The Microchip ATECC608B-TNGTLS is the Trust&GO secure element part of the Trust Platform for the CryptoAuthentication family. The device comes pre-configured and pre-provisioned with default thumbprint certificates and key. The configuration and credentials are locked in the device and cannot be changed. The cloud infrastructure, either it's a public of private network, needs to accommodate device authentication relying only on the thumbprint certificate from the ATECC608B-TNGTLS. In other words, the cloud infrastructure would not require verification of the thumbprint certificate by a certificate authority. This secure element integrates ECDH (Elliptic Curve Diffie Hellman) security protocol an ultra-secure method to provide key agreement for encryption/decryptio
n, along with ECDSA (Elliptic Curve Digital Signature Algorithm) sign-verify authentication for the Internet of Things (IoT) market including home automation, industrial networking, medical, retail or any TLS connected networks. Other important feature integrated in the ATECC608B-TNGTLS is the AES128 hardware accelerator and hardware-based cryptographic key storage and cryptographic countermeasures which eliminate potential backdoors linked to software weaknesses. The device is agnostic of any microprocessor (MPU) or microcontroller (MCU) and compatible with virtually any MCUs or MPUs thanks to the CryptoAuthLib library. As with all CryptoAuthentication devices, the ATECCC608B delivers extremely low-power consumption, requires only a single GPIO over a wide voltage range, and has a tiny form factor making it ideal for a variety of applications that require longer battery life and flexible form factors.
The ATECC608B-TNGTLS comes preconfigured with default thumbprint certificates and key that are locked in the device and not changeable. It help reduce the cost incurred by a third party certificate authority as well as the complexity to deal with certificates as a whole.
Take a look at the various code examples by leveraging our "Microchip Trust Platform" software development tool:
Cloud authentication for AWS IoT (32-bit MCU)
Cloud Authentication for AWS Greengrass (Linux)
Cloud Authentication for Microsoft Azure (32-bit MCU)
Cloud Authentication for Google Cloud IoT Core (32/16/8 bit MCU)
LoRa Authentication for The Things Industries (TTI) or Actility join servers
TLS network authentication with third party stacks
Additional Features
Cryptographic co-processor with secure hardware-based key storage
Protected storage for up to 16 Keys, certificates or data
Hardware support for asymmetric sign, verify, key agreement – ECDSA: FIPS186-3 Elliptic Curve Digital Signature
ECDH: FIPS SP800-56A Elliptic Curve Diffie-Hellman
NIST standard P256 elliptic curve support
Hardware support for symmetric algorithms
SHA-256 & HMAC hash including off-chip context save/restore
AES-128: encrypt/decrypt, galois field multiply for GCM
Networking key management support
Turnkey PRF/HKDF calculation for TLS 1.2 & 1.3
Ephemeral key generation and key agreement in SRAM – Small message encryption with keys entirely protected
Secure boot support
Full ECDSA code signature validation, optional stored digest/signature – optional communication key disablement prior to secure boot
Encryption/Authentic
ation for messages to prevent on-board attacks
Internal high-quality FIPS 800-90 A/B/C Random Number Generator (RNG)
Two high-endurance monotonic counters
Guaranteed unique 72-bit serial number
Two interface options available
High-speed single pin interface with One GPIO pin
Operating temperature up to 100C
1MHz Standard I2C interface
1.8V to 5.5V IO levels, 2.0V to 5.5V supply voltage
<150nA Sleep current
8-pad UDFN, 8-lead SOIC, and 3-lead CONTACT packages
The Microchip ATECC608B-TNGTLS is the Trust&GO secure element part of the Trust Platform for the CryptoAuthentication family. The device comes pre-configured and pre-provisioned with default thumbprint certificates and key. The configuration and credentials are locked in the device and cannot be changed. The cloud infrastructure, either it's a public of private network, needs to accommodate device authentication relying only on the thumbprint certificate from the ATECC608B-TNGTLS. In other words, the cloud infrastructure would not require verification of the thumbprint certificate by a certificate authority. This secure element integrates ECDH (Elliptic Curve Diffie Hellman) security protocol an ultra-secure method to provide key agreement for encryption/decryption, along with ECDSA (Elliptic Curve Digital Signature Algorithm) sign-verify authentication for the Internet of Things (IoT) market including home automation, industrial networking, medical, retail or any TLS connected networks. Other important feature integrated in the ATECC608B-TNGTLS is the AES128 hardware accelerator and hardware-based cryptographic key storage and cryptographic countermeasures which eliminate potential backdoors linked to software weaknesses.
The device is agnostic of any microprocessor (MPU) or microcontroller (MCU) and compatible with virtually any MCUs or MPUs thanks to the CryptoAuthLib library. As with all CryptoAuthentication devices, the ATECCC608B delivers extremely low-power consumption, requires only a single GPIO over a wide voltage range, and has a tiny form factor making it ideal for a variety of applications that require longer battery life and flexible form factors.
The ATECC608B-TNGTLS comes preconfigured with default thumbprint certificates and key that are locked in the device and not changeable. It help reduce the cost incurred by a third party certificate authority as well as the complexity to deal with certificates as a whole.
Take a look at the various code examples by leveraging our "Microchip Trust Platform" software development tool:
Cloud authentication for AWS IoT (32-bit MCU)
Cloud Authentication for AWS Greengrass (Linux)
Cloud Authentication for Microsoft Azure (32-bit MCU)
Cloud Authentication for Google Cloud IoT Core (32/16/8 bit MCU)
LoRa Authentication for The Things Industries (TTI) or Actility join servers
TLS network authentication with third party stacks
Additional Features
- Cryptographic co-processor with secure hardware-based key storage
- Protected storage for up to 16 Keys, certificates or data
- Hardware support for asymmetric sign, verify, key agreement – ECDSA: FIPS186-3 Elliptic Curve Digital Signature
- ECDH: FIPS SP800-56A Elliptic Curve Diffie-Hellman
- NIST standard P256 elliptic curve support
- Hardware support for symmetric algorithms
- SHA-256 & HMAC hash including off-chip context save/restore
- AES-128: encrypt/decrypt, galois field multiply for GCM
- Networking key management support
- Turnkey PRF/HKDF calculation for TLS 1.2 & 1.3
- Ephemeral key generation and key agreement in SRAM – Small message encryption with keys entirely protected
- Secure boot support
- Full ECDSA code signature validation, optional stored digest/signature – optional communication key disablement prior to secure boot
- Encryption/Authentication for messages to prevent on-board attacks
- Internal high-quality FIPS 800-90 A/B/C Random Number Generator (RNG)
- Two high-endurance monotonic counters
- Guaranteed unique 72-bit serial number
- Two interface options available
- High-speed single pin interface with One GPIO pin
- Operating temperature up to 100C
- 1MHz Standard I2C interface
- 1.8V to 5.5V IO levels, 2.0V to 5.5V supply voltage
- <150nA Sleep current
- 8-pad UDFN, 8-lead SOIC, and 3-lead CONTACT packages