For order or price inquiry of DS28E25+ Analog Devices Please click on Buy Order button and fill the RFQ form we will check out inventory and offer you our best price.
Quick Access
About
The DS28E25+ from Analog Devices is a high-security authenticator IC designed to provide robust protection against counterfeiting and unauthorized access in embedded systems. Part of the DeepCover® family, it combines FIPS 180-3-compliant SHA-256 authentication with 4Kb of user EEPROM, making it ideal for applications requiring secure data storage and cryptographic verification. Its 1-Wire® interface simplifies system integration by reducing wiring complexity to a single data line, while its industrial temperature range (-40°C to +85°C) ensures reliability in harsh environments.
At the heart of the DS28E25+ is a hardware-accelerated SHA-256 engine, which enables secure challenge-response authentication to verify the legitimacy of connected devices or consumables. The IC includes a factory-programmed 64-bit ROM ID, ensuring each unit is uniquely identifiable and resistant to cloning. Additionally, its 4Kb (512-byte) EEPROM is organized into 16 pages, allowing flexible storage of user data, encryption keys, or system parameters. With ±8kV ESD protection, the device offers robust resistance to electrostatic discharge, enhancing durability in real-world applications.
The DS28E25+ is particularly well-suited for anti-counterfeiting and secure authentication in industries such as printer consumables, medical devices, and IoT hardware. For example, it can authenticate printer cartridges, preventing the use of unauthorized third-party supplies. Its tamper-resistant design and secure key storage make it a reliable solution for protecting intellectual property and ensuring system integrity. The IC’s low power consumption and support for parasitic power (drawing energy directly from the data line) further expand its usability in battery-operated or space-constrained designs.
Available in a compact TO-92-2 through-hole package or a TDFN-2 (3x3mm) surface-mount option, the DS28E25+ provides flexibility for different PCB layouts. The EEPROM supports 100,000 write cycles and offers 50-year data retention, ensuring long-term reliability.
In summary, the DS28E25+ delivers a powerful combination of security, simplicity, and durability, making it a go-to solution for applications requiring trusted authentication. Its 1-Wire interface, hardware-based encryption, and robust EEPROM make it a versatile choice for designers tackling counterfeiting, secure access, or data integrity challenges. For detailed implementation guidance, Analog Devices provides comprehensive datasheets and application notes, helping engineers integrate the IC seamlessly into their systems.
Key Features
- FIPS 180-3 compliant SHA-256 authentication
- 4Kb (512-byte) user EEPROM (16 pages × 32 bytes)
- 64-bit factory-programmed ROM ID (unique per device)
- 1-Wire® interface (single-contact communication)
- Hardware-accelerated SHA-256 engine
- Challenge-response authentication protocol
- ±8kV HBM ESD protection (data line)
- 2.97V to 3.63V operating voltage range
- Parasitic power support (via 1-Wire bus)
- -40°C to +85°C operating temperature range
- 100,000 EEPROM write cycles (minimum)
- 50-year EEPROM data retention (at 85°C)
- Two package options: TO-92-2 (through-hole) and TDFN-2 (3x3mm surface-mount)
- Protected secret storage (256-bit secure key)
- Read/write access control (password-protected EEPROM pages)
Applications
1. Authentication of Network-Attached Appliances
- Secures IoT devices, routers, and networked hardware by verifying firmware integrity and preventing unauthorized access.
- Ensures only genuine peripherals (e.g., storage drives, sensors) can connect to a host system.
2. Printer Cartridge ID/Authentication
- Prevents counterfeit ink/toner cartridges by authenticating OEM supplies.
- Uses SHA-256 challenge-response to validate cartridge legitimacy.
3. Reference Design License Management
- Enables secure licensing for FPGA, ASIC, or firmware designs.
- Restricts unauthorized replication of proprietary hardware/software.
4. System Intellectual Property (IP) Protection
- Safeguards firmware, calibration data, or proprietary algorithms in embedded systems.
- EEPROM stores encrypted keys to lock/unlock features.
5. Secure Feature Setting for Configurable Systems
- Controls premium features in industrial/consumer devices (e.g., enabling paid upgrades).
- Irreversible EEPROM protection modes prevent tampering.
6. Sensor/Accessory Authentication and Calibration
- Validates medical sensors, industrial probes, or automotive modules.
- Stores calibration data securely in EEPROM.
7. Key Generation and Exchange for Cryptographic Systems
- Generates and stores symmetric keys for encrypted communications.
- Supports FIPS 180-3-compliant SHA-256 MACs.
8. Secure Drug Delivery Systems
- Authenticates disposable medical components (e.g., insulin pens) to ensure patient safety.
9. Consumer Electronics Anti-Counterfeiting
- Verifies authenticity of high-value goods (e.g., smart home devices, wearables).
- Uses unique ROM IDs to track genuine products.
10. Automotive Component Authentication
- Secures ECUs, tire pressure sensors, and aftermarket parts.
- Operates in industrial temperature ranges (-40°C to +85°C).
11. Industrial Control System Security
- Protects PLCs, HMIs, and robotics from firmware tampering.
- Bidirectional authentication ensures only trusted hosts can update settings.
12. Smart Metering and Energy Grid Security
- Authenticates smart meters to prevent tampering with usage data.
- EEPROM stores encrypted utility keys.
13. Secure Boot and Firmware Validation
- Ensures only signed firmware runs on embedded devices.
- SHA-256 checks firmware integrity during boot.
14. Gaming and Vending Machine Monetization
- Authenticates consumables (e.g., casino chips, vending cartridges).
- Prevents revenue loss from cloned accessories.
15. Aerospace and Defense Component Tracking
- Tracks genuine parts in avionics/military hardware.
- Tamper-proof EEPROM logs maintenance history.
Key Advantages for These Applications
- 1-Wire Interface: Reduces wiring complexity (single GPIO needed).
- 4Kb EEPROM: Stores keys, logs, or configuration data securely.
- ±8kV ESD Protection: Resilient in harsh environments.
Advantages
- Enhanced Anti-Counterfeiting Protection
- Provides robust security against cloning and tampering, ensuring only genuine components are used in systems.
- Simplified System Integration
- The 1-Wire interface reduces wiring complexity, requiring only a single GPIO pin for communication.
- Cost-Effective Security Solution
- Eliminates the need for additional cryptographic components, reducing overall system costs.
- High Reliability in Harsh Environments
- Operates reliably across industrial temperature ranges (-40°C to +85°C), making it suitable for demanding applications.
- Long-Term Data Integrity
- Guarantees secure storage of critical data with 50-year retention and 100,000 write cycles.
- Strong Resistance to ESD Damage
- ±8kV ESD protection ensures durability in real-world handling and operation.
- Flexible Power Options
- Supports both standard and parasitic power modes, enabling use in low-power or space-constrained designs.
- Hardware-Based Security
- Dedicated SHA-256 engine accelerates cryptographic operations without taxing the host processor.
- Scalable for Mass Production
- Unique ROM IDs allow seamless tracking and authentication in large-scale deployments.
- Versatile Authentication Capabilities
- Enables secure host-to-peripheral authentication, preventing unauthorized system access.
- Compact Form Factor
- Available in small through-hole and surface-mount packages, saving PCB space.
- Proven Cryptographic Compliance
- FIPS 180-3 validation ensures adherence to recognized security standards.
- Secure Feature Activation
- Allows manufacturers to implement pay-per-use or upgradeable features with anti-tamper protection.
- Broad Industry Adoption
- Trusted in medical, automotive, and IoT applications due to Analog Devices’ reputation for robust security ICs.
- Minimal Firmware Overhead
- Offloads authentication tasks from the main MCU, simplifying software development.
- Future-Proof Design
- SHA-256 algorithm provides strong security against evolving threats.
- Plug-and-Play Compatibility
- Works seamlessly with existing 1-Wire ecosystems, reducing development time.
- Secure Supply Chain Management
- Helps OEMs track and validate components throughout the product lifecycle.
- Low Power Consumption
- Ideal for battery-operated devices without compromising security.
- Tamper-Evident Operation
- Detects and responds to unauthorized access attempts, protecting sensitive data.
Specifications
Category | Verified Specification |
---|---|
Manufacturer | Analog Devices Inc. (formerly Maxim Integrated) |
Manufacturer Part No. | DS28E25+ (Note: “+” indicates lead-free/RoHS-compliant version) |
Product Category | Secure Authenticator ICs |
Product Type | DeepCover® Secure Authenticator (SHA-256) |
Series | DS28E25 (Family includes DS28E22/23/25) |
Description | 1-Wire SHA-256 Authenticator with 4Kb (512-byte) EEPROM, Secure Key Storage |
Key Features | – FIPS 180-3 SHA-256 – 64-bit ROM ID (Unique) – ±8kV HBM ESD – TDFN/TO-92 Packaging |
Supply Voltage | 2.97V to 3.63V (3.3V nominal, 1-Wire parasitic power supported) |
Operating Temperature | -40°C to +85°C (Industrial) |
Interface | 1-Wire® (Single GPIO communication) |
Data Rate | Standard: 15.4 kbps Overdrive: 76.9 kbps |
Memory | – 4Kb EEPROM (16 pages × 256 bits) – 256-bit secure key storage |
Security | – Hardware SHA-256 – Challenge-Response Auth – Anti-tamper |
Packaging | TO-92-2 (2-pin) or TDFN-2 (3x3mm) also available |
Applications | – Consumables Auth (Printer cartridges) – IoT Security – Medical Devices |
Compliance | – RoHS Compliant – AEC-Q100 (Automotive grade not listed for DS28E25+) |
ESD Protection | ±8kV HBM (Data line only) |
EEPROM Endurance | 100,000 write cycles (Typical) |
Data Retention | 50 years (Minimum at 85°C) |
Comparison with Similar Components
1. Cryptographic Engine & Security
Component | DS28E25+ | ATECC608A (Microchip) | A1006 (Maxim Integrated) | STSAFE-A110 (STMicro) |
---|---|---|---|---|
Algorithm | SHA-256 (FIPS 180-3) | ECC P-256 (NIST) | SHA-256 | ECC P-256 + AES-128 |
Key Storage | 256-bit secret | 16+ key slots | 256-bit secret | 16+ key slots |
Tamper Detection | Limited (EEPROM lock) | Active shield + monotonic counters | EEPROM lock | Active shield + environmental sensors |
Authentication | Challenge-response | ECDSA signatures | Challenge-response | Mutual authentication |
Key Insight:
- The ATECC608A and STSAFE-A110 offer elliptic-curve cryptography (ECC), which is stronger than SHA-256 for key exchange but requires more complex host-side handling.
- The DS28E25+ and A1006 are simpler for SHA-256-based systems but lack ECC’s forward secrecy.
2. Memory & Flexibility
Component | User Memory | Secure Storage | Write Endurance | OTP/One-Time Programmable |
---|---|---|---|---|
DS28E25+ | 4Kb EEPROM | 256-bit key | 100k cycles | No |
ATECC608A | 10Kb configurable | 16+ keys | 50k cycles | Yes (limited slots) |
A1006 | 4Kb EEPROM | 256-bit key | 100k cycles | No |
STSAFE-A110 | 8Kb configurable | 16+ keys | 200k cycles | Yes |
Key Insight:
- STSAFE-A110 leads in endurance and configurability but is overkill for simple authentication.
- DS28E25+ and A1006 are nearly identical in memory but lack OTP features for irreversible locking.
3. Interface & Integration
Component | Interface | Data Rate | Power Mode | Package Options |
---|---|---|---|---|
DS28E25+ | 1-Wire | 76.9 kbps (max) | Parasitic/3.3V | TO-92, TDFN-2 |
ATECC608A | I2C, SPI | 1 MHz (I2C) | 2.0V–5.5V | SOIC-8, UDFN-8 |
A1006 | 1-Wire | 76.9 kbps (max) | Parasitic/3.3V | TDFN-6 |
STSAFE-A110 | I2C | 1 MHz | 1.8V–5.5V | SOIC-8, UFQFPN-28 |
Key Insight:
- 1-Wire devices (DS28E25+, A1006) excel in low-pin-count designs but are slower than I2C/SPI alternatives.
- ATECC608A and STSAFE-A110 support wider voltage ranges, aiding battery-powered designs.
4. Target Applications
Component | Best For | Overkill For | Limitations |
---|---|---|---|
DS28E25+ | Printer cartridges, consumables | High-security PKI systems | No ECC, limited key storage |
ATECC608A | IoT, PKI, secure boot | Simple clone prevention | Complex for SHA-256-only needs |
A1006 | Legacy SHA-256 systems | New designs requiring ECC | Nearly identical to DS28E25+ |
STSAFE-A110 | Automotive, medical | Cost-sensitive projects | Larger footprint, higher power |
Key Insight:
- The DS28E25+ is ideal for cost-sensitive, legacy-compatible systems (e.g., printer cartridges).
- ATECC608A/STSAFE-A110 dominate in PKI, mutual authentication, and high-end IoT.
Summary of Secure Authenticator IC Comparisons
The DS28E25+ (Analog Devices) is a cost-effective, SHA-256-based authenticator best suited for simple anti-counterfeiting and legacy systems, thanks to its 1-Wire interface, 4Kb EEPROM, and robust challenge-response security. It excels in applications like printer cartridges, consumables, and basic IoT authentication, where ease of integration and low pin count are critical.
Competitors like the ATECC608A (Microchip) and STSAFE-A110 (STMicro) offer stronger elliptic-curve cryptography (ECC), higher memory flexibility, and advanced tamper detection, making them better for PKI, secure boot, and mutual authentication in high-security IoT, automotive, and medical systems. The A1006 (Maxim Integrated) is nearly identical to the DS28E25+ in functionality, serving as a drop-in alternative for existing designs.
Key Takeaways:
- For SHA-256 simplicity → DS28E25+ (best balance of cost and performance).
- For ECC/PKI security → ATECC608A or STSAFE-A110 (stronger crypto, more features).
- For legacy 1-Wire systems → DS28E25+ or A1006 (interchangeable in most cases).
Choose based on security requirements, interface needs, and system complexity. The DS28E25+ remains the go-to for basic authentication, while ECC-based ICs are superior for future-proof, high-assurance systems.
Frequently Asked Questions (FAQs)
General & Overview
- What is the DS28E25+?
- A SHA-256-based secure authenticator IC with 4Kb EEPROM, designed for anti-counterfeiting and authentication.
- Who manufactures the DS28E25+?
- Analog Devices (formerly Maxim Integrated).
- What is DeepCover?
- Analog Devices’ security platform for hardware-protected cryptographic solutions.
- Is the DS28E25+ RoHS compliant?
- Yes, the “+” suffix indicates lead-free/RoHS compliance.
- What is the operating temperature range?
- -40°C to +85°C (industrial grade).
Features & Specifications
- What cryptographic algorithm does it use?
- FIPS 180-3 compliant SHA-256.
- How much user EEPROM does it have?
- 4Kb (512 bytes), organized into 16 pages of 32 bytes each.
- Does it support unique IDs?
- Yes, each IC has a factory-programmed 64-bit ROM ID.
- What is the ESD protection rating?
- ±8kV HBM (Human Body Model) on the data line.
- What is the write endurance of the EEPROM?
- 100,000 cycles minimum.
- How long does the EEPROM retain data?
- 50 years minimum at 85°C.
- What power supply voltage does it need?
- 2.97V to 3.63V (3.3V nominal).
- Does it support parasitic power?
- Yes, it can draw power from the 1-Wire bus.
Interface & Communication
- What communication interface does it use?
- 1-Wire® (single-wire protocol).
- What is the maximum data rate?
- 76.9 kbps in overdrive mode; 15.4 kbps standard.
- Can it work with microcontrollers without 1-Wire support?
- Yes, but a GPIO + software bit-banging driver is needed.
- Does it support I2C or SPI?
- No, it is 1-Wire only.
- How many pins does it have?
- 2 pins (data and GND) in the TO-92 package.
Security & Authentication
- How does authentication work?
- Uses challenge-response with SHA-256 MAC (Message Authentication Code).
- Can it store secret keys securely?
- Yes, it has 256-bit protected storage for keys.
- Is the key readable?
- No, keys are never exposed—only used for MAC generation.
- Does it support anti-tamper features?
- Limited to EEPROM write protection; no active tamper detection.
- Is it FIPS 140-2 certified?
- No, but it uses FIPS 180-3 compliant SHA-256.
- Can it be used for secure boot?
- Yes, but only for simple systems (no PKI support).
Applications & Use Cases
- What are typical applications?
- Printer cartridges, medical devices, IoT security, and consumables.
- Can it prevent counterfeit printer ink cartridges?
- Yes, it’s widely used for this purpose.
- Is it suitable for automotive systems?
- Yes, but only for non-safety applications (no AEC-Q100 rating).
- Can it authenticate network devices?
- Yes, for simple host-peripheral authentication.
- Does it support secure firmware updates?
- Indirectly (can validate firmware via SHA-256 hashes).
- Can it be used in battery-powered devices?
- Yes, parasitic power mode helps reduce energy use.
Design & Integration
- What packages are available?
- TO-92-2 (through-hole) and TDFN-2 (3x3mm, surface-mount).
- Is an evaluation board available?
- Yes, Analog Devices offers the DS28E25EVKIT.
- How to connect it to a microcontroller?
- One GPIO pin for 1-Wire communication + pull-up resistor (~2.2kΩ).
- Does it need external components?
- Only a pull-up resistor for the 1-Wire bus.
- Can multiple DS28E25+ devices share a bus?
- Yes, 1-Wire supports multi-device networks.
- How to prevent bus conflicts?
- Use the 64-bit ROM ID for device addressing.
Programming & Configuration
- How is the EEPROM programmed?
- Via 1-Wire commands (host MCU or PC adapter).
- Can the EEPROM be locked?
- Yes, pages can be write-protected permanently.
- Is there a software library for integration?
- Yes, Analog Devices provides example code for common MCUs.
- Can it generate cryptographic keys?
- No, keys must be injected securely during manufacturing.
- Does it support OTP (One-Time Programmable) modes?
- No, but EEPROM pages can be permanently locked.
Alternatives & Comparisons
- How does it compare to the ATECC608A?
- DS28E25+ uses SHA-256, while ATECC608A uses ECC-P256 (stronger crypto).
- Is the A1006 a direct replacement?
- Nearly identical, but check pinout compatibility.
- When to choose DS28E25+ over STSAFE-A110?
- For simpler, cost-driven designs (STSAFE-A110 has ECC + AES).
- What’s the main advantage over software-only SHA-256?
- Hardware-based security prevents key extraction.
- Can it replace a TPM (Trusted Platform Module)?
- No, it lacks advanced TPM features (secure boot, PKI).
- Is it obsolete?
- No, but newer ECC-based authenticators (e.g., ATECC608A) are more future-proof.
Datasheet
DS28E25+ Analog Devices datasheet
Contact us for More Information
Contact us for more information and stock inventory inquiry of DS28E25+ Analog Devices.
China Email : info@tg-microchip.com
Hong Kong Email : hk@tg-microchip.com
Russia Email : russia@tg-microchip.com