Microchip Technology Inc

Security & Authentication

The Serial SuperFlash® Kit 2 allows evaluation of Microchip's Serial Flash Devices which are made using the SST SuperFlash® technology. The Serial SuperFlash Kit 2 contains three Serial Flash Daughter Boards. The Serial Flash Daughter Board is an evaluation board designed to interface with the mikroBUS™ connector on the Explorer 16/32 Development Board (DM240001-2). It can also interface with the PICtail™ Plus connector located on the Explorer 16 Development Board (DM240001).

A development tool for applications that protect confidential files, encrypt downloads, perform two-factor logons, authenticate products, and prevent software piracy. The starter kit includes an AVR baseboard (ATMicrobase) with a USB interface that lets designers learn and experiment on their PCs.

For the Xplained Pro (XPRO) series, the kit includes a daughterboard that interfaces to the AVR baseboard via a 10-pin or 20-pin header. The daughterboard configuration can be ordered with the 8-pin UDFN socket (MAH), the 8-pin SOIC socket (SSH), or the 3-lead SOT23 socket (TSU) which can support an CryptoAuthentication ATSHA204A, ATECC508A, or ATAES132A device (TSU not available for ATAES132A device).

The CryptoAuthentication Evaluation Studio (ACES), which can be used with this kit includes a configuration environment that allows the ability to configure, demonstrate, and personalize the CryptoAuthentication device. Software developed on the PC can serve as the base for code to be ported to an embedded microcontroller. Source code can be edited to integrate with ARM or other platforms.

This kit uses a modular approach, enabling the daughterboard to connect directly to a STK series AVR development platform to easily add security to applications. An optional adapter kit is available when the 10-pin header on the daughterboard requires a different pinout.

Note: The AT88CK101SK-RBH is a 3-lead contact socket and does not have the 20 pin XPRO header. No ATAES132A packages are available.

Latest Firmware: 

  • CK101_Firmware_v2.3.2   -  For use with ACES 6.0+ (V2.3.0 or higher is required for ATECC608A Support)
    SHA256: 2C0BB12321C8537147BCBA131BC1778DDB8B568B37B58BE0E91C1EFF8222B045
  • CK101_Firmware_v2.2.0   -  For use with ACES 5.0
    SHA256: E4B8D7CE120D4028047947B0FDFC76FE7DFBE8BE88A63E41075327BBE59BD7E1

 

The CryptoAuthentication AT88CK590 Demo-evaluation Kit can be used with Crypto Evaluation Studio (ACES) software (Version 5.0.0 or greater) to easily explore the operation and architectures of the ATSHA204A, ATAES132A, and ATECC508A crypto element devices. The kit is a USB dongle with a built-in AVR AT90USB1287 microcontroller, and connects directly to a users PC. It is an excellent way to experiment with the three crypto element devices to learn about how they can be configured to perform symmetric authentication (SHA and AES), asymmetric authentication (ECDSA), key agreement (ECDH), and other cryptographic functions (depending on the particular device).

Complete source code, schematic, Bill of Materials, and Gerber files are available from .

To get started, please download ACES setup software below.

The ACES package is a suite of software tools to configure and demonstrate the CryptoAuthentication Family of devices using various evaluation kits.

ACES was designed to minimize the learning curve for using the CryptoAuthentication Family of devices in your application. The package includes the ACES Configuration Environment (ACES CE) and a comprehensive help system.

The ACES package also includes support for the AT88CK9000 programmer board.

ACES Software:

  • ACES Ver6.0.2 - (Provides support for ATECC608A)
    SHA256: DEBF1607748C4CAE71FBC7CBBF652B34133AB7812BEBE75BAF1BD8239EA3BACA
  • ACES Ver5.0
    SHA256: 2E34F1B728CDBC47B497E69E9F6A5AAF33035A97DA5F868A847A3EFFBB41A16A

  ​

The CMES package is a suite of software tools to configure and demonstrate the CryptoMemory and the CryptoRF devices using the AT88SC-ADK2 or the AT88CK201STK kits.

CMES was designed to minimize the learning curve for using CryptoMemory and CryptoRF devices. The package includes the Configuration Environment (CE), the Laundry Demo, and the Lock Demo.

CryptoMemory Evaluation Studio Software 

Security ensured

This clicker 2 is powered by CEC1302, a 32-bit ARM®-Cortex® MCU that integrates a cryptographic engine that provides high level security features. 


The CEC1302 provides support for loading code from the private or shared SPI flash device on a VCC1 power-on. Before executing the CEC1302 code loaded from a SPI Flash Device, the CEC1302 validates the code using a digital signature encoded according to PKCS #1. The signature uses RSA-2048 encryption and SHA-256 hashing. This provides automated detection of invalid code that may be a result of malicious or accidental corruption. It occurs before each boot of the host processor, thereby ensuring a hardware based root of trust not easily thwarted via physical replacement attack.

clicker 2 for CEC1302 (MIKROE-1969), by MikroElektronika, is the big brother of CEC1302 Clicker (MIKROE-1970). Boasting not one, but two mikroBUS host sockets, this starter development kit brings click board connectivity to the 32-bit ARM Cortex-M4 CEC1302 microcontroller, with its integrated cryptographic engine. Connect the desired click board to enhance it with endless features. It's preprogrammed with a fast USB HID bootloader. Use it to upload your firmware and clicker will become a working device. This board features all you need to get started: 32-bit CEC1302 microcontroller, USB connector, two LEDs and push buttons, reset button, mikroProg connector and headers for interfacing with external electronics.



CryptoAuth Xplained Pro evaluation and development kit is an add-on board to the Xplained and XplainedPro evaluation platforms to support the ATSHA204A, ATAES132A, and ATECC508A in embedded design applications. CryptoAuth Xplained Pro has been developed to allow fast system prototyping within the Xplained and XplainedPro evaluation environment. This kit gives engineers, developers, and decision makers a tool to understand the device architecture and its uses for product authentication, confidential file protection, perform two-factor logons, or prevent software piracy. Complete source code for the CryptoAuthentication devices is available in ASF ( Software Framework). Schematics, Gerber files, and a bill of materials are also available.

CryptoAuth XPRO-B evaluation and development kit is an add-on board to the XplainedPro evaluation platforms to support the ATSHA204A, ATAES132A, ATECC508A and  ATECC608A in embedded design applications. CryptoAuth XPRO-B Pro has been developed to allow fast system prototyping within the Xplained and XplainedPro evaluation environment. This kit gives engineers, developers, and decision makers a tool to understand the device architecture and its uses for product authentication, confidential file protection, perform two-factor logons, or prevent software piracy. Complete source code for the CryptoAuthentication devices is available in ASF ( Software Framework). Schematics, Gerber files, and a bill of materials are also available.

 

ATAES132A CryptoAuthentication? development library source code with clear separation between library core functionality and communication interface. This separation permits portability across different hardware platforms where all the user has to do is re-implement the interface to match their specific hardware platform. Support of the standard I2C and SPI interfaces means interface re-implementation may be as easy as swapping the respective interface with an existing driver on one's platform. The library comes with examples that implement the interface on the AVR® microcontroller hardware platform.

 Software Library:

  • CryptoAuthentication ATAES132A Development Library  V2.1.1
    SHA256: E7D9B0DA7DC740CD664EE999CD59937AC5CDCDA5288CBD82FC696F1F413F264B
The AT88CKSCKTSOIC-XPRO is a Microchip XPRO extension kit for Microchip Crypto Authentication devices in an 8-pin SOIC Package. The board attaches to any Microchip Micro-controller board that supports the XPRO interface.  The boards operate with the following Microchip Devices
  • ATECC108A/508A - Ecliptic Curve Security devices with I2C or Single Wire Interface
  • ATSHA204A - Symmetric Security Device with I2C or Single Wire Interface
  • ATAES132A - Secure Memory device with I2C or SPI interfaces
The boards can be used as a learning tool, development tool or for configuring and provisioning devices in limited quantities.
For more information on Microchip Crypto Authentication products please go to the Crypto Authentication Overview.
The AT88CKSCKTUDFN-XPRO is a Microchip XPRO extension kit for Microchip Crypto Authentication devices in an 8-pin UDFN package. The board attaches to any Microchip Micro-controller board that supports the XPRO interface. The boards operate with the following Microchip Devices

ATECC108A/508A - Ecliptic Curve Security devices with I2C or Single Wire Interface
ATSHA204A - Symmetric Security Device with I2C or Single Wire Interface
ATAES132A - Secure Memory device with I2C or SPI interfaces
The boards can be used as a learning tool, development tool or for configuring and provisioning devices in limited quantities.
For more information on Microchip Crypto Authentication products please go to the Crypto Authentication Overview.
CryptoAuthLib is a software support library for the ATSHA204A, ATECC108A and ATECC508A CryptoAuthentication devices written in C. It is a portable, extensible, powerful, and easy-to-use library for working with the ATSHA and ATECC family devices. Example code and application notes for various use cases demonstrate how to use CryptoAuthLib to develop powerful crypto-authentication applications.
CryptoMemory development libraries are provided free of charge by . They implement all the communications required to use CryptoMemory devices. The libraries come in binary object form and present APIs that encapsulate the functions of the CryptoMemory device.
The kit adds secure HF RFID capabilities to prevent counterfeiting of medical and consumable products; track and record ownership, access control, and loyalty; and to conveniently store configuration and other sensitive data. The included pluggable CryptoRF reader board contains the necessary circuitry and antenna to communicate with any HF RFID transponder compliant with the ISO 14443 type B standard. The kit's reference design makes it possible to include HF RFID capability in spaces smaller and more confined than previously possible. Measuring only 31.9mm by 24.8mm for reader circuitry or only or 72.2mm by 24.8mm with the reference antenna, it targets space-constrained applications such as portable and handheld devices. Used with CryptoRF, gadgets like game consoles and appliances like medical robotic handles can securely pair with cartridges and surgical heads, confidentially sharing history and configuration information wirelessly. The kit is designed for a wide variety of applications that operate in harsh environments (wet, dry, frost, mechanical vibrations, etc.) without suffering dirty or worn contacts. The core of the open-standards HF RFID reference design features the AT88RF1354 HF RFID reader IC, which supports ISO 14443 type B open standards for 13.56MHz RFID communications. The reader IC interoperates with any compliant HF RFID transponder, including the CryptoRF.
Development libraries for a variety of microcontrollers. Each library provides a well-documented, high-level API to facilitate CryptoRF application development and deployment. Developers only need to implement the source level interface to match their specific platform. Please contact securerf@atmel.com to inquire about your specific library requirements.

KeeLoq 3 Development Kit

Part Number: DM303008

No Longer Available
NOT RECOMMENDED FOR NEW DESIGNS

Please see DM182017-1 (433MHz), DM182017-2 (868MHz), or DM182017-3 (915MHz) or DM182017-4 (433MHz) for new designs.

Please also see the Keeloq Embedded Security page for the latest information.

The low-cost KEELOQ 3 Development Kit is designed to help engineers get up-to-speed quickly on PIC microcontrollers (MCUs). The kit provides everything you need to program, debug, and develop secure authentication applications for a variety of markets such as security systems (keypads, remote sensors, and access control), remote keyless entry (automotive), and authentication (identity and property) applications.

KEELOQ Evaluation Kit II

Part Number: DM303006

No Longer Available
This kit demonstrates the capabilities of the code hopping technology used in security systems such as garage door openers, auto keyless entry, etc. for secure access and/or authentication. It includes a main board and 2 transmitters to demonstrate encoders and decoders. The fully functional kit allows a short learning cycle into the technology.

KEELOQ Transponder Evaluation Kit

Part Number: DM303005

No Longer Available
The Transponder Evaluation Kit allows the user to fully evaluate KEELOQ® Code Hopping Transmitters/Transponders. The HCS410 and HCS412 use the KEELOQ® Code Hopping technology which combines high security transmitter and transponder operation in a small, low-cost package.

With the common use of cards instead of cash, Credit Card Reader (MSR, mag stripe/swipe readers) are an essential part of any POS system. MSRs can read any card with magnetic stripes, including some driver's licenses, gift cards, and other IDs.

Magnetic Card Readers (also known as Magnetic Stripe Readers or MSRs) read data from a 3-track magnetic stripe via a peak detection circuit and process that data for downstream users. After extracting data from the magnetic stripe, it is converted to binary data and formatted for encryption. They feed the swiped information to applications management software and connect through USB, RS-232, or PS/2 connections.

Microchip Magnetic card reader solution reads ISO/IEC-7811 cards (also known as “Frequency/double Frequency” (F2F) encoding standard). The data format encodes 7-bit data on Track1, 5-bit data for Track 2 and 3. Please refer to the features section for an in depth description of the Magnetic card readers capabilities. 

Microchip offers 2 solutions, one using the dsPIC33EP family and the other using the PIC24F family of PIC's

This demo is not for sale, but can be easily created from components listed in the user's guide.

For questions related to this board please contact http://www.microchip.com/support

Due to lack of better alternatives, TLS implementations have historically stored private keys and authentication credentials in software where they are more vulnerable to attack. In addition, the mathematics used for authentication and asymmetric key agreement were also done in software which is less feasible in small IoT devices that have limited code space and processing power.

The Hardware-TLS platform provides an interface between software TLS packages and the ATECC508A cryptographic co-processor. wolfSSL and OpenSSL implementations can now utilize hardware-based secure storage for private keys and authentication data and also allow resource-constrained IoT nodes to implement full elliptic curve authentication and Diffie-Hellman key agreement and session key derivation. With HW-TLS, TLS communications links can have hardened security even out to the smallest IoT edge node.


    
Device                                        Description
ATECC508A-wolfSSL               ATECC508A crypto element hardened wolfSSL with private key protected storage and secure execution environments.

                                                   Download from wolfSSL: https://wolfssl.com/wolfSSL/Home.html

ATECC508A-OpenSSL              ATECC508A crypto element hardened OpenSSL with private key protected storage and secure execution environments.

                                                    Download from OpenSSL: https://wiki.openssl.org/index.php/Binaries
                                                    Download from GitHub: https://github.com/CSO/cryptoauth-openssl-engine

The Modulo-2 Powered by the Afero Cloud, is an IoT development kit that connects any Microchip microcontroller (MCU) with an XPRO interface to the Afero Modulo-2 IoT reference design board. The kit provides easy and rapid firmware development, connecting IoT applications to the Afero Cloud over the ATWINC3400 Wi-Fi®/Bluetooth® low energy technology combo chip and the ARM® Cortex®-M4 based ATSAMG55 microcontrolller.

The is a true end-to-end IoT security solution. Certificates and provisioning are all managed and taken care of by the Afero Cloud. Credentials are safely stored and protected in the pre-provisioned ATECC508A CryptoAuthentication device and well isolated from the user's application.

After setting up an Afero account, the user onboards the Modulo-2 hardware by scanning the associated QR code via the Afero mobile app, available from the iOS App Store or Google Play Store. It allows the designer to concentrate on the system design and decreases the complexity of security and wireless architectures.

The Modulo-2 can operate either within the socketed environment of the adapter board or, with minimal programming, autonomously. The Afero Modulo-2 board gives you a simple and easy-to-use IoT reference design.

To learn more, check out this Video about building a mouse trap. 

The Microchip Xpander-XPRO is an Xplained-Pro extension kit that allows for passive expansion of an Xplained-Pro Interface.  Each Xpander-XPRO board has one female XPRO connector and three right angle Male XPRO extension headers.  The board allows for connection between one Microchip microcontroller with an XPRO extension ports to up to three XPRO extension kits.   On the backside of the board, modifcation zones have been placed near each extension connector to allow for easy board modifications.

The board allows for extending the number of XPRO extensions on Microcontroller boards with limited XPRO headers.
The PIC32MZ Embedded Connectivity with Floating Point Unit (EF) Family Starter
Kit (DM320007 for non-Crypto development or DM320007-C for Crypto
development) provides a low-cost method for the development and testing of USB
and Ethernet-based applications with PIC32MZ EF family devices.

Ethernet PHY Daughter Boards compatible with PIC32MZ EF Starter Kit are listed below
LAN8720A PHY Daughter Board (AC320004-3)
LAN9303 PHY Switch Daughter Board (AC320004-4)

FOR DEMONSTRATION SOFTWARE and Board Support Packages, PLEASE VISIT MPLAB HARMONY SOFTWARE FRAMEWORK

This starter kit can also be used with Multimedia Expansion Board II
The RN4677 PICtail/PICtail Plus is a Bluetooth Dual Mode development board using the Microchip RN4677 Bluetooth Dual Mode module. The RN4677 module is a Dual mode Bluetooth module that complies with Bluetooth Core Specification 4.0. The RN4677 uses a simple ASCII command interface over the UART. The board enables evaluation of the RN4677 and development of Bluetooth low Energy applications in two different ways:

1) Out of the box:  When plugged into the USB port of a PC, the board will enumerate as a Communication Device Class (CDC) Serial device.  Through a terminal program, users can configure and control the module and transfer data using the easy to use provided command set.

2) As a PICtail/PICtail Plus, the board interfaces to one of hundreds of available PIC Microcontrollers through this  standard Microchip interface.  The PICtail bridges the host MCU UART to the RN4677's UART interface for data transfer or configuration using the straight-forward, easy-to-use ASCII style command set.

 This product is being phased out. 

This reference design kit provides everything you need to get a quick start designing a low-cost yet powerful passive infrared motion detector camera solution, as found in building or home alarm and monitoring systems. The enabling microcontroller isthe SAM4S Cortex-M4 processor-based microcontroller.

The Secure AVR® BLE IoT Node incorporates an ATtiny1617 microcontroller, a fully-certified RN4871 Bluetooth® 4.2 Low Energy module, an ATECC508A CryptoAuthentication device and a 3-axis accelerometer with temperature sensor to demonstrate a complete solution for a typical IoT end node. The board is powered by USB or CR2032 coin cell via a jumper.

It is supported by Atmel START and Atmel Studio Integrated Development Platform (IDE) and comes with full documentation for the  software and hardware to significantly reduce design complexity and the time-to-market.

The application is available on both iOS® and Android™ operating systems. The iOS application, called AVR BLE Node, can be downloaded from the App Store. The Android application, called Secured AVR BLE IoT Node, can be downloaded from Google Play.

The SecureIoT1702 Demo board is a Microsoft Azure Certified for IoT device.

The CEC1702 full-featured ARM® Cortex®-MF4-based microcontroller, with a complete hardware cryptography-enabled solution in a single package, is DICE capable.

Contact security_help@microchip.com for more information on Microchip’s CEC1702 enabled products.

 

 The SecureIoT1702 Demo board is a small form factor evaluation board that can be used for development, evaluation and demos. The SecureIoT1702 Demo board is designed to utilize the processing and the hardware capabilities of the CEC1702 cryptography enabled ARM® Cortex®-M4-based microcontroller. For additional information visit: http://www.microchip.com/CEC1702


The CEC1702 provides a robust hardware cryptography cypher suite for encryption and decryption, authentication and private and public key management in addition to secure boot. Algorithms include AES256, SHA-512, RSA-4096, ECDSA, EC-KCDSA, Ed25519, true random number generator and 2.5K bits of One Time Programmable (OTP) memory.

CEC1702 secure boot provides a HW-based root of trust in IoT applications.  Secure boot allows equipment manufactures to establish a hardware-based root of trust. This is a critical feature for customers concerned about authenticating system-critical commands such as power plants or online server databases. It is also vital for customers that want to protect their brand and revenue stream from the adverse effects of a security breach.

Protecting system integrity has never been more important. Whether it’s being used as a security coprocessor or a standalone microcontroller, the CEC1702 delivers a multi-dimensional defense against attacks, including: 
o Pre-boot authentication of system firmware: Providing an immutable identity and a root of trust to ensure that the firmware is untouched and hasn’t been corrupted
o Firmware update authentication: Verifying that the firmware update has not been corrupted and is from a trusted source
o Authentication of system critical commands: Attesting that any system-critical command is from a known source with authorization to make the given change, preventing potentially devastating actions
o Protection of secrets with encryption: Safeguarding code and data to prevent theft or malicious activities

Click here for the: SecureIoT1702 Demo Board User’s Guide

The term provisioning is often used to refer to the process of configuring and loading security keys and data into crypto elements, such as ATECC508A devices. has made it extremely easy and convenient to provision an ECC-based crypto element during production of the board/product that uses the ATECC508A. provides three simple USB-based kits with supporting software:

  • Root Module Kit (AT88CKECCROOT) This module is used to securely create and store a root key in protected hardware. Each kit contains three USB Root Modules that can be used to create the primary root key and two backups.
  • Signer Module Kit (AT88CKECCSIGNER) This module is used to create signing keys using the root module. It can be used in the customers production platform to sign and load the crypto elements device certificates. Each kit contains three Signer Modules to provide a primary Signer Module and two secure backups.
  • Provisioning Starter Kit (AT88CKECCPROVISION) This module is a provisioning starter kit containing three USB Root Modules and three USB Signer Modules. It takes the place of one AT88CKECCROOT and one AT88CKECCSIGNER Module Kits.

All the steps are simple and spelled out in detail making it easy to seamlessly providing devices at production. provides the embedded system firmware and PC software necessary to implement the steps.

The SmartCard Xplained Pro is intended for use along with the SAM L22 Xplained Pro to demonstrate and prototype Smart Card applications, leveraging the ISO7816 module on the SAM L22 chip.

To support the new Ultimate KeeLoq protocol, we offer the Wireless Security Remote Control Development Kit, which is a demonstration and development platform for wireless security applications. The kit demonstrates two security protocols: Ultimate KeeLoq Protocol and Classic KeeLoq Protocol. It contains a four-button key fob transmitter based on the MCS3142.

Dual KeeLoq Encoder, receiver PICtail™ daughterboard, and Embedded Security Development Board. The software download contains a Graphical User Interface (GUI) to assist with additional development work.

The Microchip Zero Touch Secure Provisioning Kit for AWS IoT helps designers to quickly and securely develop IoT devices that are in compliance with the AWS security regulations. These regulations state that a device must use mutual authentication with a remote server to be authorized on the AWS cloud.

Meanwhile, a robust authentication must also ensure a complete isolation of the system credentials such as private keys from the application core to avoid leaving backdoors opened to software loop holes. In addition, the software is as secure as the user's skillset is in security. Human users and software can often be one of the easiest targets for a hacker as they are the least reliable elements. Incorporating Microchip pre-configured ATECC508-MAHAW or ATECC508ASSHAW CryptoAuthentication devices into a system is a very secure method to connect to the AWS IoT service. It leaves the whole handling of certificate and private key manipulation to Microchip secure provisioning factories in addition to keeping crendentials away from software and users. 

The devices are pre-configure but not provisioned out of the box. Start with the upgraded Zero Touch Provisioning Kit for AWS IoT Version B and benefit from the new provisioning scripts (Python based) and AWS IoT account configuration scripts (using Cloudformation).

This version B of the kit comes with an easier onboarding process to generate certificates and provision them into the CryptoAuthentication device using Python scripts. In addition, the user will have access to a CloudFormation script to generate a web UI reflecting the I/O of the kit and utilize it as a foundation to develop virtually any sensor based use cases. In addition to the ATECC508AMAHAW, the kit includes a Cortex-M4 ATSAMG55 and Wi-Fi ATWINC1500 using FreeRTOS and the ATWINC1500 integrated TLS stack.