Adafruit ATECC608 Breakout Board - STEMMA QT / Qwiic
You've got secrets, and you want to keep them safe? Most microcontrollers are not designed to protect against snoopers, but a crypto-authentication chip can be used to lock away private keys securely. Once the private key is saved inside, it can't be read out, all you can do is send it challenge-response queries. That means that even if someone gets hold of your hardware and can read back the firmware, they wont be able to extract the secret!
The ATECC608 is the latest crypto-auth chip from Microchip, and it uses I2C to send/receive commands. Once you 'lock' the chip with your details, you can use it for ECDH and AES-128 encrypt/decrypt/signing. There's also hardware support for random number generation, and SHA-256/HMAC hash functions to greatly speed up a slower micro's cryptography commands.
We're starting to see these low-cost secure element chips in various products, so that a less expensive chip can be used to drive peripherals, without worrying about security. This chip does not have a public datasheet, but it is compatible with the ATECC508 earlier version which does, so please refer to that complete datasheet as well as the ATECC608 summary sheet. The good news is that, despite not having complete documentation, there is some software support. For Arduino use, check out the Arduino ATECCx08 library. For Python and C/C++ check out Microchips Cryptoauthlib (yes we also think it's odd that there's no datasheet but there is published code)
To make working with the ATECC608 as easy as possible, we've put it on a breakout PCB with the required support circuitry and SparkFun qwiic compatible STEMMA QT connectors. This allows you to use it with other similarly equipped boards without needing to solder. This chip will work with 3.3V or 5V power/logic micros, so it's ready to get to work with a range of development boards.
Please note the I2C address is fixed at 0x60 and according to Microchip, you should use this at higher I2C speeds like 400KHz if other devices are on the I2C bus, to avoid some I2C bus contention (much like the datasheet, this is not documented anywhere yet)