Enhancing Embedded Cyber Defences

Datakey’s new CryptoAuthentication™ tokens, now available in the UK, Ireland, Germany, Austria, Switzerland and Scandinavia from Nexus Industrial Memory.   The line comprises four products; the IAT4.5Kb, the IAX4.5Kb, the IAT10.5Kb and the IAX10.5Kb. All are ideal for embedded systems that require ‘cyber robust’ removable memory devices for applications that include the transfer of passwords (or other data needed for user authentication purposes) or for the physical transfer of security keys, certificates, sensitive data or system configuration files.


At the heart of all devices in the CryptoAuthentication line of memory tokens, is a Microchip CryptoAuthentication high-security hardware IC. Its features include a unique and non-changeable 72-bit serial number (set by Microchip), 512bit one-time programmable (OTP) zone, a random number generator, and a SHA-256 hash algorithm for data encryption.


Michael Barrett, Managing Director of Nexus Industrial Memory, comments: “Datakey CryptoAuthentication tokens combine the best of both worlds, namely silicon geared for high security applications and a rugged form factor that makes them ideal for use in harsh environments. Nexus is pleased to be supplying these tokens, and our highly experienced specialists are on hand to help customers make their applications, such as user authentication and access control, as reliable and as secure as possible.”


The IAT4.5Kb and IAX4.5kB are both rated for a minimum of 100,000 write/erase cycles and have a 512byte EEPROM data zone, divided into 16 equal slots of 32bytes for data storage. Each slot can be configured as read-only or read/write, in either clear or encrypted modes.


The IAT10.5Kb and IAX10.5Kb are both rated for a minimum of 400,000 write/erase cycles and have a 1208byte EEPROM data storage zone. It too is divided into 16 slots; eight are 36bytes wide, seven are 72bytes wide and one is 416bytes wide. Again, each slot can be configured as read-only or read/write, in either clear or encrypted modes. The IAT10.5Kb and IAX10.5Kb devices also include hardware support for asymmetric Elliptic Curve Cryptography (ECDH and ECDSACC) and support for symmetric SHA-256 and AES-128 data encryption.


The ‘T’ and ‘X’ in the tokens’ names reflect their lengths; the IAT is 30.3mm long and the IAX is 51.5mm long. Both are 18.4mm wide and 4.4mm deep, have a storage temperature range of -40 to 100oC and an operating temperature range of -40 to 85oC.


All four tokens in the new CryptoAuthentication line are compatible with the Datakey SlimLine™, available in PCB-mount (PTH and SMT) and panel-mount form factors. In addition, several panel-mount receptacles in the range have IP65 or IP67 ratings and are available with a locking connector for high-vibration applications.


Barrett concludes: “You need only search the web for stories of how commercially available, standard form factor and unsecure removable memory devices, such as USB thumb drives, have become the weakest links in the cyber defences of many an organisation. With CryptoAuthentication tokens, the risk of device cloning is virtually non-existent and the Microchip ICs inside have security features to detect tampering and thwart cyber-attacks.”


To aid in the development of an embedded system that will use CryptoAuthentication tokens, Datakey extension boards that plug into Microchip’s ATSAMD21-XPRO development board are also available from Nexus Industrial Memory.