Rainbow Electronics AT88SA100S User Manual
Features
• Secure battery authentication
• Superior SHA-256 Hash Algorithm
• Best in class 256 bit key length
• Guaranteed Unique 48 bit Serial Number
• High speed single wire interface
• Supply Voltage: 2.5 – 5.5V
• <100nA Sleep Current
• 4KV ESD protection
• Green compliant (exceeds RoHS) 3 pin SOT-23 package
CryptoAuthentication™
Applications
• Cell Phones
• PDA and Smart Phones
• Portable Media Players
• Digital Cameras & Camcorders
• Cordless Tools
• Handheld Devices
1. Introduction
The AT88SA100S is a small authentication chip that can be used to
validate battery packs and other replaceable items that contain a
power source. It uses the industry leading SHA-256 hash algorithm
to provide the ultimate level of security.
An industry leading key length of 256 bits prevents exhaustive
attacks while multiple physical security features prevent
unauthorized disclosure of the secret key stored within the chip.
This key is automatically erased when power is removed from the
device.
It is shipped with a guaranteed unique 48 bit serial number that is
used in combination with an input challenge and the stored secret
key to generate a response that is unique for every individual
device.
The chip also includes 80 one-time fuses that can be used to
configure the system and/or retain permanent status. The values in
these fuses can also be locked to prevent modification.
AT88SA100S
Battery Authentication
Chip
Preliminary
8558A–SMEM–03/09
1.1. Memory Resources
Sram 256 bits of SRAM that are used for storage of a key. The LoadSram command provides a
mechanism to securely initialize this block during personalization. This memory will retain its value
when the chip is put/goes to sleep, so long as a supply voltage in excess of V
the chip.
MemValid A single bit that tells whether or not Sram contains valid data. It’s cleared when power is lost and set
when the SRAM is loaded with a secret key.
Fuse Block of 128 fuse bits that can be read and written through the 1 wire interface. The first 8 bits are
lock bits that control burn ability on 16 bit words of the array. Fuse[88-95] are manufacturing ID
values fixed by Atmel. Fuse[96-127] are programmed by Atmel with a serial number that (in
combination with MaskSN) is guaranteed to be unique and which includes lot/wafer info.
ROM Metal mask programmed memory. Unrestricted reads are permitted on the first 64 bits of this array.
The physical ROM will be larger and will contain other information that cannot be read.
ROM MfrID 2 bytes of ROM that, when combined with Fuse[88:95] specifies the 24 bit manufacturing
ID code (MfrID). This value is assigned by Atmel and is always the same for all chips of a
particular model number. For the AT88SA100S, this value is 0xFF FF FF. The MfrID can
be read by accessing ROM bytes 0 & 1 of Address 0. The 24 bit MfrID value can always
be read by the system and is always included in the message digested by the MAC
command.
ROM SN 2 bytes of ROM that can be used to identify chips among others on the wafer. These bits
reduce the number of fuses necessary to construct a unique serial number. The ROM SN
is read by accessing ROM bytes 2 & 3 of Address 0. The complete serial number is
extended with an additional 32 fuses to form the 48 bit serial number. The serial number
can always be read by the system and is optionally included in the message digested by
the MAC command.
RevNum 4 bytes of ROM that are used by Atmel to identify the design revision of the AT88SA100S
chip. These bytes can be freely read as the four bytes returned from ROM address 1,
however system code should not depend on this value as it may change from time to time.
is still supplied to
RETAIN
1.2. Fuse Map
The AT88SA100S chip incorporates 128 one-time fuses within the chip. Once burned, there is no way to reset the
value of a fuse. Fuses, with the exception of the manufacturing ID and serial number bits, initialized by Atmel, have a
value of 1 when shipped from the Atmel factory and transition to a 0 when they are burned.
Table 1. The 128 fuses in the AT88SA100S chip are arranged in the following manner:
Fuse # Name Description
0 – 7 Fuse Lock Bits Each bit locks the current value of the corresponding 16 bit block of the fuse array,
see below for more details.
8 Æ 87 Status Fuses These fuses can be written with the BurnFuse command and can always be read
with the Read command.
88 Æ 95 MfrID See Section 1.1. Set by Atmel, can’t be modified in the field
96 Æ 127 Serial Number See Section 1.1. Set by Atmel, can’t be modified in the field
Fuse Lock Bits These 8 fuses can be used to prevent further writing of the status fuses. Bit 0, when burned, locks
Fuse[0-15] from being modified, Bit[1] locks Fuse[16-31] and so on up through bit 5, which locks
Fuse[80-87]. Fuse[88-127] can never be modified with the BurnFuse command. Note that burning bit
0 has the effect of preventing any changes to the current value of the lock bits.
2 AT88SA100S [Preliminary]
8558A–SMEM–03/09
AT88SA100S [ Preliminary]
Status Fuses These fuses can be used to store various information which is not secret. Their value can always be
determined using the Read command. They can be individually burned using the BurnFuse
command. Two common usage models for these fuses are:
1. Consumption logging, i.e. burn one bit after every n uses, the host system keeps track of the
number of uses so far for this serial number since the last fuse burn.
2. Model number information. In this situation, the bits are written at the factory and their value is
locked to prevent modifications in the field. This method can also be used for feature enabling.
1.3. SHA-256 Computation
This chip performs only one cryptographic calculation – a keyed digest of an input challenge using the SHA-256
algorithm, documented here:
http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
1.3.1. SHA Computation Example
In order to ensure that there is no ambiguity, the following example vector is provided in addition to the sample vectors
in the NIST document. In this example, all values are listed in hex. For all but the key, bytes are listed in the order that
they appear on the bus – first on the left. Key is listed in the same order, so the 01 at the left of the key string is the first
byte passed to SHA-256.
Key 01030507090B0D0F11131517191B1D1F21232527292B2D2F31333537393B3D3F
Challenge 020406080A0C0E10121416181A1C1E20222426282A2C2E30323436383A3C3E40
Opcode 01
Mode 40 (include serial number in message)
Param2 0000
MfrID Fuses 77
S/N Fuses 8899AABB
MfrID ROM CCDD
MaskSN ROM EEFF
The 88 bytes over which the digest is calculated are 0103…3D3F0204…3E4001400000…EEFF
Digest: 7D38245733717A488575B9F794F7BCAFE033A3848D39430DA25141FDEBEAA1C2
A Read command executed on address 0 of the ROM (MfrID ROM, MaskSN ROM) would return CC DD EE FF, with
CC being the first byte on the bus and FF being the last.
Throughout this document, the complete message processed by the SA100S chip is documented. According to the
above specification, this always includes a single bit of ‘1’ pad after the message, followed by a 64 bit value
representing the total number of bits being hashed (less pad and length). If the length is less than 447 (512-64-1) then
the necessary number of ‘0’ bits are included between the ‘1’ pad and ‘length’ to stretch the last message block out to
512 bits.
When using standard libraries to calculate the SHA-256 digest, these pad and length bits should probably not be
passed to the library as most standard software implementations of the algorithm add them in automatically.
3
8558A–SMEM–03/09
1.4. Security Features
This chip incorporates a number of physical security features designed to protect the key from unauthorized release.
These include an active shield over the entire surface of the internal memory encryption, internal clock generation,
glitch protection, voltage tamper detection and other physical design features.
Both the clock and logic supply voltage are internally generated, preventing any direct attack via the pins on these two
signals.
2. IO Protocol
Communications to and from this chip take place over a single asynchronously timed wire using a pulse count scheme.
The overall communications structure is a hierarchy:
Table 2. IO Hierarchy
Tokens
Flags
Blocks
Packets
2.1. IO Tokens
There are a number of IO tokens that may be transmitted along the bus:
Input: (To device)
Wake Wake device up from sleep (low power) state
Zero Send a single bit from system to the device with a value of 0
One Send a single bit from system to the device with a value of 1
Output: (From the device)
ZeroOut Send a single bit from the device to the system with a value of 0
OneOut Send a single bit from the device to the system with a value of 1
The waveforms are the same in either direction, however there are some differences in timing based on the expectation
that the host has a very accurate and consistent clock while the device has significant variation in its internal clock
generator due to normal manufacturing and environmental fluctuations.
The bit timings are designed to permit a standard UART running at 230.4K baud to transmit and receive the tokens
efficiently. Each byte transmitted or received by the UART corresponds to a single bit received or transmitted by the
device. Refer to Applications Notes on Atmel’s website for more details describing how the UART should be controlled.
Implement a single data bit transmitted on the bus, or the wake-up event.
Comprised of eight tokens (bits) which convey the direction and meaning of the next group of bits (if any)
which may be transmitted.
of data follow the command and transmit flags. They incorporate both a byte count and a checksum to
ensure proper data transmission
of bytes form the core of the block without the count and CRC. They are either the input or output
parameters of a AT88SA100S chip command or status information from the AT88SA100S chip
4 AT88SA100S [Preliminary]
8558A–SMEM–03/09
AT88SA100S [ Preliminary]
2.2. AC Parameters
Figure 1. AC Parameters
data commWAKE
LOGIC Ø
LOGIC 1
NOISE
SUPPRESION
t
WLO
t
START
t
START
t
LIGNORE
t
WHI
t
ZHI
t
ZLO
t
BIT
t
HIGNORE
8558A–SMEM–03/09
5
μ
μ
μ
μ
μ
μ
μ
μ
μ
μ
μ
μ
μ
Table 3. AC Parameters
Parameter Symbol Direction Min Typ Max Unit Notes
Wake Low
Duration
Wake Delay to
Data Comm.
Start pulse
duration
Zero
transmission
t
WLO
t
WHI
t
START
t
ZHI
high pulse
Zero
transmission
t
ZLO
low pulse
(1)
Bit time
Turn around
delay
High side
glitch filter @
t
BIT
t
TURNAROUND
t
HIGNORE_A
active
Low side glitch
filter @ active
High side
glitch filter @
t
LIGNORE_A
t
HIGNORE_S
sleep
Low side glitch
filter @ sleep
IO Timeout
Watchdog
reset
t
LIGNORE_S
t
TIMEOUT
t
WATCHDOG
Note 1: START, ZLO, ZHI & BIT are designed to be compatible with a standard UART running at 230.4K baud for both
transmit and receive.
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
From
CryptoAuthentication
To
CryptoAuthentication
From
CryptoAuthentication
To
CryptoAuthentication
From
CryptoAuthentication
To
CryptoAuthentication
From
CryptoAuthentication
From
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
To
CryptoAuthentication
60 -
1 - ms Signal should be stable high for this
4.1 4.34 4.56
4.62 6.0 8.6
4.1 4.34 4.56
4.62 6.0 8.6
4.1 4.34 4.56
4.62 6.0 8.6
37.1 39 -
46.2 60 86
46.2 60 86
46.2 60 86
45 ns Pulses shorter than this in width will be
45 ns Pulses shorter than this in width will be
2
2
7 10 13 ms Starting as soon as 7ms up to 13ms after
374 500 650 ms Max. time from wake until chip is forced
Signal can be stable in either high or low
s
levels during extended sleep intervals.
entire duration.
s
s
s
s
s
s
s
If the bit time exceeds t
TIMEOUT
then
CryptoAuthentication will enter sleep
mode and the wake token must be
resent.
s
CryptoAuthentication will initiate the first
s
low going transition after this time interval
following the end of the Transmit flag
After CryptoAuthentication transmits the
s
last bit of a block, system must wait this
interval before sending the first bit of a
flag
ignored by the chip, regardless of its
state when active
ignored by the chip, regardless of its
state when active
Pulses shorter than this in width will be
s
ignored by the chip when in sleep mode
Pulses shorter than this in width will be
s
ignored by the chip when in sleep mode
the initial signal transition of a token chip
will enter sleep if no complete and valid
token is received.
into sleep mode. Refer to Watchdog
Failsafe Section 3.4
6 AT88SA100S [Preliminary]
8558A–SMEM–03/09
AT88SA100S [ Preliminary]
3. DC Parameters
Table 4. DC Parameters
Parameter
Symbol
Min
Typ
Max Unit Notes
Operating temperature
Power Supply Voltage
Fuse Burning Voltage
Active Power Supply
Current
Sleep Power Supply
Current
Input Low Voltage @
V
= 5.5V
cc
Input Low Voltage @
V
= 2.5V
cc
Input High Voltage @
V
= 5.5V
cc
Input High Voltage @
= 2.5V
V
cc
Input Low Voltage when
Active
Input High Voltage when
Active
Output Low voltage
Output Low current
Maximum Input Voltage
ESD
T
A
V
cc
V
BURN
I
CC
I
SLEEP
V
IL
V
IL
V
IH
V
IH
V
IL
V
IH
V
OL
I
OL
V
MAX
V
ESD
-40 85 °C
2.5 5.5 V
3.8 5.5 V
Voltage is applied to Vcc pin
- 10 mA
100 nA
-0.5
.25 * V
cc
-0.5 0.5 V
.25 * V
6.0 V
cc
1.0 3.0 V
-0.5 0.8 V
1.2 6.0 V
0.4 V
4 mA
Vcc + 0.5
4 KV
When chip is in sleep mode,
Vsig = 0.0V, V
Voltage levels for wake token when chip is in
V
sleep mode
= 3.7V.
cc
Voltage levels for wake token when chip is in
sleep mode
Voltage levels for wake token when chip is in
sleep mode
Voltage levels for wake token when chip is in
sleep mode
When chip is in active mode,
V
= 2.5 – 5.5V
cc
When chip is in active mode,
V
= 2.5 – 5.5V
cc
When chip is in active mode,
V
= 2.5 – 5.5V
cc
When chip is in active mode,
V
= 2.5 – 5.5V, V
cc
= 0.4V
OL
V
Human Body Model, Sig & V
pins.
cc
8558A–SMEM–03/09
7
Loading...