Part Number:
Quantity:
Price per Unit (in USD):
Total Amt:
Log in to myMicrochip to access tools and benefits. Sign up in just one minute.
Maximize Your Experience: Reap the Personalized Advantages by Completing Your Profile to Its Fullest. Update Here
Stay in the loop with the latest from Microchip. Update your profile while you are at it. Update Here
Complete your profile to access more resources. Update Here
true
Trust&GO ATECC608 Secure Element for AWS® IoT Core Secure Authentication
Leverage the Simplicity of Generic Certificate Authentication
When it comes to IoT security, authentication is one of the foundational concepts that should be implemented first in your design. The trust between the device identity and the cloud platform relies on a chain of trust. AWS® IoT Core supports generic certificate-based authentication, but the trust in the device identity will depend entirely on how well the device’s private key is protected. If the private key is spoofed, the device can be impersonated by an unauthorized user who can then control the device’s transactions. However, adding authentication presents you with several challenges: securely storing the private key in the device, shipping the private key across the globe for any project and system size, creating a possibly cost-prohibitive chain of trust and ensuring a secure manufacturing flow. These challenges can be addressed by using the Trust&GO ATECC608C-TNGTLS secure element from our Trust Platform family of solutions on AWS IoT Core.
Take Advantage of AWS Thingpress
Thingpress is a tool that makes AWS IoT device onboarding fast and easy. Many IoT devices use pre-provisioned x.509 certificates for secure authentication. Manufacturers inject these certificates into secure chips during production—but they still need to be registered with AWS IoT.
Thingpress automates this process at scale by importing hundreds of thousands (or even millions) of certificates per day. It allows Trust&GO users to drag and drop the manifest file delivered with each purchase of Integrated Circuits (ICs) into their AWS environment in a properly set up S3 bucket. A cloud-formation script is provided to illustrate the implementation. Typically, the batch uploads approximately 100,000 certificates per hour, including all requested object associations.
More than certificate import:
- Creates an AWS IoT thing based on the Certificate Name (CN) value
- Links the certificate to the thing
- Optionally attaches:
- AWS IoT policy for authorization
- Thing type for fleet management
- Thing group for organizing devices
These associations help align with your application design and device lifecycle goals. Check out the Getting Started section for step-by-step guidance.
Benefits of Using the Trust&GO ATECC608 with AWS IoT Core
- Pre-configured device and pre-provisioned private key
- Create secure authentication to IoT devices powered by AWS IoT Core
- Benefit from the scalability of AWS Thingpress
- Leverage the simplicity of generic certificate authentication
- Implement a unique, trusted, protected and managed device identity
- Turnkey code examples available for 32-bit microcontrollers
- Leverage Microchip’s secure provisioning service
- Simplify logistics of shipping private keys and reduce manufacturing costs
- Microcontroller-agnostic implementation
- JIL rated “high” secure key storage
- Protection against known tamper, side-channel attacks
Trust&GO ATECC608C-TNGTLS Features
Each of the device slots are pre-configured and pre-provisioned to offer the following use cases:
Generic Certificate Authentication
Use the default generic certificates for thumbprint authentication already locked inside the Trust&GO device; the cloud architecture will not need to use a root certificate to verify the thumbprint certificate, but the server will have to be set up to implement this policy.
Token Authentication
Leverage a private key to perform an Elliptic Curve Digital Signature Algorithm (ECDSA) sign operation on a token that will be verified by its corresponding public key somewhere else in the network.
Ready to Get Started With Trust&GO?
To prototype with the development kit, use the tutorials and code examples within the Trust Platform Design Suite (TPDS) software, which is available for Windows® and macOS® operating systems.
When you are ready to go to production, order the pre-provisioned devices and download the manifest file from microchipDIRECT.
Tools and Software
- Demo & Evaluation Boards
- Development Environment
The CryptoAuth Trust Platform provides a compact development solution for developing IoT solutions with the ATECC608B-TNGTLS and ATECC608B-TFLXTLS and ATECC608B-MAHDA devices or the ATECC608C equivalents.
The Microchip CryptoAuth Pro Trust Platform is an enhanced version of the CryptoAuth Trust Platform Board containing and has a Arm® Cortex®-M4F Microcontroller, four on-board CryptoAuthentication devices, two mikroBUS™ sockets, and an on-board 10/100 Mbit Ethernet phy. Programming can be done via the on-board PKoB4 debugger which is compatible with MPLAB®X IDE. The board has been developed to work with Microchip's Trust Platform Development Suite of tools.
The Trust Platform Design Suite (TPDS) is our onboarding tool for our security-related solutions. The full onboarding experience includes, but is not limited to:
- Training and education about security concepts
- Prototyping, including dummy key generation and code examples, available via our interactive application notes
- Access to our provisioning system through a secure sub-system configurator and secure exchange process
MPLAB X IDE is a highly configurable software platform that provides powerful, free tools for developing, debugging and qualifying embedded designs that use microcontrollers and digital signal controllers.