Microchip logo
Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

Secure Your World with Security-Focused MCUs

Security threats are increasing exponentially in terms of frequency, targeted devices, malignancy and costs of attacks. In today’s vast interconnected world, the need to provide greater security within a product or system is becoming a standard requirement. To stay one step ahead of the criminal element and prevent theft of software/hardware, intellectual property and data, or communications services, customers today are designing their products with an eye on providing robust, connected and secure systems.

The CEC1302 and CEC1702  are full-featured 32-bit ARM® Cortex® -M4F-based microcontrollers that enable secure boot of system firmware, providing an immutable identity and a root of trust to ensure that the firmware is untouched and hasn’t been corrupted. These microcontrollers can be used as a standalone microcontroller, while also providing easy-to-use authentication, private key and customer programming flexibility to minimize customer risk.


  • Ensures firmware is untouched and uncorrupted with a quick pre-boot authentication of the system firmware
  • Protect the system from malware or memory corruption by authenticating firmware updates


  • Reduce compute time with the hardware cryptographic cipher suite
  • Protect secrets with encryption
  • Validate firmware has been digitally signed and untouched using public key cryptography

Security Capabilities

The CEC1x02 device family provides a variety of robust hardware based crypto algorithms to meet your protection needs.
What is secure boot?

Everybody today is worried about security. We see the market moving to authenticated boot as a way to protect your overall system. One of the worries is that when you try to boot your system, it won’t work because someone has compromised it.

One solution being adopted is secure boot which ensures the integrity of the software running on a platform. We provide secure boot capabilities to ensure the authentication of the embedded firmware prior to boot of the system. Secure boot relies on public/private keys to verify the digital signature of the code before execution. This confirms that only the code which you intend to be loaded is loaded and used, protecting your system from malicious code. Every time you boot the machine, you have the exact same expectation of the performance of your machine.

cpg mcu cips systemdiagram

Which crypto curves are supported?

The types of crypto curves that are supported are: AES256, SHA-512, RSA-4096, ECDSA, Curve25519, Ed25519, True Random Number Generator and Public Key Engine (PKE)

Crypto CurvesCEC1302CEC1702
Symmetric EncryptionAES128, AES192 and AES256same
 Modes: ECB, CBC, OFB, CFB, CTRsame
 One cycle per bytesame
 100x faster than FWsame
 Saves up to 8 KB-15 KB codesame
HashingSHA-1, SHA-256adds SHA-512
 One cycle per bytesame
 100x faster than FWsame
 Saves up to 2 KB codesame
Public Key Engine (PKE)20x-50x faster than FW8x faster than CEC1302
RSA-512 to RSA-2048RSA-1024 to RSA-4096
 Modular Arithmetic Primitivessame
Keys from 160 to 256 bits in GF(p)Keys with 192 to 640 bits in GF(p)
  Keys with 160 to 640 bits in GF(2m)
  Curve25519 (ECDSA support)
noECDSA, EC-KCDSA, Ed25519

Secure Remote Password (SRP)
Miller-Rabin Primality Testing
Random Number GeneratorTrue RNGsame
 1K FIFO for pre-calculationsame
Monotonic CounterNoYes
User Programmable OTP500 bits2.5K bits
(in addition to key space)  
Memory Protection UnitNoYes

Please email us at security_help@microchip.com for more information.