ST's New State-of-the-Art Security Element for Authentication Services

New STSAFE-A100 Provides Built-In Authentication, Secure Communication,
Key Provisioning and Highest Security Standards for IoT Devices

STMicroelectronics has released a strong yet easy-to-use secure element to protect connected devices in the consumer and industrial Internet of Things (IoT) and to prevent cloning or copying of genuine products by ensuring authenticity.

Certified to the highest security industry standards, the new STSAFE-A100 can be designed-in by developers without specialist security expertise thanks to comprehensive support ecosystem.

Consumer devices, home appliances, industrial assets, and infrastructure controllers are already connected to the internet or will be soon. Many of them are designed to be autonomous and unattended. They now need state-of-the-art electronic security to prevent hackers from counterfeiting, cloning, stealing information, or misusing the equipment. ST’s new STSAFE-A100 is a secure turnkey solution that brings the Company’s proven expertise in electronic security for applications such as banking, e-commerce, and identity protection to the IoT. As a secure element that provides authentication services and can be used in conjunction with an ordinary microcontroller, it features an embedded secure operating system and is certified to Common Criteria EAL5+[1], banking-level security-industry standards.

“STSAFE-A100 delivers an economical and certified solution for state-of-the-art security in IoT and brand protection, presenting an alternative with clear advantages over existing approaches like software-based security running on a general-purpose microcontroller or an uncertified crypto-companion IC,” said Laurent Degauque, Marketing Director, Secure Microcontroller Division, MDG Group, STMicroelectronics. “Seamless integration puts security at the heart of the product and frees developers to focus on maximizing added value at the application level.”

ST has made design-in of its new secure element easy for customers by providing a complete ecosystem that includes an expansion board with Arduino headers, a microcontroller library, and reference implementations. These simplify attaching the STSAFE-A100 to a microcontroller such as any from the STM32 family.

The STSAFE-A100 secure element is scheduled to enter volume production in July 2016, as a 4mm x 5mm SO8N or 2mm x 3mm UFDFPN8.

Additional Security Features:
STSAFE-A100 provides strong authentication services that help make sure only authorized IoT devices can access online services and only authorized accessories or consumables are recognized and accepted by an application. It is compliant with the USB Type-C™ device-authentication scheme and secures communications with a remote host using Transport Layer Security (TLS) handshaking.

Additional functions that further minimize any potential for security breaches include signature verification to ease secure boot and firmware upgrade, secure counters that allow usage monitoring, secure pairing with the host application processor, wrapping and unwrapping of local or remote host envelopes, and on-chip key-pair generation.

The STSAFE-A100 supports asymmetric cryptography including Elliptic Curve Cryptography (ECC) with NIST[2] or Brainpool 256-bit and 384-bit curves, and symmetric cryptography using AES-128/AES-256. The STSAFE-A100 comes with a unique serial number on each die and its operating system comprises a kernel for authentication and data management and provides strong protection against logical, fault, side-channel and physical attacks.

¹ CC EAL5+: Common Criteria Evaluation Assurance Level 5+
² NIST: US National Institute for Standards and Technology

For more information on the STSAFE-A100 secure element, visit the ST website at ST STSAFE-A100 secure element main page.

The STMicroelectronics website address is www.st.com
[Reprinted with kind permission from STMicroelectronics - Release Date 14th June, 2016]