New USB-C Spec Adds Protection Against Chargers With Hidden Malware

Posted by at 9:49 am on January 3, 2019

The USB Implementers Forum has announced the USB Type-C Authentication Program (PDF), which provides a way for devices with USB-C connectors to securely confirm that attached devices are authentic and do not contain hidden capabilities.

The new protocol can be used to prevent a phone from connecting to a charger that contains hidden malware capability.

“Using this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made – before inappropriate power or data can be transferred.”

Key characteristics of the USB Type-C Authentication solution include:

  • A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources
  • Support for authenticating over either USB data bus or USB Power Delivery communications channels
  • Products that use the authentication protocol retain control over the security policies to be implemented and enforced
  • Relies on 128-bit security for all cryptographic methods
  • Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation

USB-IF selected DigiCert to manage the PKI and certificate authority services for the USB Type-C Authentication Program.

The new protocol must be adopted by phone and accessory makers to be effective.

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email


Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2024 · StreetCorner Media , LLC· All Rights Reserved ·