ST33K2X32DKG9ST1

ST33KTPM provisioned with IDevID and attestation keys and certificates

Parameters

Operating Temp Min Celsius	0.0
Operating Temp Max Celsius	70.0
Core	Arm Sc300
ECCN US	EAR99
ECCN EU	NEC
Packing Type	Tape And Reel
RoHs compliant	N/A
Grade	Industrial
Package Name	UFQFPN 32 5x5x0.55 mm

Description

The ST33KTPM-IDevID is a trusted platform module provisioned with keys and certificates to support use cases like device identity and attestation. The ST33KTPM-IDevID is compliant with TCG TPM 2.0 keys for device identity and attestation 1.1.The IDevID key and X509 certificate provide the device...
Read More

The IDevID key and X509 certificate provide the device identity defined by IEEE 802.1AR and are compatible with cloud system authentication such as AWS IoT, and Microsoft Azure, and can also be used in TLS 1.3 session to authenticate client.

The ST33KTPM-IDevID comes also with bundle files including device leaf certificates for a specific reel that are made available through authenticated download. This improves the supply chain security as the ST33KTPM-IDevID devices identified can be activated thanks to the bundle files after reception of reels, or can be revoked in case of lost shipment. This also facilitates the loading of leaf certificates in the cloud system before getting access to the physical platforms embedding ST33KTPM-IDevID devices.

The ST33KTPM-IDevID is based on product ST33KTPM2X compliant with the TCG TPM library specifications 1.59. It offers a target serial peripheral interface (SPI) or a target I²C interface, both compliant with the TCG PC client TPM profile specifications and PC client platform TPM profile (PTP) version 1.05.

ST33KTPM-IDevID devices are certified Common Criteria, TCG, and FIPS140-3.

It offers resilience services during the TPM firmware upgrade process, and self-recovery of TPM firmware and critical data upon failure detection.

The ST33KTPM-IDevID operates in the –40°C to 105°C extended temperature range.

The ST33KTPM-IDevID generic parts are loaded with X509 certificates signed by an STSAFE-TPM certification authority described in the provisioning profile. Upon customer request, STMicroelectronics can support a customer-specific provisioning profile and assign a dedicated certification authority linked to a specific ordering code.

ST33KTPM-IDevID devices with generic profile are based on ST33KTPM2X product offered in UFQFPN32 Ecopack2 package.

ST33KTPM-IDevID devices with customer profile are based either on ST33KTPM2X product offered in UFQFPN32 Ecopack2 package or on ST33KTPM2I product offered in WLCSP Ecopack2 package.

Key features

Key features
TPM features Flash memory-based trusted platform module (TPM) Compliant with Trusted Computing Group (TCG) trusted platform module (TPM) Library specifications 2.0, revision 1.59 errata version 1.5 and TCG PC Client Platform TPM Profile (PTP) for TPM 2.0 version 1.05 Fault-tolerant firmware loader that keeps the TPM fully functional when the loading process is interrupted SP800-193 compliant for protection, detection and recovery requirements Targeted certifications: Common Criteria EAL4+ in compliance with the TPM 2.0 protection profile (augmented with AVA_VAN.5, resistant to high-potential attacks) FIPS 140-3 with physical security level 3 TCG certification 192 KB NV memory available to store keys and data SPI communication bus running at up to 66 MHz I²C communication bus running at up to 1 Mb/s IDevID and IAK provisioning ST33KTPM-IDevID devices are provisioned with 2 signing keys ECC NIST P-384 and 2 certificates to support device identity and attestation use cases, compliant with TCG TPM 2.0 Keys for Device identity and Attestation v1.1 Hardware features Highly reliable flash memory with error correction code Extended temperature range: −40°C to 105°C Electrostatic discharge (ESD) protection up to 4 kV (HBM) 1.8 V or 3.3 V supply voltage range Security features Active shield Monitoring of environmental parameters Hardware and software protection against fault injection and side channel attacks NIST SP800-90A and AIS20-compliant deterministic random-bit generator (DRBG) NIST SP800-90B and AIS31-compliant true random-number generator (TRNG) Cryptographic algorithms: RSA key generation (1024, 2048, 3072 and 4096 bits) RSA signature (RSASSA-PSS, RSASSA-PKCS1v1_5) RSA encryption (RSAES-OAEP, RSAES-PKCS1-v1_5) SHA-1, SHA-2 (256 and 384 bits), SHA-3 (256 and 384 bits) HMAC SHA-1, SHA-2, and SHA-3 AES-128, 192, and 256 bits ECC key generation (NIST P-256/384) ECC secret sharing (ECDH) ECC signature (ECDSA, ECSchnorr, ECDAA) Device provided with three endorsement keys (EK) and EK certificates (RSA2048, ECC NIST P-256 and ECC NIST P-384) Device provisioned with three 2048-bit RSA key pairs to reduce the TPM provisioning time Product compliance Compliant with Microsoft^® Windows^® 10 and 11 Compliant with Linux^® drivers Compliant with Intel^® vPro^® technology Compliant with TCG test suite for TPM 2.0 Compliant with the open-source TCG TPM 2.0 TSS implementation

Coming Soon

Quantity	$ per unit	Savings
1-500	$0.00	0%
500 +	Contact sales

$0.00