ABRIDGED DATA SHEET
EVALUATION KIT AVAILABLE
DS28EL22
DeepCover Secure Authenticator with
1-Wire SHA-256 and 2Kb User EEPROM
General Description
Features
®
DeepCover embedded security solutions cloak sensitive
data under multiple layers of advanced physical secu-
rity to provide the most secure key storage possible. The
DeepCover Secure Authenticator (DS28EL22) combines
crypto-strong, bidirectional, secure challenge-and-response
authentication functionality with an implementation based on
the FIPS 180-3-specified Secure Hash Algorithm (SHA-256).
A 2Kb user-programmable EEPROM array provides non-
volatile storage of application data and additional protected
memory holds a read-protected secret for SHA-256 opera-
tions and settings for user memory control. Each device has
its own guaranteed unique 64-bit ROM identification number
(ROM ID) that is factory programmed into the chip. This
unique ROM ID is used as a fundamental input parameter
for cryptographic operations and also serves as an electronic
serial number within the application. A bidirectional security
model enables two-way authentication between a host sys-
tem and slave-embedded DS28EL22. Slave-to-host authen-
tication is used by a host system to securely validate that an
attached or embedded DS28EL22 is authentic. Host-to-slave
authentication is used to protect DS28EL22 user memory
from being modified by a nonauthentic host. The SHA-256
message authentication code (MAC), which the DS28EL22
generates, is computed from data in the user memory, an
on-chip secret, a host random challenge, and the 64-bit ROM
ID. The DS28EL22 communicates over the single-contact
♦ꢀ Symmetric Key-Based Bidirectional Secure
Authentication Model Based on SHA-256
♦ꢀ Dedicated Hardware-Accelerated SHA Engine for
Generating SHA-256 MACs
♦ꢀ Strong Authentication with a High Bit Count, User-
Programmable Secret, and Input Challenge
♦ꢀ 2048 Bits of User EEPROM Partitioned Into 8
Pages of 256 Bits
♦ꢀ User-Programmable and Irreversible EEPROM
Protection Modes Including Authentication, Write
and Read Protect, and OTP/EPROM Emulation
♦ꢀ Unique, Factory-Programmed 64-Bit Identification
Number
♦ꢀ Single-Contact 1-Wire Interface Communicates
with Host at Up to 76.9kbps
♦ꢀ Operating Range: 1.8V ±5%, -40°C to +85°C
♦ꢀ Low-Power 5µA (typ) Standby
♦ꢀ ±8kV Human Body Model ESD Protection (typ)
♦ꢀ 6-Pin TDFN Package
Typical Application Circuit
®
1-Wire bus at overdrive speed. The communication follows
1.8V
the 1-Wire protocol with the ROM ID acting as node address
in the case of a multiple-device 1-Wire network.
R
P
R
= 820Ω
P
V
CC
2
MAXIMUM I C BUS CAPACITANCE 400pF
SDA
SCL
2
(I C PORT)
Applications
DS24L65
µC
Authentication of Network-Attached Appliances
Printer Cartridge ID/Authentication
1-Wire LINE
SLPZ
IO
Reference Design License Management
System Intellectual Property Protection
DS28EL22
Sensor/Accessory Authentication and Calibration
Secure Feature Setting for Configurable Systems
Key Generation and Exchange for Cryptographic
Systems
Ordering Information appears at end of data sheet.
DeepCover and 1-Wire are registered trademarks of Maxim Integrated Products, Inc.
For related parts and recommended products to use with this part, refer to: www.maximintegrated.com/DS28EL22.related
For pricing, delivery, and ordering information, please contact Maxim Direct at
1-888-629-4642, or visit Maxim Integrated’s website at www.maximintegrated.com.
219-0023; Rev 2; 5/21