Part Number Hot Search : 
5H100 2SJ358 PM73488 ADJ13148 HMU16883 P6KE27 MSM7712 SSM2275
Product Description
Full Text Search
 

To Download ATVAULTIC400-R Datasheet File
  If you can't view the Datasheet, Please click here to try to view without PDF Reader .  
 
 

  Datasheet File OCR Text:
  general features the atvaultic400 is an assp designed to secure various systems against counter- feiting, cloning or identity theft. it is a hardware security module that can be used in many applications such as anti-cloning, access control or hardware protection. notes: 1. key sizes supported: ? linear key size up to 2888 bits for crt format only (2240 bits otherwise) ? 4096 bits for: crt only private exponent, public exponent, crt key generation for more details about the alogrithms supported please refer to table 2-1, ?supported algorithms table?, on page 8 . cryptographic services cryptographic algorithms ? public key pair generation ? digital signature ? encryption / decryption ? message digest ? key wrapping / unwrapping ? hotp one-time password generation ? true random number generation ? des / 3des ? aes 128/192/256 bits ? rsa up to 4096 bits (1) ? dsa up to 2048 bits ? ecc up to 384 bits software features memory ? fips 140-2 identity-based authentication using password, secure channel protocol (scp02 / scp03) or microsoft ? minicard driver strong authentication ? rights management (administrator, approved user, non-approved user...) ? embedded dynamic fat12 file system ? eeprom 16 kbytes (for user) ? write endurance 100 kcycles ? data retention 10 years ? 2ms program + 2ms erase communication packages ? slave spi serial interface, atmel proprietary protocol ? i2c (two wire interface), atmel proprietary protocol ? iso7816 uart using t=0 or t=1 protocols ? 20-qfn (rohs compliant) ?8-soic (rohs compliant) hardware platform certifications ? secureavr ? 8-/16-bit risc cpu ? hardware random number generator ? hardware 3des crypto accelerator (112- bits keys) ? hardware 32-bit public key crypto accelerator ? eal4+ certification ? fips 140-2 security level 3 ? microsoft csp minidriver compliant vaultic tm family atvaultic400 technical datasheet tpr0433bx?sms?09/09
2 tpr0433bx?sms?09/09 atvaultic400 preliminary this document is the complement to the ?at98so generic datasheet? [1] (tpr0395x- available under non-disclosure agreement only) for the atvaultic400. it only documents the values and set of features specific to this product.
3 tpr0433bx?sms?09/09 atvaultic400 1. overview 1.1 tampering resistance the proven technology used in atvaultic400 security modules is already widespread and used in national id/health cards, e-passports, bank cards (storing user personal identification num- ber, account numbers and authentication keys among others), pay-tv access control and cell phone sim cards (allowing the storage of subscribers? unique id, pin code, and authentication to the network), where cloning must definitely be prevented. more than one billion of secure microcontrollers addressing all these applications have been already sold by atmel and suc- cessfully implemented in many secure systems. atmel?s security modules will advantageously replace complex and expensive proprietary anti- tampering protection system. their advantages in clude low cost, ease of integration, higher security and proven technology. they are designed to keep contents secure and avoid leaking informat ion during code execu- tion. while on regular microcontrollers, measuring current consumption, radio emissions and other side channels attacks may give precious information on the processed data or allow the manipulation of the data. atmel?s secure microcontrollers? security features include voltage, fre- quency and temperature detectors, illegal code exec ution prevention, ta mpering monitors and protection against side channel attacks and probing. the chips can detect tampering attempts and destroy sensitive data on such events, thus avoiding data confidentiality being compromised. these features make cryptographic computations secure in comparison with regular microcon- trollers whose memories can be easily duplicated. it is much safer to delegate cryptographic operations and storage of secret data (keys, identifiers, etc.) to an atmel secure microcontroller. 1.2 authentication capability the methods to authenticate humans are generally classified into three cases: physical attribute (e.g. fingerprint, retinal pattern, facial scan, etc.), security device (e.g. id card, security token, software token or cell phone) and something the user knows (e.g. a password/passphrase or a personal identification number). to fight against identity theft, the multi-factor authentication is a stronger alternative to the clas- sical login/password authentication (called weak authentication). it combines two or more authentication methods (often a password combined with a security token). two-factor systems greatly reduce the likelihood of fraud by r equiring the presence of a physical device used together with a password. if the physical device is lost or the password is compromised, security is still intact. nist?s authentication guideline [1] can be referred to for further details. multi-factor authentication requires a strong authentication. anticloning is safely implemented through one-way or mutual strong authentication. various authentication protocols exist (as specified in iso9798-2 [3] or fips196 [4] ), but the main method is the challenge response authentication : 1. the authenticator sends a challenge (e.g. a random number) to the equipment that must be authenticated (?the claimant?). 2. the claimant computes a digital signature of the combination of this challenge with an optional identifier, using a private or secret key. the requested signature is then returned to the authenticator.
4 tpr0433bx?sms?09/09 atvaultic400 3. the authenticator checks the signature using either the same secret key or the public key associated to the claimant?s private key and decides whether the claimant is authorized or not based on the signature verification result. this strong authentication method requires storing secret data. pure software multi-factor solu- tions are thus not reliable. numerous companies are now providing authentication solutions based on usb tokens. tokens connected through usb are a convenient solution since they require no additional hardware. atmel?s turnkey usb secure microcontroller solutions can help providers focus on their security model and their application without loosing too much time on tamper protection and other com- plex hardware security concerns. 1.3 secure storage if sensitive data is stored in files on a hard disk, even if those files are encrypted, the files can be stolen, cloned and subjected to various kinds of attacks (e.g. brute force or dictionary attack on passwords). therefore secure microcontrollers-based hardware tokens are a must. placing secrets outside the computer avoids risking exposure to malicious software, security breaches in web browsers, files stealing, etc. 1.4 flexibility the atvaultic400 product features: ? various communication interfaces including spi (serial protocol interface), i 2 c (twisted wire interface), usb (universal serial bus) and iso7816 smartcard interface. ? low pin count (reset, vcc, gnd, and communication interface specific pins) making integration into an existing board simple. atvaultic400 modules are available in small packages (soic8 or qfn20) to fit into the most size-constrained devices. ? low power consumption , in order to extend battery life in portable devices and low-power systems. atvaultic400 devices consume less than 400 a in standby mode, and only 10 to 20 ma during cpu-intensive operations depending on the required action. ? embedded firmware that provides advanced functions: ? secure storage : a fully user-defined non-volatile storage of sensitive or secret data. ? identity-based authentication with user, administrator and manufacturer roles supported. ? administration mode to manage user authentication data and security features ? manufacturer mode to initialize the file system content and module parameters. ? cryptographic command set to perform cryptographic operations using keys and data from the file system including: authentication, digital signature, encryption/decryption, hash, one-time password generation, random generation and public key pair generation. ? public domain cryptographic algorithms such as des, 3des, aes, rsa ? pkcs#1 v2.1, dsa, ec-dsa, mac using des, 3des or aes ? cryptographic protocols such as secret-key unilateral or mutual authentication [3] and public key based unilateral or mutual authentication [4] . ? secure channel protocol using 3des or aes. ? robust communication protocol stacked over the physical communication interfaces.
5 tpr0433bx?sms?09/09 atvaultic400 ?starter kit with rsa ? pkcs#11 [5] and microsoft ? ms-capi [6] libraries. atmel?s application note [7] presents examples of efficient and cost effective ip protection appli- cations utilizing secure chips in various embedded systems. 1.5 typical application the atvaultic400 is a turnkey solution that combines powerful cryptographic capabilities and secure data storage. ink cartridge, access control or smart meters are some examples of use of the atvaultic400. below is described an example of an atvaultic400 product used in a typical application : smart meters. metering (e.g. smart electric counters) involves a lot of know-how from the manufacturer and stakes financial transactions (billing). how to implement an electric meter that prevents tamper- ing with electric consumption measurements, secures the transmissions to the servers, and protects itself against reverse engineering? the architecture exposed below can answer these concerns. figure 1-1. secure metering application for more details about the architecture, please refer to the application note ?how to secure smart meters using atvaultic products? [7] . display main processor keyboard meter security module security module host electricity company
6 tpr0433bx?sms?09/09 atvaultic400 1.6 ordering information 1.6.1 legal a non-disclosure agreement must be signed with atmel. an export license for cryptographic hardware/software must be granted. 1.6.2 quotation and volume for the minimum order of quantity and the annual volume, please contact your local atmel sales office. 1.6.3 part number 1.6.4 starter kit the atvaultic starter kit provides an easy path to master the cryptographic and secure data storage features of the atvaultic secure modules. the content is : ? atvaultic400 samples with 1 dedicated test socket ? 1 generic usb to spi / i2c / iso7816 adapter ? 1 cd-rom containing a support documentation set (getting started, application notes, reference design), some demo applications to get an insight into the atvaultic features, the ?at98 manager? tool to design the file system and to personalize samples, a hardware independent cryptographic api with source code. 1.6.5 demo kit tbd reference description atvaultic400 -z atvaultic400 chip in qfn20 package atvaultic400 -r atvaultic400 chip in soic8 package atvaultic-stk02-400z starter kit for atvaultic400 in qfn20 package atvaultic-stk02-400r starter kit for atvaultic400 in soic8 package
7 tpr0433bx?sms?09/09 atvaultic400 1.7 software and hardware architecture the atvaultic400 software architecture is as exposed on the diagram below. figure 1-2. software and hardware architecture crypto services ( mac,signature,) application management & data storage administration services tdes eeprom ram device crypto library rng (file system) (key management) memory management communication stack (t=0, t=1..) spi / i2c / iso7816 atvaultic hardware secureavr core power hardware security management public key crypto engine authentication application interface (rsa, 3des, aes...) spi i2c iso 7816
8 tpr0433bx?sms?09/09 atvaultic400 2. detailed features 2.1 communication interfaces the atvaultic400 embeds the following communication interfaces: ? spi : up to 4 mbps ? i2c : up to 400 kbps ? iso7816 : up to 625 kbps 2.2 security mechanisms the table below summarizes the cryptographic algorithms, and their identifiers, supported by the atvaultic400. table 2-1. supported algorithms table cryptographic services supported algorithms algo identifier strong authentication ? generic: iso/iec 9798-2 / fips 196 unilateral authentication protocol iso/iec 9798-2 mutual authentication protocol ? password authentication - ? global platform v2.2 secure channel 02 (scp02) using 3des ? global platform v2.2 secure channel 03 (scp03) using aes - ? microsoft card minidriver - public key-pair generation ? rsa key-pair generation ? elliptic curves key-pair generation ? dsa key-pair generation ? kgen_rsa ?kgen_ecdsa ? kgen_dsa cmac (cipher-based message authentication codes) ? iso/iec 9797-1 cbc-mac algorithm 1 using 3des with 112-bit keys ? iso/iec 9797-1 cbc-mac algorithm 3 using des with 56-bit keys ? nist sp 800-38b aes cmac ? alg_mac_iso9797_alg1_3des_ ede ? alg_mac_iso9797_alg3_des ? alg_cmac_aes hmac (hash-based message authen- tication codes) ? fips 198 hmac with sha-1 or sha-256 ? alg_hmac message signature ? pkcs#1 v2.1 rsassa pss ? pkcs#1 v2.1 rsassa-pkcs1-v1_5 ? fips 186-2 ecdsa ? fips 186-2 dsa ? alg_rsassa_pkcs_pss ? alg_rsassa_pkcs ? alg_ecdsa ? alg_dsa
9 tpr0433bx?sms?09/09 atvaultic400 message encryption block ciphering: ?des ?3des-ede ?3des-eee ?aes ? alg_des ? alg_3des_ede ? alg_3des_eee ? alg_aes block chaining modes: ?ecb ?cbc ?ofb ?cfb ? cha_ecb ?cha_cbc ?cha_ofb ?cha_cfb padding methods: ? no padding ? method 1 ? method 2 ? pkcs 5 ? pkcs 7 ?pad_none ? pad_method_1 ? pad_method_2 ? pad_pkcs5 ? pad_pkcs7 encryption: ? pkcs#1 v2.1 rsaes-oaep ? pkcs#1 v2.1 rsaes-pkcs1-v1.5 ? raw rsa x509 with no padding ? alg_rsaes_pkcs_oaep ? alg_rsaes_pkcs ? alg_rsaes_x509 hotp - one-time password generation ? fips 198 hmac algorithm with sha1 digest ? alg_hotp message digest ?sha-1 ? sha-224 ? sha-256 ? alg_sha1 ? alg_sha224 ? alg_sha256 random number generation ? fips 140-2 lvl3 using 3des - cryptographic services supported algorithms algo identifier
10 tpr0433bx?sms?09/09 atvaultic400 3. product characteristics 3.1 command timings (t=25c) table 3-1. command timings table the table below includes only the atvaultic400 internal process. communi- cation protocol overhead and device-side process are excluded. caution ! command (or batch of commands) context min. typ. max. unit encryption / decryption des-ecb, 258 bytes data tbd ms encryption / decryption 3des-ecb, 258 bytes data tbd ms encryption / decryption aes tbd ms encryption rsaes-oaep 1024-bit rsa key, public exp 2 16+1 tbd ms encryption rsaes-oaep 2048-bit rsa key, public exp 2 16+1 tbd ms encryption rsaes-oaep 4096-bit rsa key, public exp 2 16+1 tbd ms decryption rsaes-oaep 1024-bit rsa key, public exp 2 16+1 tbd ms decryption rsaes-oaep 2048-bit rsa key, public exp 2 16+1 tbd ms decryption rsaes-oaep 4096-bit rsa key, public exp 2 16+1 tbd ms decryption rsaes-oaep 4096-bit rsa crt key, public exp 2 16+1 tbd ms signature / verification mac des algo 3 padding m2, 258 bytes data tbd ms signature / verification mac des algo 1 padding m2, 258 bytes data tbd ms signature / verification rsassa-pss 1024-bit rsa key, public exp 2 16+1 tbd ms signature / verification rsassa-pss 2048-bit rsa key, public exp 2 16+1 tbd ms signature / verification rsassa-pss 4096-bit rsa key, public exp 2 16+1 tbd ms signature / verification rsassa-pkcs-v1_5 1024-bit rsa key, public exp 2 16+1 tbd ms signature / verification rsassa-pkcs-v1_5 2048-bit rsa key, public exp 2 16+1 tbd ms signature / verification rsassa-pkcs-v1_5 4096-bit rsa key, public exp 2 16+1 tbd ms signature / verification dsa tbd ms signature / verification ecdsa tbd ms signature / generation mac des algo 3 padding m2, 258 bytes data tbd ms signature / generation mac des algo 1 padding m2, 258 bytes data tbd ms signature / generation rsassa-pss 1024-bit rsa key, public exp 2 16+1 tbd ms signature / generation rsassa-pss 2048-bit rsa key, public exp 2 16+1 tbd ms signature / generation rsassa-pss 4096-bit rsa key, public exp 2 16+1 tbd ms signature / generation rsassa-pkcs-v1_5 1024-bit rsa key, public exp 2 16+1 tbd ms signature / generation rsassa-pkcs-v1_5 2048-bit rsa key, public exp 2 16+1 tbd ms
11 tpr0433bx?sms?09/09 atvaultic400 signature / generation rsassa-pkcs-v1_5 4096-bit rsa key, public exp 2 16+1 tbd ms signature / generation dsa tbd ms signature / generation ecdsa tbd ms key generation ecc tbd ms key generation rsa 1024-bits, public exp 2 16+1 tbd tbd tbd ms key generation rsa 2048-bits, public exp 2 16+1 tbd tbd tbd ms key generation rsa 4096-bits, public exp 2 16+1 tbd tbd tbd ms key generation dsa tbd tbd tbd ms command (or batch of commands) context min. typ. max. unit
12 tpr0433bx?sms?09/09 atvaultic400 3.2 maximum ratings table 3-2. absolute maximum ratings (1) notes: 1. stresses beyond those listed under ?absolute maximum ratings? may cause permanent dam- age to the device. this is a stress rating only and functional operation of the device at these or other conditions beyond those indicated in the operational sections of this specification is not implied. exposure to absolute maximum rating conditions for extended periods may affect device reliability. 3.3 ac/dc characteristics (1.62v - 5.5v range; t= -25c to +85c) table 3-3. ac/dc characteristics (1.62v - 5.50v range; t= -25c to +85c) operating temperature ..................................................................................................... -25 c to +85 c supply voltage v cc .............................................................................................................. -0.3v to +7.5v input voltage v in ........................................................................................................v ss -0.3v to v cc +0.3v maximum operating voltage ...................................................................................................... ........ 7.5v dc current v cc and gnd pins.......................................................................................................... tbd symbol parameter condition min. typ. max. unit v cc supply voltage 1.62 5.5 v v ss ground v max voltage monitor: high level detection 7 v v min voltage monitor: low level detection 3v, 5v 1.8v, 3v, 5v 2.4 1.5 v t max temperature monitor: high level detection 85 c t min temperature monitor: low level detection -25 c v ih input high voltage - i/o0,clk,rst, miso,mosi,sck, spi_sel, ss,a0..4 0.7*v cc v cc +0.3 v v il input low voltage- - i/o0,clk,rst, miso,mosi,sck, spi_sel, ss,a0..4 v ss -0.3 0.2*v cc v i ih leakage high current- i/o0,clk,rst, miso,mosi,sck, spi_sel, ss,a0..4 v in = v ih -10 10 a i il leakage low current - i/o0,clk,rst, miso,mosi,sck, spi_sel, ss,a0..4 v in = v il -40 10 a v ol output low voltage - i/o 0,ss output low voltage - a0..4,miso, mosi, sck i ol =1ma 0 0 0.08*v cc 0.15*v cc v v oh output high voltage - i/o 0,ss, a0..4, miso, mosi, sck i oh = 1ma 0.7*v cc v cc v
13 tpr0433bx?sms?09/09 atvaultic400 r i/o pin pull-up i/o0, rst,spi_sel,ss 220 kohm f sck spi clock (input) duty cycle=40% to 60% 0.1 4 mhz t r i/o output rise time (hrd mode) c out =30pf r pullup =20kohm 1 s t f i/o output fall time c out =30pf r pullup =20kohm 1 s i cc typical current at 25c - chip in low power mode: ?400 a when external clock supplied ?400 a when no external clock is supplied (clk signal in high state) - chip awaken, no crypto running: ? 6ma when external clock supplied ? 10ma when no external clock is supplied (clk signal in high state) - additional consumption during rsa/ecc authentication: ? 4ma when external clock supplied ? 20ma when no external clock is supplied (clk signal in high state) - additional consumption during des computations: ? 4ma when external clock supplied ? 10ma when no external clock is supplied (clk signal in high state) symbol parameter condition min. typ. max. unit
14 tpr0433bx?sms?09/09 atvaultic400 3.4 timings 3.4.1 i2c timings the table below describes the requirements for devices connected to the i2c bus. the atvaultic400 i2c interface meets or exceeds these requirements under the noted conditions. timing symbols refer to figure 3-1 . table 3-4. i2c requirements figure 3-1. i2c timings symbol parameter condition min max unit t r rise time for both sda and scl tbd tbd ns t of output fall time from v ihmin to v ilmax tbd tbd ns f scl scl clock frequency tbd 100 khz t hd;sta hold time (repeated) start condition tbd tbd s t low low period of the scl clock tbd tbd s t high high period of the scl clock tbd tbd s t su;sta set-up time for a repeated start condition tbd tbd s t hd;dat data hold time tbd tbd s t su;dat data setup time tbd tbd ns t su;sto setup time for stop condition tbd tbd s t buf bus free time between a stop and start condition tbd tbd s t su;sta t low t high t low t of t hd;sta t hd;dat t su;dat t su;sto t buf scl sda t r
15 tpr0433bx?sms?09/09 atvaultic400 3.4.2 spi timings the table below describes the requirements for devices connected to the spi. the atvaultic400 spi meets or exceeds these requirements under the noted conditions. see figure 3-2 for details. table 3-5. spi timing parameters figure 3-2. spi timings see figure description condition min typ max unit 9ss low to out tbd ns 10 sck period tbd ns 11 sck high/low tbd ns 12 rise/fall time tbd ns 13 setup tbd ns 14 hold tbd ns 15 sck to out tbd ns 16 sck to ss high tbd ns 17 ss high to tri-state tbd ns 18 ss low to sck tbd ns mi so (data output) sck (cpol = 1) mo si (data input) sck (cpol = 0) ss msb lsb lsb msb ... ... 10 11 11 12 13 14 17 15 9 x 16
16 tpr0433bx?sms?09/09 atvaultic400 3.5 connexions for typical application figure 3-3. atvaultic400 connexions for i 2 c typical application figure 3-4. atvaultic400 connexions for spi typical application figure 3-5. atvaultic400 connexions for iso7816 typical application c1 vcc c2 r1 rst scl sda / spi_sel scl sda reset vcc vcc atvaultic400 host gnd r2 vcc a0..a4 address selection c1 vcc c2 rst reset vcc vcc atvaultic400 host gnd spi_sel miso mosi sck mosi miso sck ss ss c1 c2 rst i/o0 clk i/o0 clk reset vcc cvcc atvaultic400 sc reader gnd r1 vcc gnd
17 tpr0433bx?sms?09/09 atvaultic400 table 3-6. external components, bill of materials 3.6 pin & package configuration 3.6.1 pin configuration table 3-7. pin list configuration others pins are not connected (do not connect to gnd). configuration reference description typ.value comment i 2 c r1, r2 pull-up resistors 2.2 k recommended c1 power supply decoupling capacitors 4.7 f recommended c2 power supply decoupling capacitors 10 nf recommended spi c1 power supply decoupling capacitors 4.7 f recommended c2 power supply decoupling capacitors 10 nf recommended iso7816 r1 pull-up resistor 20 k usually on reader side c1 power supply decoupling capacitors 4.7 f usually on reader side c2 power supply decoupling capacitors 10 nf usually on reader side designation pin # description qfn 20 soic8/spi soic8/iso a0 1 -- i2c address selection line a0 a1 2 -- i2c address selection line a1 a2 3 -- i2c address selection line a2 rst 4 67 cpu reset vcc 5 78 power supply miso 6 8- spi master input slave output mosi 10 1- spi master output slave input gnd 11 21 ground (reference voltage) scl / ss 12 3- i2c scl / spi slave select sda / spi_sel 13 4- i2c sda / spi/i2c selection pin io0 13 -3 iso7816 i/o 0 a3 14 -- i2c address selection line a3 a4 15 -- i2c address selection line a4 sck 16 5- spi master clock clk / gnd 20 -5 iso7816 clk / ground
18 tpr0433bx?sms?09/09 atvaultic400 3.6.2 pinouts for packages qfn20 and soic8 figure 3-6. pinout atvaultic400 - package qfn20 note: the exposed pad is connected to gnd pin internally. so it is recommended to connect it to gnd. figure 3-7. pinout atvaultic400 - package soic8 - spi and i2c configurations 20 index corner a0 miso sck 19 18 17 16 6 7 8 9 10 15 14 13 12 11 1 2 3 4 5 a1 a2 rst vcc gnd mosi a3 a4 clk / gnd atvaultic400 qfn20 sda / spi_sel / io0 scl / ss atvaultic400 soic8 / spi / i2c index corner mosi gnd 1 2 3 4 8 7 6 5 miso vcc rst sck scl / ss sda / spi_sel
19 tpr0433bx?sms?09/09 atvaultic400 figure 3-8. pinout atvaultic400 - package soic8 - iso configuration atvaultic400 soic8 / iso7816 index corner gnd io0 1 2 3 4 8 7 6 5 vcc clk rst
20 tpr0433bx?sms?09/09 atvaultic400 3.6.3 packages characteristics figure 3-9. soic-8 package characteristics common dimensions (unit of measure = mm) symbol min nom max note notes: 1. this drawing is for general information only; refer to eiaj drawing edr-7320 for additional information. 2. mismatch of the upper and lower dies and resin burrs are not included. 3. it is recommended that upper and lower cavities be equal. if they are different, the larger dimension shall be regarded. 4. determines the true geometric position. 5. values b and c apply to pb/sn solder plated terminal. the standard thickness of the solder layer shall be 0.010 +0.010/-0.005 mm. a 1.70 2.16 a1 0.05 0.25 b 0.35 0.48 5 c 0.15 0.35 5 d 5.13 5.35 e1 5.18 5.40 2, 3 e 7.70 8.26 l 0.51 0.85 ? 0? 8? e 1.27 bsc 4 end view side view e b a a1 d e n 1 c e1 ? l top view
21 tpr0433bx?sms?09/09 atvaultic400 figure 3-10. qfn-20 package characteristics
22 tpr0433bx?sms?09/09 atvaultic400
23 tpr0433bx?sms?09/09 atvaultic400 definitions and abbreviations 3des / tdes triple des algorithm aes advanced encryption standard algorithm as defined in fips pub 197 apdu application protocol data unit as defined in iso7816-3 authentication an identification or entity authentication technique assures one party (the verifier), through acquisi- tion of corroborative evidence, of both the identit y of a second party involved, and that the second (the claimant) was active at the time the ev idence was created or acquired. (from handbook of applied cryptography) assp application specific standard product cbc cipher block chaining method applied to block ciphers cfb cipher feedback register chaining method applied to block ciphers cmac cipher-based message authentication code cpu central processing unit cryptographic key a bit string used as a secret parameter by a cryptographic algorithm. to prevent a key from being guessed, keys need to be generated truly randomly and contain sufficient entropy. des data encryption standard algorithm as defined in fips pub 46-3 device any cpu with master or slave capability dsa digital signature algorithm as defined in fips pub 186-2 ecb electronic code book chaining method applied to block ciphers ecdsa elliptic curves dsa as defined in fips pub 186-2 eeprom electrically erasable programmable read-only memory fat file allocation table - file system from microsoft ? fips federal information processing standards fips-approved an algorithm or technique that is specified or adopted in fips hmac hash-based message authentication code as defined in fips pub 198 host entity that communicates (directly or not) with the device hotp hmac-based one time password algorithm as defined in rfc 4226 iso7816 smart card interface mac message authentication code - a bit string of fixed length, computed by a mac generation algo- rithm, that is used to establish the authenticity and, hence, the integrity of a message. master the device that initiates and terminates a transmission. the master also generates the clock for syn- chronous interface. nist national institute of standards and technology nvm non volatile memory (eeprom, flash, ?) ofb output feedback register chaining method applied to block ciphers
24 tpr0433bx?sms?09/09 atvaultic400 rsa rivest shamir adleman algorithm scp secure channel protocol as defined by globalplatform sha secure hash algorithm slave the device addressed by a master spi serial protocol interface strong authentication exchange of messages during which a claimant proves its identity to a verifier by demonstrating its knowledge of a secret but without revealing it twi / i 2 c two wire interface and inter integrated circuit bus respectively
25 tpr0433bx?sms?09/09 atvaultic400 referenced documents [1] atmel corporation. at98so generic datasheet. tpr0395ax-july2009 (availbale under non-disclosure agreement signed with atmel). [2] nist sp 800-63 - electronic authentication guideline - april 2006 [3] iso9798 - 2 entity authentication - part 2 : mechanisms using symmetric encipherment algorithms. july 1999 [4] fips pub 196. entity authenticationusing public key cryptography. feb 1997. [5] rsa laboratories. pkcs #11 v2.20: cyrptograhic token interface standard. june 2004. [6] microsoft - smart card minidriver specification for windows base cryptographic ser- vice provider (base csp) and smart card key storage provider (ksp) version 5.07 - september 2007 [7] atmel corporation. how to secure smart meters using atvaultic products. xxxx-2009
26 tpr0433bx?sms?09/09 atvaultic400 datasheet revision history rev ax - 15 july 2009 : initial version rev bx - 29 september 2009 : update product name
27 tpr0433bx?sms?09/09 atvaultic400 1 overview ................................................................................................... 3 1.1 tampering resistance ........................................................................................3 1.2 authentication capability ....................................................................................3 1.3 secure storage ..................................................................................................4 1.4 flexibility ............................................................................................................4 1.5 typical application .............................................................................................5 1.6 ordering information ..........................................................................................6 1.6.1 legal ................................................................................................................. 6 1.6.2 quotation and volume ...................................................................................... 6 1.6.3 part number ...................................................................................................... 6 1.6.4 starter kit .......................................................................................................... 6 1.6.5 demo kit ........................................................................................................... 6 1.7 software and hardware architecture .................................................................7 2 detailed features ..................................................................................... 8 2.1 communication interfaces .................................................................................8 2.2 security mechanisms ........................................................................................8 3 product characteristics ........................................................................ 10 3.1 command timings (t=25c) ...........................................................................10 3.2 maximum ratings ............................................................................................12 3.3 ac/dc characteristics (1.62v - 5.5v range; t= -25c to +85c) ...................12 3.4 timings ............................................................................................................14 3.4.1 i2c timings ...................................................................................................... 14 3.4.2 spi timings ..................................................................................................... 15 3.5 connexions for typical application .................................................................16 3.6 pin & package configuration ...........................................................................17 3.6.1 pin configuration ............................................................................................ 17 3.6.2 pinouts for packages qfn20 and soic8 ....................................................... 18 3.6.3 packages characteristics ................................................................................ 20
tpr0433bx?sms?09/09 headquarters international atmel corporation 2325 orchard parkway san jose, ca 95131 usa tel: 1(408) 441-0311 fax: 1(408) 487-2600 atmel asia unit 01-05 & 16, 19/f bea tower, millennium city 5 418 kwun tong road kwun tong, kowloon hong kong tel: (852) 2245-6100 fax: (852) 2722-1369 atmel europe le krebs 8, rue jean-pierre timbaud bp 309 78054 saint-quentin-en- yvelines cedex france tel: (33) 1-30-60-70-00 fax: (33) 1-30-60-71-11 atmel japan 9f, tonetsu shinkawa bldg. 1-24-8 shinkawa chuo-ku, tokyo 104-0033 japan tel: (81) 3-3523-3551 fax: (81) 3-3523-7581 product contact web site www.atmel.com technical support at98sc@atmel.com sales contact www.atmel.com/contacts literature requests www.atmel.com/literature disclaimer: the information in this document is provided in connection with at mel products. no license, expres s or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of atmel products. except as set forth in atmel?s terms and condi- tions of sale located on atmel?s web site, atmel assumes no liability whatsoever and disclaims any express, implied or statutor y warranty relating to its products including, but not limited to, the implied warranty of merchantability, fitness for a particu lar purpose, or non-infringement. in no event shall atmel be liable for any direct, indirect, conseque ntial, punitive, special or i nciden- tal damages (including, without limitation, damages for loss of profits, business interruption, or loss of information) arising out of the use or inability to use this document, even if atmel has been advised of the possibility of such damages. atmel makes no representations or warranties with respect to the accuracy or comple teness of the contents of this document and reserves the rig ht to make changes to specifications and product descriptions at any time without notice. atmel does not make any commitment to update the information contained her ein. atmel?s products are not intended, authorized, or warranted for use as components in applications intended to support or sustain life. ? 2009 atmel corporation. all rights reserved. atmel ? , logo and combinations thereof, everywhere you are ? and others, are registered trade- marks or trademarks of atmel corporation or its subsidiari es. other terms and product names may be trademarks of others.


▲Up To Search▲   

 
Price & Availability of ATVAULTIC400-R

All Rights Reserved © IC-ON-LINE 2003 - 2022  
[Add Bookmark] [Contact Us] [Link exchange] [Privacy policy]
Mirror Sites :  [www.datasheet.hk]   [www.maxim4u.com]  [www.ic-on-line.cn] [www.ic-on-line.com] [www.ic-on-line.net] [www.alldatasheet.com.cn] [www.gdcy.com]  [www.gdcy.net]
 . . . . .
  We use cookies to deliver the best possible web experience and assist with our advertising efforts. By continuing to use this site, you consent to the use of cookies. For more information on cookies, please take a look at our Privacy Policy. X