The USB 3.0 Promoter Group has announced the USB Type-C Authentication specification, defining cryptographic-based authentication for USB Type-C chargers and devices. USB-C is the port (the only one) on Apple’s 12-inch MacBook.
Using this protocol, host systems can confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors/capabilities and certification status. All of this happens right at the moment a wired connection is made – before inappropriate power or data can be transferred.
USB Type-C Authentication empowers host systems to protect against non-compliant USB Chargers and to mitigate risks from maliciously embedded hardware or software in USB devices attempting to exploit a USB connection. For a traveler concerned about charging their phone at a public terminal, their phone can implement a policy only allowing charge from certified USB chargers. A company, tasked with protecting corporate assets, can set a policy in its computers granting access only to verified USB storage devices.
USB 3.0 Promoter Group Chairman Brad Saunders says that key characteristics of the USB Type-C Authentication solution include:
° A standard protocol for authenticating certified USB Type-C™ Chargers, devices, cables and power sources;
° Support for authenticating over either USB data bus or USB Power Delivery communications channels;
° Products that use the authentication protocol retain control over the security policies to be implemented and enforced;
° Relies on 128-bit security for all cryptographic methods;
° Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation
Further information, including postings of the most recent product and technology announcements, is available by visiting the USB-IF website (www.usb.org).