Microchip Technology Inc

Security & Authentication

The Serial SuperFlash® Kit 2 allows evaluation of Microchip's Serial Flash Devices which are made using the SST SuperFlash® technology. The Serial SuperFlash Kit 2 contains three Serial Flash Daughter Boards. The Serial Flash Daughter Board is an evaluation board designed to interface with the mikroBUS™ connector on the Explorer 16/32 Development Board (DM240001-2). It can also interface with the PICtail™ Plus connector located on the Explorer 16 Development Board (DM240001).
The CryptoAuthentication AT88CK590 Demo-evaluation Kit can be used with Crypto Evaluation Studio (ACES) software (Version 5.0.0 or greater) to easily explore the operation and architectures of the ATSHA204A, ATAES132A, and ATECC508A crypto element devices. The kit is a USB dongle with a built-in AVR AT90USB1287 microcontroller, and connects directly to a users PC. It is an excellent way to experiment with the three crypto element devices to learn about how they can be configured to perform symmetric authentication (SHA and AES), asymmetric authentication (ECDSA), key agreement (ECDH), and other cryptographic functions (depending on the particular device).

Complete source code, schematic, Bill of Materials, and Gerber files are available from .

To get started, please download ACES setup software below.

The ACES package is a suite of software tools to configure and demonstrate the CryptoAuthentication Family of devices using various evaluation kits.

ACES was designed to minimize the learning curve for using the CryptoAuthentication Family of devices in your application. The package includes the ACES Configuration Environment (ACES CE) and a comprehensive help system.

The ACES package also includes support for the AT88CK9000 programmer board.

ACES Software:

  Atmel Crypto Evaluation Studio (ACES) Ver 5.0

Security ensured

This clicker 2 is powered by CEC1302, a 32-bit ARM®-Cortex® MCU that integrates a cryptographic engine that provides high level security features. 

The CEC1302 provides support for loading code from the private or shared SPI flash device on a VCC1 power-on. Before executing the CEC1302 code loaded from a SPI Flash Device, the CEC1302 validates the code using a digital signature encoded according to PKCS #1. The signature uses RSA-2048 encryption and SHA-256 hashing. This provides automated detection of invalid code that may be a result of malicious or accidental corruption. It occurs before each boot of the host processor, thereby ensuring a hardware based root of trust not easily thwarted via physical replacement attack.

clicker 2 for CEC1302 (MIKROE-1969), by MikroElektronika, is the big brother of CEC1302 Clicker (MIKROE-1970). Boasting not one, but two mikroBUS host sockets, this starter development kit brings click board connectivity to the 32-bit ARM Cortex-M4 CEC1302 microcontroller, with its integrated cryptographic engine. Connect the desired click board to enhance it with endless features. It's preprogrammed with a fast USB HID bootloader. Use it to upload your firmware and clicker will become a working device. This board features all you need to get started: 32-bit CEC1302 microcontroller, USB connector, two LEDs and push buttons, reset button, mikroProg connector and headers for interfacing with external electronics.

CryptoAuth Xplained Pro evaluation and development kit is an add-on board to the Xplained and XplainedPro evaluation platforms to support the ATSHA204A, ATAES132A, and ATECC508A in embedded design applications. CryptoAuth Xplained Pro has been developed to allow fast system prototyping within the Xplained and XplainedPro evaluation environment. This kit gives engineers, developers, and decision makers a tool to understand the device architecture and its uses for product authentication, confidential file protection, perform two-factor logons, or prevent software piracy. Complete source code for the CryptoAuthentication devices is available in ASF ( Software Framework). Schematics, Gerber files, and a bill of materials are also available.
The AT88CKSCKTSOIC-XPRO is a Microchip XPRO extension kit for Microchip Crypto Authentication devices in an 8-pin SOIC Package. The board attaches to any Microchip Micro-controller board that supports the XPRO interface.  The boards operate with the following Microchip Devices
  • ATECC108A/508A - Ecliptic Curve Security devices with I2C or Single Wire Interface
  • ATSHA204A - Symmetric Security Device with I2C or Single Wire Interface
  • ATAES132A - Secure Memory device with I2C or SPI interfaces
The boards can be used as a learning tool, development tool or for configuring and provisioning devices in limited quantities.
For more information on Microchip Crypto Authentication products please go to the Crypto Authentication Overview.
The AT88CKSCKTUDFN-XPRO is a Microchip XPRO extension kit for Microchip Crypto Authentication devices in an 8-pin UDFN package. The board attaches to any Microchip Micro-controller board that supports the XPRO interface. The boards operate with the following Microchip Devices

ATECC108A/508A - Ecliptic Curve Security devices with I2C or Single Wire Interface
ATSHA204A - Symmetric Security Device with I2C or Single Wire Interface
ATAES132A - Secure Memory device with I2C or SPI interfaces
The boards can be used as a learning tool, development tool or for configuring and provisioning devices in limited quantities.
For more information on Microchip Crypto Authentication products please go to the Crypto Authentication Overview.
CryptoAuthLib is a software support library for the ATSHA204A, ATECC108A and ATECC508A CryptoAuthentication devices written in C. It is a portable, extensible, powerful, and easy-to-use library for working with the ATSHA and ATECC family devices. Example code and application notes for various use cases demonstrate how to use CryptoAuthLib to develop powerful crypto-authentication applications.

KeeLoq 3 Development Kit

Part Number: DM303008

No Longer Available

Please see DM182017-1 (433MHz), DM182017-2 (868MHz), or DM182017-3 (915MHz) or DM182017-4 (433MHz) for new designs.

Please also see the Keeloq Embedded Security page for the latest information.

The low-cost KEELOQ 3 Development Kit is designed to help engineers get up-to-speed quickly on PIC microcontrollers (MCUs). The kit provides everything you need to program, debug, and develop secure authentication applications for a variety of markets such as security systems (keypads, remote sensors, and access control), remote keyless entry (automotive), and authentication (identity and property) applications.

KEELOQ Evaluation Kit II

Part Number: DM303006

No Longer Available
This kit demonstrates the capabilities of the code hopping technology used in security systems such as garage door openers, auto keyless entry, etc. for secure access and/or authentication. It includes a main board and 2 transmitters to demonstrate encoders and decoders. The fully functional kit allows a short learning cycle into the technology.

KEELOQ Transponder Evaluation Kit

Part Number: DM303005

No Longer Available
The Transponder Evaluation Kit allows the user to fully evaluate KEELOQ® Code Hopping Transmitters/Transponders. The HCS410 and HCS412 use the KEELOQ® Code Hopping technology which combines high security transmitter and transponder operation in a small, low-cost package.

With the common use of cards instead of cash, Credit Card Reader (MSR, mag stripe/swipe readers) are an essential part of any POS system. MSRs can read any card with magnetic stripes, including some driver's licenses, gift cards, and other IDs.

Magnetic Card Readers (also known as Magnetic Stripe Readers or MSRs) read data from a 3-track magnetic stripe via a peak detection circuit and process that data for downstream users. After extracting data from the magnetic stripe, it is converted to binary data and formatted for encryption. They feed the swiped information to applications management software and connect through USB, RS-232, or PS/2 connections.

Microchip Magnetic card reader solution reads ISO/IEC-7811 cards (also known as “Frequency/double Frequency” (F2F) encoding standard). The data format encodes 7-bit data on Track1, 5-bit data for Track 2 and 3. Please refer to the features section for an in depth description of the Magnetic card readers capabilities. 

Microchip offers 2 solutions, one using the dsPIC33EP family and the other using the PIC24F family of PIC's

This demo is not for sale, but can be easily created from components listed in the user's guide.

For questions related to this board please contact http://www.microchip.com/support

The Modulo-2 Powered by the Afero Cloud, is an IoT development kit that connects any Microchip microcontroller (MCU) with an XPRO interface to the Afero Modulo-2 IoT reference design board. The kit provides easy and rapid firmware development, connecting IoT applications to the Afero Cloud over the ATWINC3400 Wi-Fi®/Bluetooth® low energy technology combo chip and the ARM® Cortex®-M4 based ATSAMG55 microcontrolller.

The is a true end-to-end IoT security solution. Certificates and provisioning are all managed and taken care of by the Afero Cloud. Credentials are safely stored and protected in the pre-provisioned ATECC508A CryptoAuthentication device and well isolated from the user's application.

After setting up an Afero account, the user onboards the Modulo-2 hardware by scanning the associated QR code via the Afero mobile app, available from the iOS App Store or Google Play Store. It allows the designer to concentrate on the system design and decreases the complexity of security and wireless architectures.

The Modulo-2 can operate either within the socketed environment of the adapter board or, with minimal programming, autonomously. The Afero Modulo-2 board gives you a simple and easy-to-use IoT reference design.

To learn more, check out this Video about building a mouse trap. 

The Microchip Xpander-XPRO is an Xplained-Pro extension kit that allows for passive expansion of an Xplained-Pro Interface.  Each Xpander-XPRO board has one female XPRO connector and three right angle Male XPRO extension headers.  The board allows for connection between one Microchip microcontroller with an XPRO extension ports to up to three XPRO extension kits.   On the backside of the board, modifcation zones have been placed near each extension connector to allow for easy board modifications.

The board allows for extending the number of XPRO extensions on Microcontroller boards with limited XPRO headers.
The PIC32MZ Embedded Connectivity with Floating Point Unit (EF) Family Starter
Kit (DM320007 for non-Crypto development or DM320007-C for Crypto
development) provides a low-cost method for the development and testing of USB
and Ethernet-based applications with PIC32MZ EF family devices.

Ethernet PHY Daughter Boards compatible with PIC32MZ EF Starter Kit are listed below
LAN8720A PHY Daughter Board (AC320004-3)
LAN9303 PHY Switch Daughter Board (AC320004-4)


This starter kit can also be used with Multimedia Expansion Board II
The RN4677 PICtail/PICtail Plus is a Bluetooth Dual Mode development board using the Microchip RN4677 Bluetooth Dual Mode module. The RN4677 module is a Dual mode Bluetooth module that complies with Bluetooth Core Specification 4.0. The RN4677 uses a simple ASCII command interface over the UART. The board enables evaluation of the RN4677 and development of Bluetooth low Energy applications in two different ways:

1) Out of the box:  When plugged into the USB port of a PC, the board will enumerate as a Communication Device Class (CDC) Serial device.  Through a terminal program, users can configure and control the module and transfer data using the easy to use provided command set.

2) As a PICtail/PICtail Plus, the board interfaces to one of hundreds of available PIC Microcontrollers through this  standard Microchip interface.  The PICtail bridges the host MCU UART to the RN4677's UART interface for data transfer or configuration using the straight-forward, easy-to-use ASCII style command set.

 This product is being phased out. 

This reference design kit provides everything you need to get a quick start designing a low-cost yet powerful passive infrared motion detector camera solution, as found in building or home alarm and monitoring systems. The enabling microcontroller isthe SAM4S Cortex-M4 processor-based microcontroller.

Secure AVR BLE IoT Node incorporates ATtiny1617 microcontroller, RN4871 Bluetooth 4.2 Low Energy full certified Module and CryptoAuthentication device ATECC508A and 3-axis accelerometer with temperature sensor to demonstrate a complete solution for a typical IoT end node. The board is powered by USB or CR2032 Coin cell via a jumper.
Supported by Atmel START and Atmel Studio development platform. It is provided with fully documented software and hardware which will significantly reduce design complexity and the time-to-market.
The application is available on both iOS and Android. For the iOS application, AVR BLE Node, it can be downloaded from app store. For the Android application, Secured AVR BLE IoT Node, it can be downloaded from google play.

The SecureIoT1702 Demo board is a Microsoft Azure Certified for IoT device with DICE (Device Identity Composition Engine) hardware support.

The CEC1702 full-featured ARM® Cortex®-MF4-based microcontroller, with a complete hardware cryptography-enabled solution in a single package, is DICE capable.

Contact security_help@microchip.com for more information on Microchip’s DICE enabled products.


 The SecureIoT1702 Demo board is a small form factor evaluation board that can be used for development, evaluation and demos. The SecureIoT1702 Demo board is designed to utilize the processing and the hardware capabilities of the CEC1702 cryptography enabled ARM® Cortex®-M4-based microcontroller. For additional information visit: http://www.microchip.com/CEC1702

The CEC1702 provides a robust hardware cryptography cypher suite for encryption and decryption, authentication and private and public key management in addition to secure boot. Algorithms include AES256, SHA-512, RSA-4096, ECDSA, EC-KCDSA, Ed25519, true random number generator and 2.5K bits of One Time Programmable (OTP) memory.

CEC1702 secure boot provides a HW-based root of trust in IoT applications.  Secure boot allows equipment manufactures to establish a hardware-based root of trust. This is a critical feature for customers concerned about authenticating system-critical commands such as power plants or online server databases. It is also vital for customers that want to protect their brand and revenue stream from the adverse effects of a security breach.

Protecting system integrity has never been more important. Whether it’s being used as a security coprocessor or a standalone microcontroller, the CEC1702 delivers a multi-dimensional defense against attacks, including: 
o Pre-boot authentication of system firmware: Providing an immutable identity and a root of trust to ensure that the firmware is untouched and hasn’t been corrupted
o Firmware update authentication: Verifying that the firmware update has not been corrupted and is from a trusted source
o Authentication of system critical commands: Attesting that any system-critical command is from a known source with authorization to make the given change, preventing potentially devastating actions
o Protection of secrets with encryption: Safeguarding code and data to prevent theft or malicious activities

Click here for the: SecureIoT1702 Demo Board User’s Guide

The term provisioning is often used to refer to the process of configuring and loading security keys and data into crypto elements, such as ATECC508A devices. has made it extremely easy and convenient to provision an ECC-based crypto element during production of the board/product that uses the ATECC508A. provides three simple USB-based kits with supporting software:

  • Root Module Kit (AT88CKECCROOT) This module is used to securely create and store a root key in protected hardware. Each kit contains three USB Root Modules that can be used to create the primary root key and two backups.
  • Signer Module Kit (AT88CKECCSIGNER) This module is used to create signing keys using the root module. It can be used in the customers production platform to sign and load the crypto elements device certificates. Each kit contains three Signer Modules to provide a primary Signer Module and two secure backups.
  • Provisioning Starter Kit (AT88CKECCPROVISION) This module is a provisioning starter kit containing three USB Root Modules and three USB Signer Modules. It takes the place of one AT88CKECCROOT and one AT88CKECCSIGNER Module Kits.

All the steps are simple and spelled out in detail making it easy to seamlessly providing devices at production. provides the embedded system firmware and PC software necessary to implement the steps.

The SmartCard Xplained Pro is intended for use along with the SAM L22 Xplained Pro to demonstrate and prototype Smart Card applications, leveraging the ISO7816 module on the SAM L22 chip.

To support the new Ultimate KeeLoq protocol, we offer the Wireless Security Remote Control Development Kit, which is a demonstration and development platform for wireless security applications. The kit demonstrates two security protocols: Ultimate KeeLoq Protocol and Classic KeeLoq Protocol. It contains a four-button key fob transmitter based on the MCS3142.

Dual KeeLoq Encoder, receiver PICtail™ daughterboard, and Embedded Security Development Board. The software download contains a Graphical User Interface (GUI) to assist with additional development work.

The Microchip Zero Touch Secure Provisioning Kit for AWS IoT helps designers to quickly and securely develop IoT devices that are in compliance with the AWS security regulations. These regulations state that a device must use mutual authentication with a remote server to be authorized on the AWS cloud.

Meanwhile, a robust authentication must also ensure a complete isolation of the system credentials such as private keys from the application core to avoid leaving backdoors opened to software loop holes. In addition, the software is as secure as the user's skillset is in security. Human users and software are one of the easiest targets for a hacker as they are the least reliable elements. Incorporating Microchip pre-configured ATECC508-MAHAW or ATECC508ASSHAW CryptoAuthentication devices into a system is a very secure method to connect to the AWS IoT service. It leaves the whole handling of certificate and private key manipulation to Microchip secure provisioning factories in addition to keeping secret away from software and users. 

The devices are pre-configure but not provisioned out of the box. Start with the upgraded Zero Touch Provisioning Kit for AWS IoT Version B and benefit from the new provisioning scripts (Python based) and AWS IoT account configuration scripts (using Cloudformation).

This version B of the kit comes with an easier onboarding process to generate certificates and provision them into the CryptoAuthentication device using Python scripts. In addition, the user will have access to a CloudFormation script to generate a web UI reflecting the I/O of the kit and utilize it as a foundation to develop virtually any sensor based use cases. In addition to the ATECC508AMAHAW, the kit includes a Cortex-M4 ATSAMG55 and Wi-Fi ATWINC1500 using FreeRTOS and the ATWINC1500 integrated TLS stack.