Which HSM chip is used on MXChip IoT DevKit?

[sukeshak]

Documentation for DPS example talks about HSM on MXChip IoT DevKit

Device Provisioning Service can be configured on device based on its Hardware Security Module (HSM). DevKit uses Device Identity Composition Engine (DICE) from the Trusted Computing Group (TCG). A Unique Device Secret (UDS) saved in STSAFE security chip on the DevKit is used to generate the device unique X.509 certificate. The certificate can be later used for the enrollment process in the Device Provisioning Service.

I would like to know what HSM chip is used in this case? Even in the detailed spec it says "Security encryption chip" which is cryptic at best.

I would like to know which chip is being used for HSM since I am working on a product using ESP32 and would like to have HSM to facilitate No-Touch deployment and management like done with with MXChip IoT DevKit.

[lirenhe]

@sukeshak , IoT DevKit comes with STSAFE-A100 secure chip from STMicroelectronics to fulfill the secure needs on the device end. please check the following link. https://microsoft.github.io/azure-iot-developer-kit/docs/understand-security-chip/

[sukeshak]

Thank you @lirenhe for the pointers.

[sukeshak]

Is ATECC608A from Microchip similar to STSAFE-A100?

Also is there a walkthrough available on how to use HSM like STSAFE-A100 for No-Touch deployment in production ?

[ArthurMa1978]

@sukeshak they do the same thing but not similar. We are not the hardware expert, so only we known is they have different library and implement mechanism. The real case is Kohler use STSAFE-A100 for its new Konnect product.