible EEPROM protected secret for SHA-256 operations and settings for Protection Modes Including Authentication, Write and user memory control. Each device has its own guaranteed Read Protect, and OTP/EPROM Emulation unique 64-bit ROM identification number (ROM ID) that is Unique, Factory-Programmed 64-Bit Identification factory programmed into the chip. This unique ROM ID is Number used as a fundamental input parameter for cryptographic Single-Contact 1-Wire Interface Communicates with operations and also serves as an electronic serial num- Host at Up to 76.9kbps ber within the application. A bidirectional security model enables two-way authentication between a host system Operating Range: 1.8V 5%, -40C to +85C and slave-embedded DS28EL25. Slave-to-host authenti- Low-Power 5A (typ) Standby cation is used by a host system to securely validate that 8kV Human Body Model ESD Protection (typ) an attached or embedded DS28EL25 is authentic. Host- to-slave authentication is used to protect DS28EL25 user 6-Pin TDFN Package memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the Typical Application Circuit DS28EL25 generates, is computed from data in the user 1.8V memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The DS28EL25 communicates over R P R = 820 P the single-contact 1-Wire bus at overdrive speed. The V CC 2 MAXIMUM I C BUS CAPACITANCE 400pF SDA communication follows the 1-Wire protocol with the ROM 2 (I C PORT) SCL ID acting as node address in the case of a multiple-device DS24L65 C 1-Wire network. 1-Wire LINE SLPZ IO Applications Authentication of Network-Attached Appliances DS28EL25 Printer Cartridge ID/Authentication Reference Design License Management System Intellectual Property Protection Sensor/Accessory Authentication and Calibration Secure Feature Setting for Configurable Systems Ordering Information appears at end of data sheet. Key Generation and Exchange for Cryptographic Systems 1-Wire and DeepCover are registered trademarks of Maxim Integrated Products, Inc. 219-0022 Rev 1 6/21 2021 Analog Devices, Inc. All rights reserved. Trademarks and registered trademarks are the property of their respective owners. One Analog Way, Wilmington, MA 01887 U.S.A. Tel: 781.329.4700 2021 Analog Devices, Inc. All rights reserved.ABRIDGED DATA SHEET DS28EL25 DeepCover Secure Authenticator with 1-Wire SHA-256 with 4Kb User EEPROM ABSOLUTE MAXIMUM RATINGS IO Voltage Range to GND ......................................-0.5V to 4.0V Storage Temperature Range ............................ -55C to +125C IO Sink Current...................................................................20mA Lead Temperature (soldering, 10s) .................................+300C Operating Temperature Range .......................... -40C to +85C Soldering Temperature (reflow) .......................................+260C Junction Temperature ......................................................+150C Stresses beyond those listed under Absolute Maximum Ratings may cause permanent damage to the device. These are stress ratings only, and functional operation of the device at these or any other conditions beyond those indicated in the operational sections of the specifications is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. ELECTRICAL CHARACTERISTICS (T = -40C to +85C, unless otherwise noted.) (Note 1) A PARAMETER SYMBOL CONDITIONS MIN TYP MAX UNITS IO PIN: GENERAL DATA 1-Wire Pullup Voltage V (Note 2) 1.71 1.89 V PUP 1-Wire Pullup Resistance R V = 1.8V 5% (Note 3) 300 750 PUP PUP Input Capacitance C (Notes 4, 5) 1500 pF IO Input Load Current I IO pin at V 5 19.5 A L PUP High-to-Low Switching Threshold V (Notes 6, 7) 0.65 x V V TL PUP Input Low Voltage V (Notes 2, 8) 0.3 V IL Low-to-High Switching Threshold V (Notes 6, 9) 0.75 x V V TH PUP Switching Hysteresis V (Notes 6, 10) 0.3 V HY Output Low Voltage V I = 4mA (Note 11) 0.4 V OL OL Recovery Time t R = 750 (Notes 2, 12) 5 s REC PUP Time-Slot Duration t (Notes 2, 13) 13 s SLOT IO PIN: 1-Wire RESET, PRESENCE-DETECT CYCLE Reset Low Time t (Note 2) 48 80 s RSTL Reset High Time t (Note 14) 48 s RSTH Presence-Detect Sample Time t (Notes 2, 15) 8 10 s MSP IO PIN: 1-Wire WRITE Write-Zero Low Time t (Notes 2, 16) 8 16 s W0L Write-One Low Time t (Notes 2, 16) 0.25 2 s W1L IO PIN: 1-Wire READ Read Low Time t (Notes 2, 17) 0.25 s 2 - d RL Read Sample Time t (Notes 2, 17) 2 s MSR t + d RL EEPROM Programming Current I V = 1.89V (Notes 5, 18) 1 mA PROG PUP Programming Time for a 32-Bit t (Note 19) 10 ms PRD Segment or Page Protection Programming Time for the Secret t Refer to the full data sheet. 200 ms PRS Write/Erase Cycling Endurance N T = +85C (Notes 21, 22) 100k CY A Data Retention t T = +85C (Notes 23, 24, 25) 10 Years DR A Analog Devices 2 www.analog.com