Atmel launches next-generation maXStylus active pen platform

With CES 2015 in full swing, we’re excited to announce that we are sampling our next-generation maXStylus mXTS220 to multiple global customers. OEMs have been looking to expand the user adoption of active stylus solutions on mobile devices by providing precise handwriting, lower system and stylus cost, and easy-to-use styli that do not require frequent battery changes.

The next-generation maXStylus mXTS220 capacitive active stylus controller elevates the user experience with superior responsiveness after every stroke which is a key requirement for a ‘pen-to-paper’ writing experience. Higher precision writing and pressure sensing, with palms resting on the touchscreen, enable an artistic writing experience with fluid strokes. The maXStylus mXTS220 solution utilizes the capacitive touchscreen controller and does not require an additional sensor layer, such as EMR (electro-magnetic resonance) technology, for optimized solution cost.

Atmel’s maXStylus mXTS220 bidirectional architecture is the best positioned in the industry to allow OEMs to build next-generation styli with flexibility to interoperate with multiple digitizers. The unique two-way architecture enables the stylus to detect various noise sources so they can be avoided – a differentiation of maXStylus that no other solution on the market offers today. Enhanced noise immunity over existing capacitive solutions allows flawless pen strokes without any line breaks or missing strokes while further extending battery life.

“The ability to create content on your mobile devices, including smartphones, tablets, notebooks and Ultrabooks, is quickly becoming a key differentiating factor in OEM designs,” said Shar Narasimhan, Atmel Senior Product Manager of Touch Marketing. “As a leader in the touch market, we are excited to bring one of the most precise active stylus solutions to the market, enabling a pen-to-paper experience on a touchscreen while meeting future OEM requirements with the flexibility of an interoperable platform.”

Interested in learning more? You can explore the entire maXStylus lineup here.

Got AES? Got security?

Currently in wide use, AES is a great algorithm that has been implemented in a number of hardware and software systems. It has been carefully studied by legions of cryptanalysts, so it’s often assumed that a system which includes AES is secure. But that assumption isn’t always true – in this post, let’s explore three situations that could cause problems.

Like all cryptographic systems and algorithms, AES depends on a key. If an attacker can get the key, he or she can impersonate the authentic party, decrypt all the network messages and generally eliminate every aspect of the system security. However, a few systems have a great place to store keys that is truly isolated from attack. With the increasing commonality of connected systems, software bugs like Heartbleed can easily find keys that you thought you had carefully protected. If you’re not familiar with Heartbleed, see this great panel from XKCD which does a nice job of explaining it.

Like all cryptographic algorithms, there are many variations to the way in which AES can be used. Lots of systems have been cracked because an improper mode, protocol or procedure was used. The illustration below shows a mode of AES which is the right answer in some cases — but definitely not this one!

The last point is a bit trickier. When encrypting something with AES, most modes require an Initialization Vector (IV). The IV should never be repeated, and in some modes it must be random. There are two problems with a repeated IV: (1) If the attacker could discover the plain text of the first message, he could determine the contents of the second; and (2), If the same message is sent with the same IV, the ciphertext will be the same both times, which could be vital information all by itself.

Problem is that it’s hard to generate a random number. One famous random number generator used the hash of an image of lava lamps – for some years an online site (lavarand) was supported by Silicon Graphics to provide online numbers.

Assuming you don’t have lava lamps and a camera in your system, you might be tempted to use ‘random’ keystrokes, noise on a signal wire, the current time to the ms, or some similar thing. Problem is, while the resulting numbers appear to be random there are often a limited number of choices. Given how fast modern computers execute, an attacker can try literally millions of possibilities in a few seconds and guess your random number!

Many designers rely on dedicated hardware cryptographic devices to help resolve this issue. Generally speaking, they offer solutions to the three points mentioned above:

• Strong protection for cryptographic keys that is not subject to bugs, malware or other aggressive attacks;
• Proper use of modes and protocols for the operations performed within the devices; and,
• High quality random number generators that rely on random physical phenomena and which are rigorously tested

Guess what? Atmel’s CryptoAuthentication devices offer all three in a low-cost small package. Start designing security in your next product with a free CryptoAuthentication tool.