ECC-based Crypto Elements

There are now two Elliptic Curve Cryptography (ECC) crypto element devices in the Atmel CryptoAuthentication family of high-security hardware authentication devices: the ATECC508A and ATECC108A.

ATECC108A
The ATECC108A crypto element contains cryptographic engines that support full 256-bit Elliptic Curve Cryptography including Elliptic Curve Digital Signature Algorithm (ECDSA) sign-verify operations and features cryptographic and hardware defense mechanisms to prevent physical attacks on the device or logical attacks on the data transmitted between the device and the system. Device access is by means of a standard I²C interface or by Single-Wire Interface (SWI). The ATECC108A cryptographic protocols, especially ECDSA, make it ideal for asymmetric authentication applications. Being downward compatible with the ATSHA204A, it also runs symmetric operations. The ATECC108A can generate high-quality FIPS random numbers for any purpose ensuring that replay attacks (i.e. re-transmitting a previously successful transaction) always fail. A wide supply voltage range (2.0V to 5.5V) and an ultra-low sleep current (of <150nA) make it easy to use with any number of systems. The ATECC108A includes an EEPROM array for storage of up to 16 keys, miscellaneous read/write, read-only or secret data, consumption logging, and security configurations. A key feature of the ATECC108A is there is no need for secure storage in the host (asymmetric authentication). The ATECC108A is a pin-for-pin replacement of the ATECC108 and is downward compatible with the ATSHA204A and ATSHA204 crypto element devices.

Benefits

  • Easy way to run ECDSA Sign-Verify operations
  • Authentication without the need for secure storage in the host
  • No requirement for high speed computing in client devices.

ATECC508A
The ATECC508A crypto element is the first crypto device to integrate ECDH (Elliptic Curve Diffie–Hellman) key agreement, which makes it easy to add confidentiality (encryption/decryption) to digital systems including Internet of Things (IoT) nodes used in home automation, industrial networking, accessory and consumable authentication, medical, mobile and other applications. In addition to ECDH, the ATECC508A has ECDSA sign-verify capabilities built-in to provide highly secure asymmetric authentication. The combination of ECDH and ECDSA makes the device an ideal way to provide all three pillars of security such as confidentiality, data integrity, and authentication when used with MCU or MPUs running encryption/decryption algorithms (i.e. AES) in software. Similar to all Atmel CryptoAuthentication products, the new ATECC508A employs ultra-secure hardware-based cryptographic key storage and cryptographic countermeasures which are more secure than software-based key storage. This next-generation CryptoAuthentication device is compatible with any microprocessor (MPU) or microcontroller (MCU) including Atmel | SMART and Atmel AVR MCUs or MPUs. As with all CryptoAuthentication devices, the ATECCC508A delivers extremely low-power consumption, requires only a single GPIO over a wide voltage range, and has a tiny form factor making it ideal for a variety of applications including those that require longer battery life and flexible form factors. The ATECC508A is downward compatible with the ATECC108A, ATECC108, ATSHA204A, and ATSHA204 crypto element devices.

Benefits

  • Easy way to run ECDSA and ECDH Key Agreement
  • ECDH key agreement makes encryption/decryption easy
  • Ideal for IoT node security

 
Device
Description

Elliptic Curve (ECC) asymmetric crypto element with ECDSA and hardware key storage

Elliptic Curve (ECC) asymmetric crypto element with ECDH, ECDSA, and hardware key storage