Recommend using ATECC608B-TNGTLS
The Microchip ATECC608A-TNGTLS is the Trust&GO secure element part of the Trust Platform for the CryptoAuthentication family. The device comes pre-configured and pre-provisioned with default thumbprint certificates and key. The configuration and credentials are locked in the device and cannot be changed. The cloud infrastructure, either it s a public of private network, needs to accommodate device authentication relying only on the thumbprint certificate from the ATECC608A-TNGTLS. In other words, the cloud infrastructure would not require verification of the thumbprint certificate by a certificate authority. This secure element integrates ECDH (Elliptic Curve Diffie Hellman) security protocol an ultra-secure method to provide key agreement for encryption/decryption, along with ECDSA (Elliptic Curve Digital Signature Algorithm) sign-verify authentication for the Internet of Things (IoT) market including home automation, industrial networking, medical, retail or any TLS connected networks. Other important feature integrated in the ATECC608A-TNGTLS is the AES128 hardware accelerator and hardware-based cryptographic key storage and cryptographic countermeasures which eliminate potential backdoors linked to software weaknesses.
The device is agnostic of any microprocessor (MPU) or microcontroller (MCU) and compatible with virtually any MCUs or MPUs thanks to the CryptoAuthLib library. As with all CryptoAuthentication devices, the ATECCC608A delivers extremely low-power consumption, requires only a single GPIO over a wide voltage range, and has a tiny form factor making it ideal for a variety of applications that require longer battery life and flexible form factors.
The ATECC608A-TNGTLS comes preconfigured with default thumbprint certificates and key that are locked in the device and not changeable. It help reduce the cost incurred by a third party certificate authority as well as the complexity to deal with certificates as a whole.
Take a look at the various code examples including :
Cloud authentication for AWS IoT (32-bit MCU)
Cloud Authentication for AWS Greengrass (Linux)
Cloud Authentication for Microsoft Azure (32-bit MCU) - coming soon
Cloud Authentication for Google Cloud IoT Core (32/16/8 bit MCU)
LoRa Authentication for The Things Industries (TTI) or Actility join servers
TLS network authentication with third party stacks