ATECC108A vs ATAES132

Go To Last Post
4 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi,

 

I am working on a project that I need to do some secure authentication. 

 

I bought the cryptocape from Sparkfun, and my two top candidates are the secure EEPROM from Atmel, ATECC108A and the cryptoauthentication chip ATECC108A. The latter seems more secure and more relevant to my application. Basically, there is one thing I am trying to accomplish: Remote Attestation on both hardware and software. In other words, I need to make sure (remotely) that my hardware and microcontrollaer's software hasn't been compromised whatsoever (and that the hardware is not a counterfeit! A unique serial number helps). 

 

My question is: Can't I accomplish the same as what the ATECC108A offers by using custom-made asymmetric keys and storing them on the ATAES132 EEPROM? What's the main difference of the two chips if IMO the EEPROM can do the same as the cryptoauthentication chip?

 

I am more inclined in using the ATAES132 EEPROM because of the lack of documentation for the ATECC108A. For instance, I couldn't find the complete datasheet for the ATECC108A. But I found the one for the EEPROM: https://www.mouser.com/ds/2/268/...

 

 

Would you recommend using ATECC108A for crypto-authentication/remote attestation? Or should I go with ATECC108A?

 

 

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Sorry, but why do you think that this topic belongs in the Studio forum?

John Samperi

Ampertronics Pty. Ltd.

www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The later devices such as the ATECC508A and 608 require a signed NDA to get the full datasheet. I'd expect the 108A is the same. As for checking your code, you'll need to do a bit of thinking about that one. What if I knew already of the original code and its hash? I could fake this up in code and report the 'correct' hash to the remote system. Obviously the trick is to stop errant code from getting in, so using the authentication features, you'd be able to identify your AVR system to the remote system and negotiate a session key to transfer new code and validate it. However, if someone gets hold of the code inside the flash, all bets are off.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Is this a one off design or something for production? If the latter I would contact Atmel /Microchip and get put in touch with a Field Application Engineer.
.
If NDAs are involved this may happen anyway.

Last Edited: Sun. May 20, 2018 - 04:43 PM