STMicroelectronics STSAFE-A120 Authentication ICs

STMicroelectronics STSAFE-A120 Authentication ICs are highly secure integrated circuits designed to protect sensitive data and devices through advanced cryptographic features and authentication protocols. STSAFE-A120 ICs provide a unique identifier for secure authentication in various applications, including consumables, accessories, connected objects, and wireless chargers (Qi 1.3 and Qi 2.0). These ICs support secure cloud preattachment and connection with services like Azure and AWS, ensuring that devices can securely pair with host processors and establish encrypted communication channels.

With a robust feature set, including support for elliptic curve cryptography (ECC), AES encryption, digital signatures, and data hashing, the STMicroelectronics STSAFE-A120 Authentication ICs safeguard against cloning, unauthorized access, and attacks like side-channel vulnerabilities and fault injections. Its 16KB of non-volatile memory and extensive security certifications (EAL5+) make it ideal for high-security applications in the Internet of Things (IoT), digital power supplies, and secure boot processes. Designed to withstand harsh environmental conditions with an operational temperature range of -40°C to +105°C, the STSAFE-A120 devices ensure long-lasting reliability and security in embedded systems.

FEATURES

•Unique ID

•Authentication for:

Consumables and accessories, anti-cloning

Connected objects, secure connection, and preattachment to clouds (Azure, AWS, and others)

Qi 1.3 and Qi 2.0 wireless chargers

Matter devices

OCP M-CRPS digital power supplies

•Pairing and secure channel with host application processor

•Configurable secure storage

•Usage monitoring with secure counters

•Secure connection establishment with remote host, including transport layer security (TLS 1.2 and TLS 1.3) handshake

•Signature verification service (secure boot and firmware upgrade)

•Secure storage in host nonvolatile memory based on wrapping and unwrapping of local host envelopes

•Data hashing

•Symmetric data encryption or decryption

•On-chip key pair generation

•Hardware

16K-bytes of configurable nonvolatile memory

25 years of data retention at +25°C

500,000 erase/write cycle endurance at +25°C

2.7V to 5.5V continuous supply voltages

-40°C to +105°C operating temperature range

•I2C bus slave interface communication protocol

Up to 400kbps transmission speed (Fast mode)

7-bit addressing

•Package options

ECOPACK-compliant SO8N 8-lead plastic small outline package, 4mm x 5mm

UFDFPN 8-lead ultrathin profile fine pitch dual flat package, 2mm x 3mm

•Cryptography and security

Advanced asymmetric cryptography

5x Elliptic Curve Crytpography (ECC), nonvolatile private key slots + 1x ephemeral ECC key slot

Supported elliptic curves include NIST P-256 P-384, P-521; Brainpool P-256 P-384, P-512; Edwards 25519; and Curve25519

Supported functionalities

Digital signature generation and verification (ECDSA and EdDSA)

Diffie-Hellman shared secret establishment (ECDH)

Advanced symmetric cryptography, 16x slots of symmetric cryptography with AES-128/256 CCM, ECB, GCM, CMAC, and HKDF

AES 128-bit or 256-bit pairing with host-applicative processor

Local wrap/unwrap envelop key, 2x slots of keys with AES 128-bit or AES 256-bit

Data hashing

SHA-2 with SHA-256, SHA-384, SHA-512

SHA-3 with SHA3-256, SHA3-384, SHA3-512

Random number generator with NIST SP 800-90B compliant entropy source

Highly secure MCUs

Unique serial number on each die

CC EAL5+ AVA_VAN.5, and ALC_DVS.2 Common Criteria certified

Active shield

Monitoring of environmental parameters

Protection mechanism against fault injection

Protection against side-channel attacks

APPLICATIONS

•Consumables and accessories

•Internet of Things (IoT) devices

•Digital health

•Smart home products

•Smart city products

•Industrial equipment

•Consumer electronics devices

•Wireless charging