Secure 7 Click carries the ATECC608A cryptographic coprocessor with secure hardware-based key storage, from Microchip. The ATECC608A includes an EEPROM array which can be used for storage of up to 16 keys, certificates, miscellaneous read/write, read-only or secret data, consumption logging, and security configurations. The ATECC608A equipped on this Click board™, supports the SWI interface with a flexible command set, that allows use in various security applications, including Network/IoT Node Endpoint Security, Secure Boot, Small Message Encryption, Key Generation for Software Download, Ecosystem control, Anti Counterfeiting and similar.
Secure 7 Click board™ is supported by a mikroSDK compliant library, which includes functions that simplify software development.
The EEPROM array that is included in the ATECC608A coprocessor can be used for storage of up to 16 keys, certificates, miscellaneous read/write, read-only or secret data, consumption logging, and security configurations. Access to the various sections of memory can be restricted in a variety of ways and then the configuration can be locked to prevent changes. Therefore, this Secure 7 Click should mainly be used for security purposes.
Microchip's ATECC608A integrates ECDH (Elliptic Curve Diffie Hellman) security protocol, an ultra-secure method to provide key agreement for encryption/decryption. It also integrates the ECDSA (Elliptic Curve Digital Signature Algorithm) sign-verify authentication for the Internet of Things (IoT) market, including home automation, industrial networking, accessory and consumable authentication, medical, mobile and more.
It features a wide array of defense mechanisms specifically designed to prevent physical attacks on the device itself, or logical attacks on the data transmitted between the device and the system. Hardware restrictions on the ways in which keys are used or generated provide further defense against certain styles of attack.
The ATECC608A has a flexible command set that allows use in many applications, including the Network/IoT Node Protection that authenticates node IDs, ensures the integrity of messages, and supports key agreement to create session keys for message encryption. It can also be used for Anti-Counterfeiting, meaning it validates that a removable, replaceable, or consumable client is authentic. Examples of clients could be system accessories, electronic daughter cards, or other spare parts. It can also be used to validate a software/firmware module or memory storage element. The next feature is Protecting Firmware or Media, which means it validates code stored in flash memory at boot to prevent unauthorized modifications, encrypt downloaded program files as a common broadcast, or uniquely encrypt code images to be usable on a single system only. Also, storing Secure Data, which means you can store secret keys for use by crypto accelerators in standard microprocessors. Programmable protection is available using encrypted/authenticated reads and writes. And finally, Checking User Password, and that ensures that it validates user-entered passwords without letting the expected value become known, maps memorable passwords to a random number, and securely exchanges password values with remote systems.
Access to the device is made through a standard SWI Interface at speeds of up to 1Mb/s, which can reduce the number of GPIOs required on the system processor, and/or reduce the number of pins on connectors. If the Single-Wire Interface is enabled, the remaining pin is available for use as a GPIO, an authenticated output or tamper input.
Each ATECC608A ships with a guaranteed unique 72-bit serial number. Using the cryptographic protocols supported by the device, a host system or remote server can verify a signature of the serial number to prove that the serial number is authentic and not a copy. Serial numbers are often stored in a standard Serial EEPROM; however, these can be easily copied with no way for the host to know if the serial number is authentic or if it is a clone.
The device is consuming very low current, especially while it is in the sleep mode. The chip itself uses less than 150nA, in that case. The voltage range which can be used to power up the Secure 7 Click, allows for it to work with both 3.3V and 5V capable MCUs. Therefore, this Click board™ supports the parasitic power supply mode, where the main IC is powered via the communication line. When the onboard jumper PWR BYP is removed, Secure 7 Click
The chip itself uses a minimal number of pins; only the SWI lines are routed to the mikroBUS™ along with the 3.3V and 5V rails. The device can work with any of these voltages. It can be selected by soldering a small SMD jumper, labeled as VIO SEL to the correct position.
IMPORTANT: On this Click board™, UART lines (RX and TX) are shorted and pulled high by the 1KΩ resistor. Basicly, they act as a single line and only one trace is routed to the ATSHA204A IC. Further it means that UART pins can be used only for SWI communication when this Click board™ is used on a system.
- Interface: SWI
- Compatibility: mikroBUS™
- Dimensions: 42.9 x 25.4mm
- Input Voltage: 3.3V or 5V