The USB Implementers Forum has announced the USB Type-C Authentication Program (PDF), which provides a way for devices with USB-C connectors to securely confirm that attached devices are authentic and do not contain hidden capabilities.
The new protocol can be used to prevent a phone from connecting to a charger that contains hidden malware capability.
“Using this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made – before inappropriate power or data can be transferred.”
Key characteristics of the USB Type-C Authentication solution include:
- A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources
- Support for authenticating over either USB data bus or USB Power Delivery communications channels
- Products that use the authentication protocol retain control over the security policies to be implemented and enforced
- Relies on 128-bit security for all cryptographic methods
- Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation
USB-IF selected DigiCert to manage the PKI and certificate authority services for the USB Type-C Authentication Program.
The new protocol must be adopted by phone and accessory makers to be effective.
