ATECC108A vs ATAES132

Log in or register to post comments
Go To Last Post
4 posts / 0 new
Author
Message
lcruz007
lcruz007's picture
Level: Hangaround
Joined: Sun. Mar 8, 2009
Posts: 151 View posts
#1
Posted by lcruz007: Sun. May 20, 2018 - 05:57 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi,

 

I am working on a project that I need to do some secure authentication. 

 

I bought the cryptocape from Sparkfun, and my two top candidates are the secure EEPROM from Atmel, ATECC108A and the cryptoauthentication chip ATECC108A. The latter seems more secure and more relevant to my application. Basically, there is one thing I am trying to accomplish: Remote Attestation on both hardware and software. In other words, I need to make sure (remotely) that my hardware and microcontrollaer's software hasn't been compromised whatsoever (and that the hardware is not a counterfeit! A unique serial number helps). 

 

My question is: Can't I accomplish the same as what the ATECC108A offers by using custom-made asymmetric keys and storing them on the ATAES132 EEPROM? What's the main difference of the two chips if IMO the EEPROM can do the same as the cryptoauthentication chip?

 

I am more inclined in using the ATAES132 EEPROM because of the lack of documentation for the ATECC108A. For instance, I couldn't find the complete datasheet for the ATECC108A. But I found the one for the EEPROM: https://www.mouser.com/ds/2/268/...

 

 

Would you recommend using ATECC108A for crypto-authentication/remote attestation? Or should I go with ATECC108A?

 

 

 

 

Tags:

Tools, Atmel Studio (AVR-related)
Top
Bronze Markjs
js's picture
Level: Moderator
Joined: Wed. Mar 28, 2001
Posts: 30512 View posts
Location: Sydney, Australia (Gum trees, Koalas and Kangaroos, No Edelweis, but plenty of Corona beer)
Posted by js: Sun. May 20, 2018 - 06:45 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Sorry, but why do you think that this topic belongs in the Studio forum?

John Samperi

Ampertronics Pty. Ltd.

https://www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

Top
Kartman
Kartman's picture
Level: 10k+ Postman
Joined: Thu. Dec 30, 2004
Posts: 24951 View posts
Location: Melbourne,Australia
Posted by Kartman: Sun. May 20, 2018 - 08:45 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The later devices such as the ATECC508A and 608 require a signed NDA to get the full datasheet. I'd expect the 108A is the same. As for checking your code, you'll need to do a bit of thinking about that one. What if I knew already of the original code and its hash? I could fake this up in code and report the 'correct' hash to the remote system. Obviously the trick is to stop errant code from getting in, so using the authentication features, you'd be able to identify your AVR system to the remote system and negotiate a session key to transfer new code and validate it. However, if someone gets hold of the code inside the flash, all bets are off.

Top
Gold Markclawson
clawson's picture
Level: Moderator
Joined: Mon. Jul 18, 2005
Posts: 102558 View posts
Location: (using avr-gcc in) Finchingfield, Essex, England
Posted by clawson: Sun. May 20, 2018 - 04:42 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Is this a one off design or something for production? If the latter I would contact Atmel /Microchip and get put in touch with a Field Application Engineer.
.
If NDAs are involved this may happen anyway.

Last Edited: Sun. May 20, 2018 - 04:43 PM
Top