With the USB Type-C Authentication specification, computers and other devices with USB-C ports will be able to confirm the authenticity of a USB device or USB charger, verifying elements like certification status and power flow, along with ensuring no malware is present.
Using this protocol, host systems can confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors/capabilities and certification status. All of this happens right at the moment a wired connection is made - before inappropriate power or data can be transferred.The USB Type-C Authentication specification comes after some non-compliant USB-C cables were able to damage electronic devices. Google engineer Benson Leung spent weeks testing USB-C cables sold by Amazon after a third-party cable he bought destroyed his Chromebook Pixel, making it his mission to highlight the risks of non-compliant cables.
USB Type-C Authentication empowers host systems to protect against non-compliant USB Chargers and to mitigate risks from maliciously embedded hardware or software in USB devices attempting to exploit a USB connection
Leung's work led Amazon to ban third-party retailers from offering USB-C cables that do not adhere to the standard specifications issued by the USB-IF, and it's also led to the creation of the protections announced today.
Key characteristics of the USB Type-CTM Authentication solution include:Apple began using USB-C with the Retina MacBook, choosing the standard because it allows both data and power transfer through a single connector. USB-C is appealing for its universality, but because USB-C cables can transfer more power than traditional USB connectors, non-compliant or faulty equipment can damage electronic devices by providing too much power.
- A standard protocol for authenticating certified USB Type-CTM Chargers, devices, cables and power sources
- Support for authenticating over either USB data bus or USB Power Delivery communications channels
- Products that use the authentication protocol retain control over the security policies to be implemented and enforced
- Relies on 128-bit security for all cryptographic methods
- Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation
The Retina MacBook already has safeguards built in to protect it from non-compliant cables, but the new USB Type-C Authentication feature will offer another layer of protection should Apple choose to implement it. Current machines will only charge from third-party USB-C power adapters if they comply with the USB Power Delivery specification, and if too much power is detected, the USB-C ports on the MacBook will shut down.
While the Retina MacBook is the only product that currently offers USB-C functionality, Apple may choose to offer USB-C ports in additional machines in upcoming updates scheduled to take place across 2016.