This is a summary document.
The complete document is
available on the Atmel website
at www.atmel.com.
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
Features
One of a family of devices with user memory of 1 kilobit to 64 kilobits
Contactless 13.56MHz RF communications interface
ISO/IEC 14443-2:2001 Type B Compliant
ISO/IEC 14443-3:2001 Type B Compliant Anticollision Protocol
Command set optimized for multi-card RF communications
Tolerant of Type A Signaling for multi-protocol applications
Integrated 82pF tuning capacitor
User EEPROM memory
8 kilobits configured as eight 128-byte (1-Kbit) user zones
Byte, page, and partial page write modes
Self-timed write cycle
256-byte (2-Kbit) configuration zone
User-programmable Application Family Identifier (AFI)
User-defined Anticollision Polling Response
User-defined keys and passwords
High-security features
64-bit Mutual Authentication Protocol (under license of ELVA)
Encrypted checksum
Stream encryption
Four key sets for authentication and encryption
Eight sets of two 24-bit passwords
Password and authentication attempts counters
Selectable access rights by zone
Anti-tearing function
Tamper sensors
High reliability
Endurance: 100,000 write cycles
Data retention: 10 years
Operating temperature: −25°C to +85°C
AT88SC0808CRF
CryptoRF EEPROM Memory
13.56MHz, 8 Kilobits
SUMMARY DATASHEET
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
2
1. Description
The Atmel® CryptoRF® family integrates a 13.56MHz RF interface into an Atmel CryptoMemory®, resulting in a
contactless smart card with advanced security and cryptographic features. This device is optimized as a contactless
secure memory, for RF smart cards, and secure data storage, without the requirement of an internal microprocessor.
For communications, the RF interface utilizes the ISO/IEC 14443-2 and -3 Type B bit timing and signal modulation
schemes, and the ISO/IEC 14443-3 Slot-MARKER Anticollision Protocol. Data is exchanged half duplex at a 106-Kbit per
second rate, with a 2-byte CRC_B providing error detection capability. The maximum communication range between the
reader antenna and contactless card is approximately 10cm when used with an RFID reader that transmits the maximum
ISO/IEC 14443-2 RF power level. The RF interface powers the other circuits; no battery is required. Full compliance with
the ISO/IEC 14443-2 and -3 standards results in anticollision interoperability with the AT88RF020 2-Kbit RFID EEPROM
product and provides both a proven RF communication interface and a robust anticollision protocol.
The Atmel AT88SC0808CRF contains eight kilobits of user memory and two kilobits of configuration memory. The two
kilobits of configuration memory contain:
Eight sets of Read/Write passwords
Four Crypto key sets
Security access registers for each user zone
Password/Key registers for each zone
The CryptoRF command set is optimized for a multi-card RF communications environment. A programmable AFI register
allows this IC to be used in numerous applications in the same geographic area with seamless discrimination of cards
assigned to a particular application during the anticollision process.
2. Block Diagram
EEPROM
Command
and
Response
Data Transfer
Authentication
Encryption
and
Certification
Unit
Frame
Formatting
and
Error
Detection
Interface
Password
Verification
Anticollision
Random Number
Generator
RF Interface
AC1
AC2
Over
Voltage
Clamp
Modulator
Regulator
Rectifier
VSS
Clock
Extraction
Data
Extraction
CVDD
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
3
3. Communications
All personalization and communication with this device is performed through the RF interface. The IC includes an
integrated tuning capacitor, enabling it to operate with only the addition of a single external coil antenna.
The RF communications interface is fully compliant with the electrical signaling and RF power specifications in ISO/IEC
14443-2:2001 for Type B only. Anticollision operation and frame formatting are compliant with ISO/IEC 14443-3:2001 for
Type B only.
ISO/IEC 14443 nomenclature is used in this specification where applicable. The following abbreviations are utilized
throughout this document. Additional terms are defined in the section in which they are used.
Table 3-1. Terms
3.1 Anticollision Protocol
When the PICC enters the 13.56MHz RF field of the host reader (PCD), it performs a Power-On Reset (POR) function
and waits silently for a valid Type B Polling command. The CryptoRF PICC processes the anti-tearing registers as part of
the POR process.
The PCD initiates the anticollision process by issuing an REQB or WUPB command. The WUPB command activates any
card (PICC) in the field with a matching AFI code. The REQB command performs the same function but does not affect a
PICC in the Halt state. The CryptoRF command set is available only after the anticollision process has been completed.
3.2 CRC Error Detection
A 2-byte CRC_B is required in each frame transmitted by the PICC or PCD to permit transmission error detection. The
CRC_B is calculated on all of the command and data bytes in the frame. The SOF, EOF, start bits, stop bits, and EGT
are not included in the CRC_B calculation. The 2-byte CRC_B follows the data bytes in the frame.
Figure 3-1. Location of the Two CRC_B Bytes within a Frame
3.3 Type A Tolerance
The RF Interface is designed for use in multi-protocol applications. It will not latch or lock up if exposed to Type A signals
and will not respond to them. The PICC may reset in the presence of Type A field modulation but is not damaged by
exposure to Type A signals.
Abbrev. Term Definition
PCD Proximity Coupling Device The reader/writer and antenna.
PICC Proximity Integrated Circuit Card The tag/card containing the IC and antenna.
RFU Reserved for Future Use Any feature, memory location, or bit that is held as reserved for future use.
$ xx Hexadecimal Number Denotes a hex number “xx” (Most Significant Bit on left).
SOF K data bytes CRC1 CRC2 EOF
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
4
4. User Memory
The EEPROM user memory is divided into eight user zones as shown in Table 4-1. Multiple zones allow for different
types of data or files to be stored in different zones. Access to the user zones is allowed only after security requirements
have been met. These security requirements are defined by the user in the configuration memory during personalization
of the device. The EEPROM memory page length is 16 bytes.
Table 4-1. Memory Map
5. Configuration Memory
The configuration memory consists of 2048 bits of EEPROM memory used for storing system data, passwords, keys,
codes, and security-level definitions for each user zone. Access rights to the configuration zone are defined in the control
logic and may not be altered by the user. These access rights include the ability to program certain portions of the
configuration memory and then lock the data written through use of the security fuses.
5.1 Security Fuses
There are three fuses on the device that must be blown during the device personalization process. Each fuse locks
certain portions of the configuration memory as OTP memory. Fuses are designated for the module manufacturer, card
manufacturer, and card issuer and must be blown in sequence.
Zone $0 $1 $2 $3 $4 $5 $6 $7
User 0
$00
— 128 bytes
—
$78
User 1
—
—
—
User 6
$00
—
—
$78
User 7
$00
— 128 bytes
—
$78
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
5
6. Communication Security
Communication between the PICC and reader operates in three basic modes:
Standard Communication Security Mode — The default mode for the device after power-up and anticollision.
Authentication Communication Security Mode — Activated by a successful authentication sequence.
Encryption Communication Security Mode — Activated by a successful encryption activation sequence,
following a successful authentication.
Table 6-1. Configuration Security Modes
Notes: 1. Modification Detection Code.
2. Message Authentication Code.
6.1 Security Methodology
Figure 6-1. Security Methodology
6.2 Memory Access
Depending on the device configuration, the host will carry out the authentication protocol and/or present different
passwords for each operation: Read or Write. To insure security between the different user zones (multi-application
card), each zone can use a different set of passwords. A specific attempts counter for each password and for the
authentication provides protection against systematic attacks.
Communication Mode User Data Passwords Data Integrity Check
Standard Clear Clear MDC(1)
Authentication Clear Encrypted MAC(2)
Encryption Encrypted Encrypted MAC(2)
Device (Card)
Card Number
VERIFY A
Compute Challenge B
Challenge B
Check Password (RPW)
DATA
Checksum (CS)
Check Password (WPW)
VERIFY CS
Write DATA
Host (Reader)
COMPUTE Challenge A
Challenge A
VERIFY B
Read Password (RPW)
VERIFY CS (optional)
Write Password (WPW)
DATA
CS
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
6
7. Security Operations
7.1 Anti-tearing
In the event of a power loss during a write cycle, the integrity of the device’s stored data may be recovered. This function
is optional — The host may choose to activate the anti-tearing function depending on application requirements.
When anti-tearing is active, Write commands take longer to execute since more write cycles are required to
complete them.
Data writes are limited to 8-byte pages when anti-tearing is active.
Data is written first to a buffer zone in EEPROM instead of to the intended destination address, but with the same access
conditions. The data is then written to the required location. If this second write cycle is interrupted due to a power loss,
the device will automatically recover the data from the buffer zone at the next power-up.
7.2 Password Verification
Passwords may be used to protect user zone Read and/or Write access. When a password is presented using the Check
Password command, it is memorized and active until power is removed unless a new password is presented or a valid
DESELECT or IDLE command is received. Only one password is active at a time, but Write passwords also give Read
access.
7.3 Authentication Protocol
The access to a user zone may be protected by an authentication protocol in addition to password dependent rights.
Passwords are encrypted in authentication mode.
The authentication success is memorized and active as long as the chip is powered, unless a new authentication is
initialized or a valid DESELECT or IDLE command is received. If the new authentication request is not validated, the card
loses its previous authentication and it must be presented again. Only the last request is memorized.
7.4 Encryption
The data exchanged between the card and the reader during Read, Write, and Check Password commands may be
encrypted to ensure data confidentiality.
The issuer may choose to protect the access to a user zone with an encryption key by settings made in the configuration
memory. In that case, activation of the encryption mode is required in order to read/write data in the zone.
The encryption activation success is memorized and active as long as the chip is powered, unless a new initialization is
initiated or a valid DESELECT or IDLE command is received. If the new encryption activation request is not validated, the
card will no longer encrypt data during Read operations nor will it decrypt data received during Write or Check Password
operations.
7.5 Checksum
The PICC implements a data validity check function in the form of a checksum. The checksum may function in standard
or cryptographic mode. In the standard mode, the checksum is optional and may be used for transmission error
detection. The cryptographic mode is more powerful since it provides data origin authentication capability in the form of a
Message Authentication Code (MAC). To write data to the device, the host is required to compute a valid MAC and
provide it to the device. If after an in going command the device computes a MAC different from the. MAC transmitted by
the host, not only is the command abandoned but the cryptographic mode is also reset. A new authentication is required
to reactivate the cryptographic mode.
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
7
7.6 Initial Device Programming
CryptoRF is delivered with all security features disabled. To program the polling response or enable the security features
of CryptoRF, the device must be personalized by programming several registers. This is accomplished by programming
the configuration memory using simple Write and Read commands.
7.7 Transport Password
To gain access to the configuration memory, a transport password known as the secure code must be presented using
the Check Password command. The secure code for AT88SC0808CRF is $40 7F AB.
8. Tuning Capacitance
The capacitance between the coil pins AC1 and AC2 is 82pF nominal and may vary ±10% over temperature and process
variation.
9. Reliability
10. Ordering Information
Note: 1. Lead-free, halogen-free package. Exceeds RoHS requirements.
Parameter Min Typ Max Units
Write Endurance 100,000 — — Write Cycles
Data Retention 10 — — Years
Ordering Code Package
Tuning
Capacitor
Max
Range Temperature Range
AT88SC0808CRF-WA1 6mil Wafer, 150mm diameter
82pF
Industrial (25°C to 85°C)
AT88SC0808CRF-MR1 R Module Commercial (0°C to 70°C)
AT88SC0808CRF-MX1 MX1 RFID Tag, 13mm square
10 – 15mm Commercial (−25°C to 70°C)
AT88SC0808CRF-MVA1 RFID tag, 8.6mm x 18.1mm
Package Type Description
R Module 2-lead RF Smart Card Module, XOA2 style, RoHS Compliant
MX1 RFID Tag 13mm x 13mm Square Epoxy Glass RFID Tag on 35mm tape, Au finish, Green(1)
MVA1 RFID Tag 8.6mm x 18.1mm Rectangular Epoxy Glass RFID Tag on 35mm tape, Au finish, Green(1)
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
8
11. Packaging Information — Mechanical Drawings
11.1 Module R Package — Ordering Code: AT88SC0808CRF-MR1
Module Size: M5
Dimension: 5.06mm x 8.00mm
Glob Top: Square – 4.8mm x 5.1mm
Thickness: 0.38mm
Pitch: 9.5mm
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
9
11.2 MX1 Epoxy Glass RFID Tag — Ordering Code: AT88SC0808CRF-MX1
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
10
11.3 MVA1 Epoxy Glass RFID Tag — Ordering Code: AT88SC0808CRF-MVA1
5
cTBD
3
4
Tape Orientation Arrow
7
.165±0.025
Original vendor reference
for true position of
metal features.
4.75
18.10
8.60
.75±0.15
15.92 25.02
6.82
19
17.5
8
35
31.8
21.8
3.6
12.7
3.5
12.6
21.7
6.9
Electrical/Mechanical Reject Hole 2.2±0.3
2±0.3 Tape Supplier Reject Hole
7 MAX
7 MAX
7 MAX
AT88SC0808CRF [Summary Datasheet]
Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014
11
12. Revision History
Doc. Rev. Date Comments
5027GS 01/2014
Remove L01B sample option.
Add MVA1 ordering option.
Update footers and disclaimer page.
5027FS 10/2012 Changed commercial temperature range from 25C to -25C.
Changed industrial temperature range from -40C to 25C.
5027ES 09/2012
Remove MY1 package option.
Add MX1 package option.
Update template and Atmel logo.
5027DS 03/2009
X
XXX
XX
Atmel Corporation 1600 Technology Drive, San Jose, CA 95110 USA T: (+1)(408) 441.0311 F: (+1)(408) 436.4200 | www.atmel.com
© 2014 Atmel Corporation. / Rev.: Atmel-5027GS-CryptoRF-AT88SC0808CRF-Datasheet-Summary_012014.
Atmel®, Atmel logo and combinations thereof, CryptoMemory®, CryptoRF®, and others are registered trademarks or trademarks of Atmel Corporation or its
subsidiaries. Other terms and product names may be trademarks of others.
DISCLAIMER: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right
is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND CONDITIONS OF SALES LOCATED ON THE
ATMEL WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT
SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES
FOR LOSS AND PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this
document and reserves the right to make changes to specifications and products descriptions at any time without notice. Atmel does not make any commitment to update the information
contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel products are not intended,
authorized, or warranted for use as components in applications intended to support or sustain life.
SAFETY-CRITICAL, MILITARY, AND AUTOMOTIVE APPLICATIONS DISCLAIMER: Atmel products are not designed for and will not be used in connection with any applications where
the failure of such products would reasonably be expected to result in significant personal injury or death (“Safety-Critical Applications”) without an Atmel officer's specific written
consent. Safety-Critical Applications include, without limitation, life support devices and systems, equipment or systems for the operation of nuclear facilities and weapons systems.
Atmel products are not designed nor intended for use in military or aerospace applications or environments unless specifically designated by Atmel as military-grade. Atmel products are
not designed nor intended for use in automotive applications unless specifically designated by Atmel as automotive-grade.
