The ATVaultIC200 is an ASSP designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in
many applications such as anti-cloning, access control or hardware protection.
Cryptographic ServicesCryptographic Algorithms
• Digital Signature
• Encryption / Decryption
• Message Digest
• Key Wrapping / Unwrapping
• HOTP One-Time Password Generation
• True Random Number Generation
Software FeaturesMemory
• FIPS 140-2 Identity-based authentication
using password, Secure Channel
Protocol (SCP02 / SCP03)
• Rights Management (Administrator,
Approved User, Non-approved User...)
• Embedded Dynamic FAT12 File System
• DES / 3DES
• AES 128/192/256 bits
• EEPROM 4 Kbytes (for user)
• Write Endurance 100 Kcycles
• Data Retention 10 Years
• 2ms Program + 2ms Erase
VaultICTM
Family
ATVaultIC200
Technical
Datasheet
CommunicationPackages
• Hi gh Speed Slave SPI Serial Interface,
ATMEL Proprietary Protocol
For more details about the algorithms supported please refer to Table 2-1, “Supported
Algorithms table”, on page 8.
®
8-/16-bit RISC CPU
• 8-DFN (RoHS compliant)
•8-SOIC (RoHS compliant)
• EAL4+ Certification
• FIPS 140-2 Security Level 3
TPR0460AX–SMS–02/10
Page 2
Preliminary
This document is the complement to the “AT98SO/VaultIC Generic Datasheet” [1](TPR0395X-
Available under Non-Disclosure Agreement only) for the ATVaultIC200. It only documents the
values and set of features specific to this product.
2
ATVaultIC200
TPR0460AX–SMS–02/10
Page 3
1.Overview
1.1Tampering resistance
The proven technology used in ATVaultIC200 security modules is already widespread and used
in national ID/health cards, e-passports, bank cards (storing user Personal Identification Number, account numbers and authentication keys among others), pay-TV access control and cell
phone SIM cards (allowing the storage of subscribers’ unique ID, PIN code, and authentication
to the network), where cloning must definitely be prevented. More than one billion of Secure
Microcontrollers addressing all these applications have been already sold by Atmel and successfully implemented in many secure systems.
Atmel’s security modules will advantageously replace complex and expensive proprietary antitampering protection system. Their advantages include low cost, ease of integration, higher
security and proven technology.
They are designed to keep contents secure and avoid leaking information during code execution. While on regular microcontrollers, measuring current consumption, radio emissions and
other side channels attacks may give precious information on the processed data or allow the
manipulation of the data. Atmel’s secure microcontrollers’ security features include voltage, frequency and temperature detectors, illegal code execution prevention, tampering monitors and
protection against side channel attacks and probing. The chips can detect tampering attempts
and destroy sensitive data on such events, thus avoiding data confidentiality being
compromised.
ATVaultIC200
These features make cryptographic computations secure in comparison with regular microcontrollers whose memories can be easily duplicated. It is much safer to delegate cryptographic
operations and storage of secret data (keys, identifiers, etc.) to an Atmel secure microcontroller.
1.2Authentication capability
The methods to authenticate humans are generally classified into three cases: physical attribute
(e.g. fingerprint, retinal pattern, facial scan, etc.), security device (e.g. ID card, security token,
software token or cell phone) and something the user knows (e.g. a password/passphrase or a
personal identification number).
To fight against identity theft, the multi-factor authentication is a stronger alternative to the classical login/password authentication (called weak authentication). It combines two or more
authentication methods (often a password combined with a security token). Two-factor systems
greatly reduce the likelihood of fraud by requiring the presence of a physical device used
together with a password. If the physical device is lost or the password is compromised, security
is still intact. NIST’s authentication guideline [2] can be referred to for further details.
Multi-factor authentication requires a strong authentication. Anticloning is safely implemented
through one-way or mutual strong authentication. Various authentication protocols exist (as
specified in ISO9798-2 [3] or FIPS196 [4]), but the main method is the challenge responseauthentication:
1. The authenticator sends a challenge (e.g. a random number) to the equipment that must be
authenticated (“the claimant”).
2. The claimant computes a digital signature of the combination of this challenge with an
optional identifier, using a private or secret key. The requested signature is then returned to
the authenticator.
TPR0460AX–SMS–02/10
3
Page 4
1.3Secure stor age
1.4Flexibility
3. The authenticator checks the signature using either the same secret key or the public key
associated to the claimant’s private key and decides whether the claimant is authorized or
not based on the signature verification result.
This strong authentication method requires storing secret data. Pure software multi-factor solutions are thus not reliable.
If sensitive data is stored in files on a hard disk, even if those files are encrypted, the files can be
stolen, cloned and subjected to various kinds of attacks (e.g. brute force or dictionary attack on
passwords). Therefore secure microcontrollers-based hardware tokens are a must. Placing
secrets outside the computer avoids risking exposure to malicious software, security breaches in
web browsers, files stealing, etc.
The ATVaultIC200 product features:
• Various communication interfaces including SPI (Serial Protocol Interface), I
Integrated Circuit Bus) and ISO7816 SmartCard interface.
• Low pin count (Reset, Vcc, GND, and communication interface specific pins) making
integration into an existing board simple. ATVaultIC200 modules are available in small
packages (SOIC8 or DFN8) to fit into the most size-constrained devices.
• Low power consumption, in order to extend battery life in portable devices and low-power
systems. ATVaultIC200 devices consume less than 200μA in standby mode, and only 10 mA
during CPU-intensive operations depending on the required action.
• Embedded firmware that provides advanced functions:
– Secure storage: a fully user-defined non-volatile storage of sensitive or secret data.
– Identity-based authentication with user, administrator and manufacturer roles
supported.
– Administration mode to manage user authentication data and security features
– Manufacturer mode to initialize the file system content and module parameters.
– Cryptographic command set to perform cryptographic operations using keys and
data from the file system including: authentication, digital signature,
encryption/decryption, hash, one-time password generation and random generation.
– Public domain cryptographic algorithms such as DES, 3DES, AES, MAC using DES,
3DES or AES
– Cryptographic protocols such as secret-key unilateral or mutual authentication [3].
– Secure Channel Protocol using 3DES or AES.
– Robust communication protocol stacked over the physical communication
interfaces.
–Starter Kit.
Atmel’s application note [5] presents examples of efficient and cost effective IP protection applications utilizing secure chips in various embedded systems.
2
C (Inter
4
ATVaultIC200
TPR0460AX–SMS–02/10
Page 5
1.5Typical application
Authentication
Printer
Ink cartridges
The ATVaultIC200 is a turnkey solution that combines powerful cryptographic capabilities and
secure data storage. Ink Cartridge, Access Control or Smart meters are some examples of use
of the ATVaultIC200.
Below is described an example of an ATVaultIC200 product used in a typical application : Ink
Cartridge anti-cloning.
For more details about the architecture, please refer to the Application Note ”How to protect
Intellectual Properties using VaultIC Security Modules”[5].
1.6Ordering Information
1.6.1Legal
A Non-Disclosure Agreement must be signed with ATMEL.
An Export License for cryptographic hardware/software must be granted.
1.6.2Quotation and Volume
For the minimum order of quantity and the annual volume, please contact your local ATMEL
sales office.
ATVAULTIC-STK02-200R Starter Kit for ATVaultIC200 in SOIC8 package - SPI/I2C configuration
1.6.4Starter Kit
ATVAULTIC-STK12-200R
ATVAULTIC-STK02-200Z Starter Kit for
ATVAULTIC-STK12-200Z
ATVAULTIC-STK03-200R Starter Kit for ATVaultIC200 in SOIC8 package - ISO7816 configuration
ATVAULTIC-STK03-200Z Starter Kit for
Starter Kit for
(no SPI/I2C adapter inside)
Starter Kit for
(no SPI/I2C adapter inside)
ATVaultIC200 in SOIC8 package - SPI/I2C configuration
ATVaultIC200 in DFN8 package - SPI/I2C configuration
ATVaultIC200 in DFN8 package - SPI/I2C configuration
ATVaultIC200 in DFN8 package - ISO7816 configuration
* For more details about the Chip Personalization Number, please contact your local ATMEL
sales office.
The ATVaultIC Starter Kit provides an easy path to master the cryptographic and secure data
storage features of the ATVaultIC secure modules. The content is :
• ATVaultIC200 samples with 1 dedicated test socket
• 1 generic USB to SPI / I²C / ISO7816 adapter
• 1 CD-ROM containing a support documentation set (getting started, application notes,
reference design), some demo applications to get an insight into the ATVaultIC features, the
”VaultIC Manager” tool to design the file system and to personalize samples, a hardware
independent cryptographic API with source code.
1.6.5Demo Kit
6
ATVaultIC200
TBD
TPR0460AX–SMS–02/10
Page 7
1.7Software and Hardware Architecture
Crypto
services
( MAC,Signature,…)
Application
management
&
Data storage
Administration
services
CRYPTO
APPLICATION
ADMINISTRATION
APPLICATION
TDES
EEProm
RAM
HS
SPI
Device
Crypto Library
CRC
(File System)(Keymanagement)
Memory
Management
Comm unication
Stack
SPI / I2C / ISO7816
VaultIC200 Hardware
I2C
secureAVR
CORE
Power
Hardware
Security
Management
T=0 T=1
(AES...)
The ATVaultIC200 software architecture is as exposed on the diagram below.
Figure 1-2.Software and Hardware Architecture
ATVaultIC200
TPR0460AX–SMS–02/10
7
Page 8
2.Detailed Features
2.1Communication Interfaces
The ATVaultIC200 embeds the following communication interfaces:
• High Speed SPI : up to 16 Mbps
• I²C : up to 400 kbps
• ISO7816 : up to 625 kbps
2.2Security Mech anisms
The table below summarizes the cryptographic algorithms, and their identifiers, supported by the
ATVaultIC200.
Notes: 1. Stresses beyond those listed under “Absolute Maximum Ratings” may cause permanent dam-
(1)
SymbolParameterMin.Max.Unit
V
CC
V
IN
T
A
E
EEPROM
V
DataRetention
Supply Voltage-0.37.5V
Input VoltageVSS-0.3VCC+0.3V
Operating Temperature-25+85°C
EEPROM Endurance for
write/erase cycles
500 000
(2)
EEPROM Data Retention Virgin10Years
ESDElectrostatic Discharge (HBM)4kV
Latch-up+/- 200mA
age to the device. This is a stress rating only and functional operation of the device at these or
other conditions beyond those indicated in the operational sections of this specification is not
implied. Exposure to absolute maximum rating conditions for extended periods may affect
device reliability.
2. Depends on conditions. Please refer to “EEPROM Reliability & Qualification Specification”
(PE/SPEC/032).
cycles
3.3AC/DC Characteristics (2.7V - 5.5V range; T= -25°C to +85°C)
Output Low Voltage - I/O0,I/O1
Output Low Voltage - MISO, MOSI
Output High Voltage - I/O0,I/O1
Output High Voltage - MISO, MOSI
Pin Pull-up I/O0, RST,I/O1,MISO,
I/O
MOSI
SPI Clock (Input)
SCK rising to MISO delay
SCK falling to MISO delay
Typical Current at 25°C
I
OL
=1mA
0
0
IOH = 1mA0.7*V
CC
0.08*V
0.15*V
V
CC
CC
CC
220KOhm
C
=20pF
out
DMA On
C
=20pF
out
Slave Mode
=20pF
C
out
Slave Mode
20MHz
13μs
13μs
- Chip in low power mode:
•200μA (Clock=1MHz)
•200μA when no clock running
- Chip awaken, no crypto running:
• 6mA when external clock supplied (5MHz)
• 10mA when no external clock is supplied (CLK
signal in high state)
- Additional consumption during DES computations:
• 4mA when external clock supplied
• 10mA when no external clock is supplied (CLK
signal in high state)
V
V
12
ATVaultIC200
TPR0460AX–SMS–02/10
Page 13
3.4Timings
3.4.1I²C Timings
ATVaultIC200
The table below describes the requirements for devices connected to the I²C Bus. The
ATVaultIC200 I²C Interface meets or exceeds these requirements under the noted conditions.
Timing symbols refer to Figure 3.4.2.
Table 3-4.I²C Requirements
SymbolParameterConditionMinMaxUnit
SCL
SDA
t
SU;STA
t
r
t
of
f
SCL
t
HD;STA
t
LOW
t
HIGH
t
SU;STA
t
HD;DAT
t
SU;DAT
t
SU;STO
t
BUF
Rise Time for both SDA and SCLTBDTBDns
Output Fall Time from V
SCL Clock FrequencyTBD100kHz
Hold Time (repeated) START ConditionTBDTBDμs
Low Period of the SCL ClockTBDTBDμs
High period of the SCL clockTBDTBDμs
Set-up time for a repeated START conditionTBDTBDμs
Data hold timeTBDTBDμs
Data setup timeTBDTBDns
Setup time for STOP conditionTBDTBDμs
Bus free time between a STOP and START
condition
Figure 3-1.I²C Timings
t
HIGH
t
HD;DAT
t
HD;STA
t
of
t
LOW
IHmin
t
LOW
to V
ILmax
t
SU;DAT
TBDTBDns
TBDTBDμs
t
r
t
SU;STO
TPR0460AX–SMS–02/10
t
BUF
13
Page 14
3.4.2SPI Timings
MISO
(Data Output)
SCK
(CPOL = 1)
MO SI
(Data Input)
SCK
(CPOL = 0)
SS
MSBLSB
LSBMSB
...
...
10
1111
121314
17
15
9
X
16
The table below describes the requirements for devices connected to the SPI. The
ATVaultIC200 SPI meets or exceeds these requirements under the noted conditions.
See Figure 3-2 for details.
Table 3-5.SPI Timing Parameters
See figureDescriptionConditionMinTypMaxUnit
9SS
10SCK periodTBDns
11SCK high/lowTBDns
12Rise/Fall timeTBDns
13SetupTBDns
14HoldTBDns
15SCK to outTBDns
16SCK to SS
17SS
high to tri-stateTBDns
18SS
Figure 3-2.SPI Timings
low to outTBDns
highTBDns
low to SCKTBDns
14
ATVaultIC200
TPR0460AX–SMS–02/10
Page 15
3.5Connexions for Typical Application
C1
VCC
C2
R1
RST
SCL
SDA / SPI_SEL
SCL
SDA
RESET
VCC
VCC
ATVaultIC200
HOST
GND
R2
VCC
C1
VCC
C2
RST
RESET
VCC
VCC
ATVaultIC200
HOST
GND
SPI_SEL
MISO
MOSI
SCK
MOSI
MISO
SCK
SS
SS
C1
C2
RST
I/O0
CLK
I/O0
CLK
RESET
VCC
CVCC
ATVaultIC200
SC
READER
GND
R1
VCC
GND
Figure 3-3.ATVaultIC200 connexions for I²C typical application
For the address selection of the VaultIC200 in I²C configuration, please refer to the
“AT98SO/VaultIC Generic Datasheet”.
Figure 3-4.ATVaultIC200 connexions for SPI typical application
ATVaultIC200
TPR0460AX–SMS–02/10
Figure 3-5.ATVaultIC200 connexions for ISO7816 typical application
15
Page 16
Table 3-6.External components, Bill of Materials
ConfigurationReferenceDescriptionTyp.ValueComment
2.2 k
ΩRecommended
4.7 μF Recommended
10 nF
4.7 μF Recommended
10 nF
20 k
Ωusually on reader side
4.7 μF usually on reader side
10 nF
Recommended
Recommended
usually on reader side
2
I
C
SPI
ISO7816
R1, R2Pull-Up Resistors
C1Power Supply Decoupling Capacitors
C2Power Supply Decoupling Capacitors
C1Power Supply Decoupling Capacitors
C2Power Supply Decoupling Capacitors
R1Pull-Up Resistor
C1Power Supply Decoupling Capacitors
C2Power Supply Decoupling Capacitors
3.6Pin & Package Configuration
3.6.1Pin Configuration
Table 3-7.Pin List Configuration
Pin #
Designation
SOIC8DFN8
Description
RST
VCC
MISO
MOSI
SCL / SS
IO0 / SDA / SPI_SEL
CLK / SCK
GND
66
77
88
11
33
44
55
22
CPU reset
Power supply
SPI Master Input Slave Output
SPI Master Output Slave Input
I²C SCL / SPI Slave Select
ISO7816 I/O0 / I²C SDA / SPI/I²C selection PIN
ISO7816 CLK / SPI Master clock
Ground (reference voltage)
Others pins are not connected (do not connect to GND).
When communicating with SPI, all pins not used for SPI must not be connected (do not connect
to GND).
16
ATVaultIC200
TPR0460AX–SMS–02/10
Page 17
3.6.2Pinouts for packages SOIC8 and DFN8
ATVaultIC200
SOIC8
INDEX CORNER
MOSI
GND
1
2
3
4
8
7
6
5
MISO
VCC
RST
SCK / CLK
SCL / SS
SDA / SPI_SEL / IO0
2
3
1
4
8
7
6
5
ATVaultIC200
SPI_MISO
VCC
RST
SPI_CLK / ISO_CLK
SPI_MOSI
GND
SCL / SPI_SS
SDA / SPI_SEL / IO0
INDEX CORNER
Figure 3-6.Pinout ATVaultIC200 - Package SOIC8
Figure 3-7.Pinout ATVaultIC200 - Package DFN8
ATVaultIC200
TPR0460AX–SMS–02/10
17
Page 18
3.6.3Packages characteristics
COMMON DIMENSIONS
(Unit of Measure = mm)
SYMBOL
MIN
NOM
MAX
NOTE
Notes: 1. This drawing is for general information only; refer to EIAJ Drawing EDR-7320 for additional information.
2. Mismatch of the upper and lower dies and resin burrs are not included.
3. It is recommended that upper and lower cavities be equal. If they are different, the larger dimension shall be regarded.
4. Determines the true geometric position.
5. Values b and C apply to pb/Sn solder plated terminal.
The standard thickness of the solder layer shall be 0.010 +0.010/-0.005 mm.
A1.702.16
A10.050.25
b0.350.485
C0.150.355
D5.135.35
E15.185.402, 3
E7.708.26
L0.510.85
?
0˚ 8˚
e 1.27 BSC4
End View
Side View
e
b
A
A1
D
E
N
1
C
E1
?
L
Top View
Figure 3-8.SOIC-8 package characteristics
18
ATVaultIC200
TPR0460AX–SMS–02/10
Page 19
Figure 3-9.DFN-8 package characteristics
ATVaultIC200
TPR0460AX–SMS–02/10
19
Page 20
Definitions and abbreviations
3DES / TDESTriple DES algorithm
AESAdvanced Encryption Standard algorithm as defined in FIPS PUB 197
APDUApplication Protocol Data Unit as defined in ISO7816-3
AuthenticationAn identification or entity authentication technique assures one party (the verifier), through acquisi-
tion of corroborative evidence, of both the identity of a second party involved, and that the second
(the claimant) was active at the time the evidence was created or acquired. (From Handbook of
Applied Cryptography)
ASSPApplication Specific Standard Product
CBCCipher Block Chaining method applied to block ciphers
CFBCipher Feedback Register chaining method applied to block ciphers
CMACCipher-based Message Authentication Code
CPUCentral Processing Unit
Cryptographic keyA bit string used as a secret parameter by a cryptographic algorithm. To prevent a key from being
guessed, keys need to be generated truly randomly and contain sufficient entropy.
DESData Encryption Standard algorithm as defined in FIPS PUB 46-3
DeviceAny CPU with master or slave capability
ECBElectronic Code Book chaining method applied to block ciphers
2325 Orchard Parkway
San Jose, CA 95131
USA
Tel: 1(408) 441-0311
Fax: 1(408) 487-2600
Atmel Asia
Unit 01-05 & 16, 19/F
BEA Tower, Millennium City 5
418 Kwun Tong Road
Kwun Tong, Kowloon
Hong Kong
Tel: (852) 2245-6100
Fax: (852) 2722-1369
Product Contact
Web Site
www.atmel.com
Literature Requests
www.atmel.com/literature
Atmel Europe
Le Krebs
8, Rue Jean-Pierre Timbaud
BP 309
78054 Saint-Quentin-enYvelines Cedex
France
Tel: (33) 1-30-60-70-00
Fax: (33) 1-30-60-71-11
Technical Support
at98sc@atmel.com
Atmel Japan
9F, Tonetsu Shinkawa Bldg.
1-24-8 Shinkawa
Chuo-ku, Tokyo 104-0033
Japan
Tel: (81) 3-3523-3551
Fax: (81) 3-3523-7581
Sales Contact
www.atmel.com/contacts
Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any
intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN ATMEL’S TERMS AND CO NDI-
TIONS OF SALE LOCATED ON ATMEL’S WEB SITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY
WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT
OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no
representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications
and product descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Atmel’s products are not
intended, authorized, or warranted for use as components in applications intended to support or sustain life.