The USB Implementers Forum (USB-IF), the support organization for the advancement and adoption of USB technology, nnounced the launch of its USB Type-C Authentication Program, an optional USB security protocol.
The USB Type-C Authentication specification defines cryptographic-based authentication for USB Type-C chargers and devices. It empowers host systems to protect against non-compliant USB chargers and to mitigate risks from malicious firmware/hardware in USB devices attempting to exploit a USB connection. Using this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made – before inappropriate power or data can be transferred.
The USB Type-C Authentication solution is a standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources. It supports
authenticating over either USB data bus or USB Power Delivery communications channels.
Products that use the authentication protocol retain control over the security policies to be implemented and enforced.
The autnentication relies on 128-bit security for all cryptographic methods.