2.2.1.8 I/O Protection Key

The Verify, ECDH, , and KDF commands can optionally use the I/O protection feature to encrypt some parameters and validate (via MAC) some responses. This is to help protect against man-in-the-middle attacks on the physical I2C bus. However, before this feature can be used, the MCU and ATECC608A-TNGLoRaWAN need to generate and save a unique I/O protection key, essentially pairing the MCU and ATECC608A-TNGLoRaWAN devices to each other. The pairing process must happen on first boot.

I/O Protection Key Generation:

  1. MCU uses random command to generate a random 32-byte I/O protection key.
  2. MCU saves the I/O protection key in its internal Flash.
  3. MCU writes I/O protection key to the I/O protection key slot.
  4. MCU slot locks that slot to make the I/O protection key permanent.

As a pairing check, the MCU could use the MAC command to issue a challenge to the I/O protection key and verify the I/O protection key stored in Flash matches the one in the ATECC608A-TNGLoRaWAN.