The USB Implementers Forum today announced the launch of a USB Type-C Authentication program, which is designed to create a cryptographic-based authentication definition for USB-C chargers and devices.

This is important because USB-C Authentication will provide protection from malicious firmware/hardware in USB-C devices. There are multiple USB-based attacks that are out in the wild and are able to do things like keystroke injection, installing backdoors, emulating mouse movements, logging data, hijacking traffic, infecting machines with viruses, and more.

usbc
In addition to protecting against malicious hardware, the program will keep host systems safe from non-compliant USB chargers that could potentially cause harm.

With the USB-C Authentication protocol, host machines will be able to confirm the authenticity of a USB-C device, cable, or charger. This confirmation happens right when a connection is made before inappropriate power or data can be transferred.

The USB-IF has outlined the characteristics of the USB-Type-C Authentication Program:

  • A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources
  • Support for authenticating over either USB data bus or USB Power Delivery communications channels
  • Products that use the authentication protocol retain control over the security policies to be implemented and enforced
  • Relies on 128-bit security for all cryptographic methods
  • Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation

Manufacturers who create devices that use USB-C will be able to implement the new authentication protocol into their devices to protect consumers. There is no requirement to implement support for USB-C authentication at this time, with protocol provided as an option to OEMs.

Though Apple has not commented on the release of the program, the Cupertino company will likely be one of the companies to adopt USB-C authentication protocols in the future given its focus on security.

Tag: USB-C

Top Rated Comments

randyhudson Avatar
62 months ago
No more 3rd-party chargers in 3....2...
Score: 4 Votes (Like | Disagree)
SoN1NjA Avatar
62 months ago
Sounds like DRM
Score: 3 Votes (Like | Disagree)
mcbumbersnazzle Avatar
62 months ago
Great apple will now use this to block any accessories that aren't "made for mac" and forcing people to buy their $80 dongle smh
Score: 3 Votes (Like | Disagree)
chucker23n1 Avatar
62 months ago
This is rather short on details.


* will there be a central certification authority? Or can any manufacturer create their own keys? Can a manufacturer like Apple decide to whitelist or blacklist certain devices?
* how much control does the user get? Does the spec expect the OS to present a dialog, like iOS 7 and newer do for Lightning devices, for the user to confirm that the device is trustworthy? If so, has there been usability research on this, particularly regarding the risk of making such a dialog useless as the user is trained to always accept?
Score: 3 Votes (Like | Disagree)
nwcs Avatar
62 months ago
I’m surprised it took this long for anything like this to be announced. It should have been announced years ago. The overall risk is still quite small but eventually I can see this being mandatory for any plug and play device.
Score: 3 Votes (Like | Disagree)
lunarworks Avatar
62 months ago
As long as it's optional, this is boon for anyone security conscious. Especially if it applies to Thunderbolt. There's all kinds of wild malicious tricks that can be performed over USB these days, and anything that can potentially lock them out will be welcome.
Score: 2 Votes (Like | Disagree)

Popular Stories

iPhone 15 Pro Lineup Feature

iPhone 15 Models Feature New Setting to Strictly Prevent Charging Beyond 80%

Tuesday September 19, 2023 2:04 pm PDT by
All of the iPhone 15 and iPhone 15 Pro models feature a new battery health setting that prevents the devices from charging beyond 80% at all times when enabled, as confirmed by The Verge's Allison Johnson during a Q&A session today. The new setting is separate from the pre-existing Optimized Battery Charging feature on iPhones, which intelligently delays charging past 80% until a more...
iOS 17 and iPhones Feature

iOS 17: 10 New Features That Just Launched

Sunday September 17, 2023 12:35 pm PDT by
In June, Apple announced iOS 17 with a wide range of new features and changes for the iPhone. Following over three months of beta testing, the free software update will be released this Monday, September 18 for the iPhone XS and newer. Below, we have recapped 10 key features coming to the iPhone with iOS 17, with additional features coming later this year. The update should be released to...
iOS 17

Apple Releases iOS 17.0.1 and iPadOS 17.0.1 With Bug Fixes, Plus iOS 17.0.2 for iPhone 15 Models

Thursday September 21, 2023 10:28 am PDT by
Apple today released iOS 17.0.1 and iPadOS 17.0.1 updates for the iPhone and the iPad, adding bug fixes to the new software. The iOS 17.0.1 and iPadOS 17.0.1 updates come just a few days after Apple launched iOS 17 and iPadOS 17. The software, which is build 21A340, can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. There is a...
emojipedia 15 1 emoji

Emoji Coming to Future iOS 17 Update Include Shaking Head, Brown Mushroom, Lime, Phoenix and More

Tuesday September 19, 2023 12:43 pm PDT by
As Apple was announcing new iPhone models last week, the Unicode Consortium was officially approving new emoji characters that are set to be added to smartphones starting in 2024. Mockup of new emoji from Emojipedia Approved Unicode 15.1 emoji include phoenix, lime, an edible mushroom, shaking head vertically (as in a "yes" nod), shaking head horizontally (a "no" head shake), and broken...