Click here to ask an associate for production status of specific part numbers.
DS2478
DeepCover Automotive Secure Coprocessor
General Description
Benefits and Features
®
The DS2478 is a DeepCover secure ECDSA and HMAC
SHA-256 coprocessor companion to the DS28E40 or
DS28C40. The coprocessor can compute any required
HMACs or ECDSA signatures to do any operation on the
DS28E40 or DS28C40. The DS2478 provides a core set
of cryptographic tools derived from integrated asymmetric
(ECC P-256) and symmetric (SHA-256) security functions.
In addition to the security services provided by the hard-
ware implemented crypto engines, the device integrates a
FIPS/NIST true random number generator (TRNG), 6Kb
of secured one-time-programmable (OTP) memory, one
configurable GPIO, and a unique 64-bit ROM identification
number (ROM ID).
● HW Accelerator Offloads ECDSA and SHA-256
Computations from Host Processor
• FIPS 186 ECDSA P-256 Signature and Verification
• ECDH Key Exchange for Session Key
Establishment
• ECDSA-Authenticated R/W of Configurable
Memory
• FIPS 180 HMAC for Bidirectional Authentication
● SHA-256 One-Time Pad Encrypted R/W of
Configurable Memory Using an ECDH Established
Key
● One GPIO Pin with Optional Authentication Control
• Open Drain, 4mA/0.4V
The ECC public/private key capabilities operate from the
NIST-defined P-256 curve and include FIPS 186-compli-
ant ECDSA signature generation and verification to sup-
port a bidirectional asymmetric key authentication model.
The SHA-256 secret-key capabilities are compliant with
FIPS 180 and are flexibly used in conjunction with ECDSA
operations or independently for multiple HMAC functions.
• Optional SHA-256 or ECDSA-Authenticated On/Off
and State Read
• Optional ECDSA Certificate to Set On/Off after
Multiblock Hash for Secure Boot
● TRNG with NIST SP 800-90B Compliant Entropy
Source with Function to Read Out
● Optional Chip-Generated Pr/Pu Key Pairs for ECC
Operations
● 6Kb of One-Time Programmable (OTP) Memory for
User Data, Keys, and Certificates
● Unique and Unalterable, Factory-Programmed, 64-Bit
Identification Number (ROM ID)
The GPIO pin can be operated under command control
and include configurability supporting authenticated and
nonauthenticated operation including an ECDSA-based
crypto-robust mode to support secure-boot of a host
processor. This secure-boot method can also be used to
enable the coprocessor functions.
• Optional Input Data Component to Crypto and Key
Operations
DeepCover embedded security solutions cloak sensitive
data under multiple layers of advanced security to provide
the most secure key storage possible. To protect against
device-level security attacks, invasive and noninvasive
countermeasures are implemented, including an active die
shield, encrypted storage of keys, and algorithmic meth-
ods.
2
● I C Communication up to 1MHz
● 3.3V ±10%, -40°C to +125°C Operating Range
● 10-Pin, 3mm x 3mm, Side-Wettable TDFN Package
● AEC-Q100 Grade 1
Applications
● Automotive Secure Authentication
● Identification and Calibration Automotive of Parts/
Tools/Accessories
Request DS2478
Security User Guide
● IoT Node Crypto-Protection
● Secure Authentication of Accessories and Peripherals
● Secure Storage of Cryptographic Keys for a Host
Controller
● Secure Boot or Download of Firmware and/or System
Parameters
DeepCover is a registered trademark of Maxim Integrated Products, Inc.
19-101425; Rev 0; 1/22
Ordering Information appears at end of data sheet.
© 2021 Analog Devices, Inc. All rights reserved. Trademarks and registered trademarks are the property of their respective owners.
One Analog Way, Wilmington, MA 01887 U.S.A. | Tel: 781.329.4700 | © 2022 Analog Devices, Inc. All rights reserved.