An update to the USB-C spec aims to protect systems against hardware attacks

(Image credit: Pixabay (no attribution needed))

The USB Implementers Forum (USB-IF) is ringing in the New Year with the launch of its USB Type-C Authentication Program, an optional security protocol that could potentially make it less risky to plug in a USB device.

One way an attacker can compromise a system is by hacking a USB device and making modifications to the firmware or other hardware. If a user plugs in an compromised USB device, it can then infect the system, oftentimes silently.

The new spec enables OEMs to protect against these types of attacks by having the host system authenticate a USB device, cable, or charger. It happens as soon as the connection is made.

"USB-IF is excited to launch the USB Type-C Authentication Program, providing OEMs with the flexibility to implement a security framework that best fits their specific product requirements," said USB-IF President and COO Jeff Ravencraft. "As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices."

In addition to providing an added layer of security, the authentication program can also be useful in protecting against non-compliant USB chargers that might attempt to draw more voltage than is necessary, or safe.

Key characteristics of the new spec include the following:

A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources.
Support for authenticating over either USB data bus or USB Power Delivery communications channels.
Products that use the authentication protocol retain control over the security policies to be implemented and enforced.
Relies on 128-bit security for all cryptographic methods.
Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation.

This only applies to USB Type-C devices, which are not nearly as common as USB Type-A. Eventually, however, USB-C could become as ubiquitous as USB-A (right?!), and that's when this optional security update will be the most beneficial.

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).

Latest in Hardware

Crucial X9 external SSD on blue background

You can pick up the 2 TB version of my favorite budget external SSD for less than $0.06 per GB, transfers 300+ GB of data in 6 minutes

AMD Strix Point APU chip, held in a hand, with the reflected light showing the various processing blocks in the chip die

AMD's next-gen 'Gorgon Point' APU outted and seemingly sticks with RDNA 3.5 graphics which is disappointing for handheld gaming PCs if accurate

The Lenovo Legion LOQ gaming laptop on a blue background

Okay, so it's not technically in the Amazon Big Spring Sale, but this is the cheapest RTX 4070 gaming laptop you'll find today

A close-up photo of an Nvidia RTX 4070, with its heatsink removed, showing the AD104 GPU die and the surrounding Micron GDDR6X VRAM chips

With Nvidia Ace taking up 1 GB of VRAM in Inzoi, Team Green will need to up its memory game if AI NPCs take off in PC gaming

A collage of Radeon RX 9000 series graphics cards, as shown in AMD's promotional video for the launch of RDNA 4 at CES 2025

AMD's CEO claims 9070 XT sales are 10x higher than all previous Radeon generations but that's just for the first week of availability

Samsung has a crack at ye olde glasses-free 3D monitor thing but its new cheaper 49-inch ultrawide OLED is far more interesting

Latest in News

Naoe looking at the wrist blade in Assassin's Creed Shadows

Ubisoft says don't compare Assassin's Creed Shadows' success to Valhalla: The latter launched in Covid's 'perfect storm' and feedback on platforms 'less affected by review bombing' is stellar

Tarn Adams, who cofounded Bay 12 Games with his brother Zach, talks about their single-player simulation game "Dwarf Fortress" during an interview at their home office in Poulsbo, Washington, west of Seattle, on December 9, 2022. - A cult favorite among indie game fans, "Dwarf Fortress" has been available for purchase on the Steam online store since December 6, a first for this title that has been distributed for free since its debut in 2006. The real-time management game, set in a medieval-fantasy world and involving overseeing a group of dwarves seeking to build a mighty fortress, has climbed to the fourth best-selling weekly title on Steam. (Photo by Jason Redmond / AFP) (Photo by JASON REDMOND/AFP via Getty Images)

Dwarf Fortress' creator is so tired of hearing about AI: 'Press a button and it writes a really sh*tty, wrong essay about something—and they still take your job'

You can pick up the 2 TB version of my favorite budget external SSD for less than $0.06 per GB, transfers 300+ GB of data in 6 minutes

Image of illuminated manuscript-style drawings from the game Pentiment.

Random characters kept swearing in Obsidian's font-obsessed murder-mystery when its procedural error system ran amok: 'Naughtiness abounded'

Minecraft's never going free-to-play because as it stands it's 'the best deal in the world'

A Lagiacrus render from Monster Hunter Generations, photoshopped over a screenshot of Wilds' Scarlet Forest region.

Oh my God, it's happening: Monster Hunter Wilds is finally bringing a fan-favorite sea snake home from the war

More about hardware

You can pick up the 2 TB version of my favorite budget external SSD for less than $0.06 per GB, transfers 300+ GB of data in 6 minutes

Thunder X3 Lab-X gaming desk in a living room

Thunder X3 Lab-X review

I'm convinced being a ghoul in Fallout 76 is the best way to vibe in West Virginia, thanks to these powerful perk cards and my new true love: Radiation

See more latest

The biggest gaming news, reviews and hardware deals