Features * A Family of nine Devices with User Memories from 1-Kbit to 256-Kbit * EEPROM User Memory Four, Eight or Sixteen Zones Self-timed Write Cycles Single-Byte or Multiple-Byte Page-Write Modes Programmable Access Rights for Each Zone * 2-Kbit Configuration Memory 37-byte OTP Area for User-defined Codes 160-byte Area for User-defined Keys and Passwords * High Security Features 64-bit Mutual Authentication Protocol (under license of ELVA) Encrypted Checksum Stream Encryption Four Key Sets for Authentication and Encryption Eight Sets of Two 24-bit Passwords Anti-tearing Function Voltage and Frequency Monitor * Embedded Application Features Low Voltage Operation: 2.7V to 5.5V Secure Nonvolatile Storage for Sensitive System or User Information 2-wire Serial Interface 1.0MHz Compatibility for Fast Operation Standard 8-lead Plastic Packages Same Pinout as 2-wire Serial EEPROM's * Smart Card Features Atmel CryptoMemory Specification Atmel AT88SC0104C Atmel AT88SC0204C Atmel AT88SC0404C Atmel AT88SC0808C Atmel AT88SC1616C Atmel AT88SC3216C Atmel AT88SC6416C Atmel AT88SC12816C Atmel AT88SC25616C ISO 7816 Class A (5V) or Class B (3V) Operation Synchronous 2-wire Serial Interface for Faster Device Initialization * ISO 7816-3 Asynchronous T = 0 Protocol (Gemplus(R) Patent) * Multiple Zones, Key Sets and Passwords for Multi-application Use Programmable 8-byte Answer-To-Reset Register ISO 7816-2 Compliant Modules * High Reliability Endurance: 100,000 Cycles Data Retention: 10 years ESD Protection: 4,000V * Note: Modules available with either 2-wire or T = 0 modes. 5211B-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table of Contents 1. Pin Configuration and Package Information .........................................................................................3 1.1. Pin Configuration ...........................................................................................................................3 1.2. Package Information .....................................................................................................................3 2. Description ................................................................................................................................................3 2.1. Embedded Applications .................................................................................................................4 2.2. Smart Card Applications ................................................................................................................4 2.3. Scope and Purpose of This Document .........................................................................................4 3. Pin Description .........................................................................................................................................5 3.1. Supply Voltage (VCC) .....................................................................................................................5 3.2. Clock (SCL/CLK) ...........................................................................................................................5 3.3. Serial Data (SDA/IO) .....................................................................................................................5 3.4. Reset (RST)...................................................................................................................................5 4. Detailed Description .................................................................................................................................6 4.1. User Memory .................................................................................................................................6 4.2. Control Logic .............................................................................................................................. 11 4.3. Configuration Memory ................................................................................................................ 11 5. Communication Security Modes.......................................................................................................... 15 5.1. Security Operations .................................................................................................................... 15 5.2. Data Protection Features ........................................................................................................... 18 5.3. Configuration Memory Values .................................................................................................... 19 5.4. Security Fuses ............................................................................................................................ 23 6. Protocol Selection ................................................................................................................................. 25 6.1. Synchronous Mode for Embedded Applications ........................................................................ 25 6.2. Asynchronous Mode for Smart Card Applications ..................................................................... 25 7. Synchronous Protocol .......................................................................................................................... 27 7.1. Start-up Sequence ..................................................................................................................... 27 7.2. Command Set ............................................................................................................................ 28 7.3. Command Format ...................................................................................................................... 29 7.4. Acknowledge Polling .................................................................................................................. 30 7.5. Device Addressing ..................................................................................................................... 30 7.6. Command Descriptions .............................................................................................................. 31 8. Initialization Example ............................................................................................................................ 39 8.1. Write Data to User Zones ........................................................................................................... 39 8.2. Unlock the Configuration Memory .............................................................................................. 39 8.3. Write Data to the Configuration Memory .................................................................................... 39 8.4. Set Security Fuses ..................................................................................................................... 39 9. Asynchronous T=0 Protocol ................................................................................................................ 42 9.1. Character Format ....................................................................................................................... 42 9.2. Command format ........................................................................................................................ 42 9.3. PPS Support ............................................................................................................................... 43 9.4. Command Set ............................................................................................................................ 45 1 5211B-SMIC-01/10 10. Initialization Example ............................................................................................................................ 55 10.1. Write Data to User Zones ........................................................................................................... 55 10.2. Unlock the Configuration Memory .............................................................................................. 55 10.3. Write Data to the Configuration Memory .................................................................................... 55 10.4. Set Security Fuses ..................................................................................................................... 55 11. Absolute Maximum Ratings* ................................................................................................................ 58 11.1. DC and AC Characteristics ........................................................................................................ 58 11.2. Timing Diagrams for Synchronous Communications ................................................................. 59 12. DC Tamper Detection Limits ................................................................................................................ 62 12.1. High Voltage and Low Voltage Limit .......................................................................................... 62 12.2. Minimum Clock Pulse ................................................................................................................. 62 12.3. Maximum Clock Frequency ........................................................................................................ 62 12.4. Power On Reset (POR) Delay.................................................................................................... 62 12.5. Noise Suppression ..................................................................................................................... 62 13. Ordering Information ............................................................................................................................ 63 Appendix A. Revision History ................................................................................................................ 64 2 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 1. Pin Configuration and Package Information 1.1. Pin Configuration Table 1. Package Pin Assignments Pad 1.2. Description ISO Module TWI Module "SOIC, PDIP" VCC Supply Voltage C1 C1 8 GND Ground C5 C5 4 SCL/CLK Serial Clock Input C3 C3 6 SDA/IO Serial Data Input/Output C7 C7 5 RST Reset Input C2 NC NC Package Information Figure 1. Package Configuration ISO Smart r Card Module VCC=C1 RST=C2 SCL/CLK=C3 NC=C4 C5=GND C6=NC C7=SDA/IO C8=NC 8-lead SOIC, PDIP NC NC NC GND 1 2 3 4 8 7 6 5 VCC NC SCL SDA TWI Smart Card Module VCC=C1 C5=GND NC=C2 C6=NC SCL/CLK=C3 NC=C4 2. C7=SDA/IO C8=NC Description Atmel(R) AT88SCxxxxC is a family of nine high-performance secure memory devices providing 1- to 256-Kbits of user memory with advanced built-in security and cryptographic features. The memory is divided into 4, 8 or 16 user zones each of which may be individually set with different security access rights or used together to effectively provide space for one or multiple data files. Atmel CryptoMemory(R) has a configuration memory that contains registers to define the security rights for each user zone and space for passwords and secret keys used by the security logic of CryptoMemory. Through dynamic, symmetric mutual authentication, data encryption, and the use of encrypted checksums, CryptoMemory provides a secure place for storage of sensitive information within a system. With its tamper protection circuits, this information remains safe even under attack. 3 5211C-SMIC-01/10 Atmel(R) CryptoMemory(R) also provides high security, low cost and ease of implementation of host-client type systems without the need for a microprocessor operating system. The embedded cryptographic engine provides for a dynamic, symmetric mutual authentication between the device and host, as well as performs stream encryption for all data and passwords exchanged between the device and host. Up to four unique key sets are available for these operations. 2.1. Embedded Applications A 2-wire serial interface running at 1.0MHz is used for fast and efficient communications with up to 15 devices that may be individually addressed. CryptoMemory is available in industry standard 8-lead packages with the same familiar pinout as 2-wire serial EEPROM's supporting only the synchronous communications protocol. 2.2. Smart Card Applications CryptoMemory offers the ability to communicate with virtually any smart card reader using the asynchronous T=0 protocol defined in ISO 7816-3. For devices with 32-Kbits of user memory and larger, communication speeds up to 153,600 baud are supported by utilizing ISO 7816-3 Protocol and Parameter Selection. All CryptoMemory devices in smart card module form will also communicate using a synchronous 2-wire serial interface. 2.3. Scope and Purpose of This Document This document covers all three major operational modes of CryptoMemory, namely Standard, Authentication, and Encryption Modes. This document provides all information necessary to take full advantage of the security capabilities of CryptoMemory. It is designed for use in conjunction with functional cryptographic libraries or companion hardware from Atmel. It therefore requires cryptographic library and or companion hardware documentation to complement its use. Please, contact your regional Atmel sales office for information on the most current version of functional libraries and/or available cryptographic companion hardware. Figure 2. Block Diagram VCC GND Power Management Authentication, Encryption and Certification Unit Synchronous Interface Data Transfer EEPROM SCL/CLK SDA/IO RST 4 Asynchronous ISO Interface Password Verification Reset Block Answer to Reset Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 3. 3.1. Pin Description Supply Voltage (VCC) The VCC input is a 2.7V to 5.5V positive voltage supplied by the host. 3.2. Clock (SCL/CLK) In the asynchronous T=0 protocol, the SCL/CLK input is used to provide the device with a carrier frequency f. The nominal length of one bit emitted on I/O is defined as an "elementary time unit" (etu) and is equal to 372/f. When the synchronous protocol is used, the SCL/CLK input is used to clock data in on the positive clock edge and clock data out on the negative clock edge. 3.3. Serial Data (SDA/IO) The SDA pin is bi-directional for serial data transfer. This pin is open-drain driven and may be wired with any number of other open drain or open collector devices. An external pull up resistor should be connected between SDA and VCC, a nominal value of 4.7K ohm may be used. The value of this resistor and the system capacitance loading the SDA bus will determine the rise time of SDA. This rise time will determine the maximum frequency during Read operations. Low value pull up resistors will allow higher frequency operations while drawing higher average power supply current. 3.4. Reset (RST) Atmel(R) CryptoMemory(R) provides an ISO 7816-3 compliant asynchronous answer-to-reset sequence. When the reset sequence is activated, the device will output the data programmed into the 64-bit answer-to-reset register. When RST is low, all internal logic, access-rights, and write cycles are in reset, except the asynchronous mode activation flag. A weak internal pull-up on the RST input pad allows the device to be used in synchronous mode without bonding RST. For synchronous only smart card applications, an external pull-up on RST is recommended to ensure synchronous operation under any system timings or conditions. CryptoMemory does not support a synchronous answer to reset sequence. The RST input is not available in the plastic package options for CryptoMemory. 5 5211C-SMIC-01/10 4. Detailed Description To enable the security features of Atmel(R) CryptoMemory(R), personalize the device by setting up registers and loading appropriate passwords and keys. Do these by programming the configuration memory using simple write and read commands. Gain access to the configuration memory by successfully presenting the secure code (Write 7 password). After writing and verifying data in the configuration memory, blow the security fuses to lock this information in the device. For additional information on personalizing CryptoMemory, please see the examples in the protocol sections of this specification on page 44. 4.1. User Memory The EEPROM user memory is divided into 4, 8 or 16 user zones. Multiple zones allow for the storage of different data types or files in different zones. Access to user zones is possible only after meeting security requirements. The customer defines these security requirements in the configuration memory during device personalization. When the same security requirements define access to multiple zones, the zones effectively serve as one large storage area albeit with the requirement to select each zone prior to access. Table 2 through Table 10 presents the memory map of the user zones for the different device densities. Table 2. Atmel AT88SC0104C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $00 User 0 32-bytes $18 $00 User 1 32-bytes $00 User 2 32-bytes $18 $00 User 3 32-bytes $18 Note: 6 Page size = 16-bytes Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 3. Atmel AT88SC0204C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $00 User 0 64-bytes $38 $00 User 1 64-bytes $38 $00 User 2 64-bytes $38 $00 User 3 64-bytes $38 Note: Page size = 16-bytes 7 5211C-SMIC-01/10 Table 4. Atmel AT88SC0404C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $5 $6 $7 $00 User 0 128-bytes $78 $00 User 1 128-bytes $78 $00 User 2 128-bytes $78 $00 User 3 128 -bytes $78 Note: Page size = 16-bytes Table 5. Atmel AT88SC0808C User Memory Zone $0 $1 $2 $3 $4 $00 User 0 128-bytes $78 User 1 $00 - User 6 $78 $00 User 7 128-bytes $78 Note: 8 Page size = 16-bytes Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 6. Atmel AT88SC1616C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $5 $6 $7 $00 User 0 128-bytes $78 User 1 $00 User 14 $78 $00 User 15 128-bytes $78 Note: Page size = 16-bytes Table 7. Atmel AT88SC3216C User Memory Zone $0 $1 $2 $3 $4 $00 User 0 256-bytes $F8 User 1 $00 User 14 $F8 $00 User 15 256-bytes $F8 Note: Page size = 64-bytes 9 5211C-SMIC-01/10 Table 8. Atmel AT88SC6416C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $5 $6 $7 $000 User 0 512-bytes $1F8 User 1 $000 User 14 $1F8 $000 User 15 512-bytes $1F8 Note: Page size = 64-bytes Table 9. Atmel AT88SC12816C User Memory Zone $0 $1 $2 $3 $4 $000 User 0 1024-bytes $3F8 User 1 $000 User 14 $3F8 $000 User 15 1024-bytes $3F8 Note: 10 Page size = 128-bytes Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 10. Atmel AT88SC25616C User Memory Zone $0 $1 $2 $3 $4 $5 $6 $7 $000 User 0 2048-bytes $7F8 User 1 $000 User 14 $7F8 $000 User 15 2048-bytes $7F8 Note: 4.2. Page size = 128-bytes Control Logic Access to the user zones occurs only through the device's control logic. This logic is configurable through proper programming of access, passwords and keys registers of the configuration memory during device personalization. This logic also implements the cryptographic engine for performing the various higher-level security functions of the device. 4.3. Configuration Memory The configuration memory consists of 2048-bits of EEPROM memory used for storing passwords, keys, codes and defining security levels to be used for each User Zone. The control logic defines access rights to the configuration memory as well as to the user zones and the user may not alter these rights. The access rights include the ability to program certain portions of the configuration memory and then lock the data written through the use of Security Fuses. The configuration memory for each Atmel(R) CryptoMemory(R) device is identical with the exception of the number of Access Registers and Password/Key Registers available. Devices with four user zones have four sets of registers, those with eight user zones eight sets of registers, and those with 16 user zones 16 sets of registers. Unused memory space in the register region becomes reserved to ensure other components of the configuration memory remain at the same address location regardless of the number of user zones in a device. 11 5211C-SMIC-01/10 Table 11. Atmel AT88SC0104C/0204C/0404C Configuration Memory $0 $1 $2 $3 $4 $5 $6 $7 Answer to Reset $00 Identification $08 Fab Code MTZ Card Manufacturer Code Lot History Code $10 $18 DCR $20 AR0 Read Only Identification Number Nc PR0 AR1 PR1 AR2 PR2 AR3 PR3 $28 Reserved $30 Access Control $38 $40 Issuer Code $48 $50 AAC0 Session Encryption Key S0 $58 $60 AAC1 AAC2 Cryptography Cryptogram C2 Session Encryption Key S2 $78 $80 Cryptogram C1 Session Encryption Key S1 $68 $70 Cryptogram C0 AAC3 Cryptogram C3 $88 Session Encryption Key S3 $90 Secret Seed G0 $98 Secret Seed G1 $A0 Secret Seed G2 $A8 Secret Seed G3 Secret $B0 PAC Write 0 PAC Read 0 $B8 PAC Write 1 PAC Read 1 $C0 PAC Write 2 PAC Read 2 $C8 PAC Write 3 PAC Read 3 $D0 PAC Write 4 PAC Read 4 $D8 PAC Write 5 PAC Read 5 $E0 PAC Write 6 PAC Read 6 $E8 PAC Write 7 PAC Read 7 $F0 Reserved Password Forbidden $F8 12 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 12. Atmel AT88SC0808C Configuration Memory $0 $1 $2 $3 $5 $6 $7 Answer to Reset $00 $08 $4 Fab Code MTZ Identification Card Manufacturer Code Lot History Code $10 Read Only $18 DCR Identification Number Nc $20 AR0 PR0 AR1 PR1 AR2 PR2 AR3 PR3 $28 AR4 PR4 AR5 PR5 AR6 PR6 AR7 PR7 $30 Access Control Reserved $38 $40 Issuer Code $48 $50 AAC0 Session Encryption Key S0 $58 $60 AAC1 AAC2 Cryptography Cryptogram C2 Session Encryption Key S2 $78 $80 Cryptogram C1 Session Encryption Key S1 $68 $70 Cryptogram C0 AAC3 Cryptogram C3 Session Encryption Key S3 $88 $90 Secret Seed G0 $98 Secret Seed G1 $A0 Secret Seed G2 $A8 Secret Seed G3 Secret $B0 PAC Write 0 PAC Read 0 $B8 PAC Write 1 PAC Read 1 $C0 PAC Write 2 PAC Read 2 $C8 PAC Write 3 PAC Read 3 $D0 PAC Write 4 PAC Read 4 $D8 PAC Write 5 PAC Read 5 $E0 PAC Write 6 PAC Read 6 $E8 PAC Write 7 PAC Read 7 Password $F0 Reserved Forbidden $F8 13 5211C-SMIC-01/10 Table 13. Atmel AT88SC1616C/3216C/6416C/12816C/25616C Configuration Memory $0 $1 $2 $3 $4 $5 $6 $7 Answer to Reset $00 Identification $08 Fab Code MTZ Card Manufacturer Code Lot History Code $10 Read Only $18 DCR Identification Number Nc $20 AR0 PR0 AR1 PR1 AR2 PR2 AR3 PR3 $28 AR4 PR4 AR5 PR5 AR6 PR6 AR7 PR7 $30 AR8 PR8 AR9 PR9 AR10 PR10 AR11 PR11 $38 AR12 PR12 AR13 PR13 AR14 PR14 AR15 PR15 Access Control $40 Issuer Code $48 $50 AAC0 Session Encryption Key S0 $58 $60 AAC1 AAC2 Cryptography Cryptogram C2 Session Encryption Key S2 $78 $80 Cryptogram C1 Session Encryption Key S1 $68 $70 Cryptogram C0 AAC3 Cryptogram C3 Session Encryption Key S3 $88 $90 Secret Seed G0 $98 Secret Seed G1 $A0 Secret Seed G2 $A8 Secret Seed G3 Secret $B0 PAC Write 0 PAC Read 0 $B8 PAC Write 1 PAC Read 1 $C0 PAC Write 2 PAC Read 2 $C8 PAC Write 3 PAC Read 3 $D0 PAC Write 4 PAC Read 4 $D8 PAC Write 5 PAC Read 5 $E0 PAC Write 6 PAC Read 6 $E8 PAC Write 7 PAC Read 7 $F0 Reserved Password Forbidden $F8 14 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5. Communication Security Modes Communication between the device and host operates in three basic modes. Standard mode is the default mode for the device after power-up. Authentication mode is activated by a successful authentication sequence. Encryption mode is activated by a successful encryption activation following a successful authentication. Data transferred to and from the device is handled per the following table. Table 14. Communication Security Modes Mode Configuration Data User Data Passwords Data Integrity Check Standard/Password clear clear clear N/A Authentication clear clear encrypted MAC Encryption clear encrypted encrypted MAC Note: 5.1. Configuration data includes the entire configuration memory except the passwords MAC: Message Authentication Code Security Operations 5.1.1. Password Verification The use of passwords protects read and write accesses to the user zones. Any one of eight password sets is available for assignment to any user zone through configuration of access registers. Atmel(R) CryptoMemory(R) provides separate 24-bit passwords for read and write operations. Read passwords grant only read accesses to zones under password protection, while write passwords grant both read and write accesses. Successful presentation of any password renders the verify password command active until the presentation of another password or device reset. Only one password may be active at a time. Presenting incorrect passwords decrements the value of the corresponding password attempts counter (PAC). Decrementing the PAC to $00 permanently disables the corresponding password and permanently renders the corresponding user zone(s) under protection inaccessible. Operation in authentication or encryption mode requires encryption of passwords for all password transactions. Figure 3. Password Verification CryptoMemory Device Command/Communications Host Logic Verify Password VERIFY Password Allow Access Send Password encrypted if performed after Mutual Authentication 15 5211C-SMIC-01/10 5.1.2. Mutual Authentication The use of a mutual authentication protocol further protects access to user zones. Any one of four key sets is available for assignment to any user zone through configuration of access registers. Each key set consists of a secret seed, a cryptogram, and a session encryption key. A Verify Crypto command exists to allow the use of any one of the key sets to enter authentication mode. Each successful entry into authentication mode renders the mode active until the next call to the Verify Crypto command or device reset. Only one key set may be active at anytime. Unsuccessful calls of the Verify Crypto command exits authentication mode and decrements the value of the authentication attempts counter (AAC) register. Decrementing AAC to $00 permanently disables the corresponding key set and permanently renders the corresponding user zone(s) under protection inaccessible. Entry into authentication mode is a process through which the host and Atmel(R) CryptoMemory(R) device mutually authenticate one another. First, the host generates a 64-bit random number, reads a current cryptogram from the device, and uses this information in conjunction with the corresponding secret seed to generate a 64-bit challenge for the device. The host also generates a new cryptogram and session encryption key in the process. The host then sends the challenge and random number to the device by calling the Verify Crypto command. The device utilizes the random number from the host to generate its own challenge, new cryptogram and session encryption key. It then compares its challenge to the one from the host. If the challenges match, then the device declares the host authentic, overwrites its corresponding current cryptogram and session encryption key with the new ones. To complete the mutual authentication, the host reads the new cryptogram from the device and compares it with its newly calculated cryptogram. The new cryptogram from the device serves as a challenge to the host. If the cryptograms match then the device is authentic. Only an authentic pair of host and device can generate the same challenges and cryptograms. Mutual authentication requires the use of the Verify Authentication variant of the Verify Crypto command (see Table 25, "Atmel CryptoMemory Synchronous Command Set," on page 28 or Table 34, "Atmel CryptoMemory Asynchronous Command Set," on page 45). Figure 4. The Mutual Authentication Process CryptoMemory Device Device Info, Cryptogram [Secret Seed] Command/Communications Read Config Zone Host Logic Read Device Info, Cryptogram Compute Secret Seed Generate Random Number Verify Authentication Compute Challenge A Compute Challenge A Verify Challenge A Compute Challenge B Compute Session Key Compute Challenge B Compute Session Key Allow Access 16 Read Config Zone Read Challenge B Verify Challenge B Allow Access Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5.1.3. Data Encryption Atmel(R) CryptoMemory(R) allows the use of encryption between a host system and the CryptoMemory device to protect the confidentiality of data during read-write accesses and verify password operations. To enable encryption, the host must call the Verify Crypto command with a valid session encryption key when the device is already in active authentication mode. The session encryption key must belong to the active authentication key set. The host may enable encryption at any time after which data content of communication between host and device user zones becomes encrypted. If a user zone configuration in the Access Register requires encryption, however, then the host must enter encryption mode and must encrypt all data content to and from the zone in the remainder of the active encryption session in order to communicate with the zone. CryptoMemory does not encrypt system zone data except for password and password attempt counters. Passwords and password attempt counters require encryption during active authentication or encryption modes. Each successful entry into encryption mode renders the mode active for the current key set until the next call to the Verify Crypto command or device reset. Only one key set may be active at anytime. Unsuccessful calls of the Verify Crypto command exits both encryption and authentication modes and decrements the value of the authentication attempts counter (AAC) register. Decrementing AAC to $00 permanently disables the corresponding key set and permanently renders the corresponding user zone(s) under protection inaccessible. Activating encryption is similar in process to activating authentication with the exception that the session encryption key replaces the secret seed. The process uses the Verify Encryption variant of the Verify Crypto command (see Table 25, "Atmel CryptoMemory Synchronous Command Set," on page 28 or Table 34, "Atmel CryptoMemory Asynchronous Command Set," on page 45). Figure 5. Encryption Activation Process from Active Authentication Mode CryptoMemory Device Command/Communications Session Key, Cryptogram Compute Challenge A Session Key, Cryptogram Generate Random Number Verify Encryption Verify Challenge A Compute Challenge B Enable Encryption Host Logic Compute Challenge A Compute Challenge B Read Config Zone Read Challenge B Verify Challenge B 5.1.4. Encrypted Checksum CryptoMemory implements a data validity check function in the form of an encrypted checksum. This checksum provides a bi-directional data integrity check and data origin authentication capability in the form of a Message Authentication Code (MAC): only the host/device that carried out a valid authentication is capable of computing a valid MAC. When writing data to the CryptoMemory device in authentication or encryption communication modes, the host must send a valid checksum immediately following the write command. If the checksum is invalid, the device rejects the write command and resets the device security privileges. The host must reinitiate entry into authentication and, if applicable, encryption modes to continue. The use of checksum is optional when reading data. Calls to the read checksum command resets device security so its use is recommended only at the completion of all data read operations from the device. 17 5211C-SMIC-01/10 5.2. Data Protection Features Security operations control access to data stored in Atmel(R) CryptoMemory(R). After gaining access, additional options exist to protect data in the user memory. 5.2.1. Modify Forbidden The Modify Forbidden option renders the user zone read-only by restricting all write operations to it. It is recommended to program all required data in the user zone prior to enabling this option. Modify Forbidden is available for any user zone and is selectable by configuring appropriate Access Registers. 5.2.2. Program Only The Program Only option constrains data bit modification to programming from logic "1" to logic "0" only. Data bits may never change from logic "0" to logic "1". Program Only is available for any user zone and is selectable by configuring appropriate Access Registers. 5.2.3. Write Lock The Write Lock option provides ability to render individual bytes within a user zone read-only by restricting all write operations to it. It operates on 8-byte page level whereby the lowest addressed byte of the page serves as the write access control byte for that page. Table 15 shows the use of write lock for data at addresses $080 - $087. The byte at $080 controls write access to bytes from $080 to $087. Table 15. Write Lock example Address $080 $0 $1 $2 $3 $4 $5 $6 $7 11011001 xxxx xxxx locked xxxx xxxx locked xxxx xxxx xxxx xxxx xxxx xxxx locked xxxx xxxx xxxx xxxx The Write Lock option also applies to the access control byte for each page by writing its least significant (rightmost) bit to logic "0". Moreover, only logic modifications from logic "1" to logic "0" of the access control byte are permissible. Write Lock is available for any user zone and is selectable by configuring appropriate access registers. Furthermore, configuring a user zone with the Write Lock option restricts writing to that zone to a byte at a time. Attempts to write several bytes within a command result in writing only the first byte. 5.2.4. Anti-tearing (Power Loss Protection) In the event of a power loss during a write cycle, the integrity of the device's stored data may be recovered. This function is optional and the host may choose to activate the anti-tearing function for any write to a user zone or configuration memory by use of the appropriate B4 System WRITE command. When anti-tearing is active, write commands will take longer to execute since more write cycles are required. Additionally, the data written is limited to 8-bytes. Data is written first to a buffer zone in EEPROM instead of the intended destination address in the user zone or configuration memory, but with the same access conditions. If this write cycle is interrupted the original data remains intact in the user zone or configuration memory. The data is then written in the required memory location. If this second write cycle is interrupted the device will automatically recover the data from the system buffer zone at the next powerup and write it to the intended destination address. In two-wire mode, the host is required to perform ack polling for 18ms after each write command when anti-tearing is active. At power-up five clock cycles are required to check the anti-tearing flags. In the event that the device needs to carry out the data recovery process the host is required to perform ack polling for 14ms. 18 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5.3. Configuration Memory Values This section describes each individual field in the configuration memory. 5.3.1. Default Values Atmel(R) programs certain fields of the configuration memory at the factory. The customer may elect to change the content of all of these fields except for the Lot History Code field, which is permanently locked. Atmel programs the remainder of the fields, including all of the configuration memory and user zones to ones prior to releasing the device from the factory. Table 16 summarizes device fields Atmel programs at the factory. A brief description of each field follows. Table 16. Factory Programmed Fields ATR Fab Code Lot History code Write 7 Password (Secure Code) Atmel AT88SC0104C 3B B2 11 00 10 80 00 01 10 10 Variable, locked DD 42 97 Atmel AT88SC0204C 3B B2 11 00 10 80 00 02 20 20 Variable, locked E5 47 47 Atmel AT88SC0404C 3B B2 11 00 10 80 00 04 40 40 Variable, locked 60 57 34 Atmel AT88SC0808C 3B B2 11 00 10 80 00 08 80 60 Variable, locked 22 E8 3F Atmel AT88SC1616C 3B B2 11 00 10 80 00 16 16 80 Variable, locked 20 0C E0 Atmel AT88SC3216C 3B B3 11 00 00 00 00 32 32 10 Variable, locked CB 28 50 Atmel AT88SC6416C 3B B3 11 00 00 00 00 64 64 40 Variable, locked F7 62 0B Atmel AT88SC12816C 3B B3 11 00 00 00 01 28 28 60 Variable, locked 22 EF 67 Atmel AT88SC25616C 3B B3 11 00 00 00 02 56 58 60 Variable, locked 17 C3 3A Device 5.3.2. Answer To Reset (ATR) This is an 8-byte wide register with content that Atmel defines. This register is read/write accessible prior to blowing the FAB fuse, but becomes read-only after blowing the fuse. 5.3.3. Fab Code This field is a 16-bit wide register with content that Atmel defines. This field is read/write accessible prior to blowing the FAB fuse, but becomes read-only after blowing the fuse. 5.3.4. Memory Test Zone (MTZ) This field is a 16-bit wide register with open read/write access privileges at all times for testing basic communication to the device. This field is free of all security constraints at all times. 5.3.5. Card Manufacturer Code This field is a 32-bit wide register with read/write access privileges for the customer to define its content. The content of this field becomes read-only after blowing the PER fuse. 5.3.6. Lot History Code This field is a 64-bit wide register with content that Atmel defines. This field is read-only. 5.3.7. Issuer Code This field is a 128-bit wide register with read/write access privileges for customer to define its content. The content of this field becomes read-only after blowing the PER fuse. 19 5211C-SMIC-01/10 5.3.8. Device Configuration Register (DCR) This 8-bit register allows selection of the following device configuration options (active low). The values programmed have an immediate effect on the logic of the device. The default value is "1" for each bit. Figure 6. Device Configuration Register (DCR) Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 SME UCR UAT ETA CS3 CS2 CS1 CS0 SME - Supervisor Mode Enable Asserting this bit (SME = "0") enables supervisor mode for Write 7 password such that verifying Write 7 password grants read and write accesses to all password sets and PACs. Verifying Write 7 password does not grant access to other passwords when this bit is not asserted (SME = "1"). UCR - Unlimited Checksum Reads Asserting this bit (UCR = "0") allows unlimited number of checksum reads without requiring a new authentication. Not asserting this bit (UCR = "1") limits the read of checksum to one attempt after which the device resets the crypto algorithm after executing the Read Checksum command. UAT - Unlimited Authentication Trials Asserting this bit (UAT = "0") disables the Authentication Attempts Counter (AAC) thus allowing unlimited authentication attempts. The AAC decrements after each unsuccessful attempt but the internal logic ignores it value. Asserting this bit also prevents reset of the crypto algorithm after reading the MAC in encryption mode. The UAT bit does not affect the Password Attempts Counter. ETA - Eight Trials Allowed Asserting this bit (ETA = "0") extends the trials limit to eight incorrect attempts to authenticate or verify a password. The counter (AAC or PAC) will decrement ($FF, $FE, $FC, $F8, $F0, $E0, $C0, $80, $00) with each incorrect attempt. Disabling this bit (ETA = "1") limits authentication and password verification trials to only four incorrect attempts ($FF, $EE, $CC, $88, $00). CS0 - CS3: Programmable Chip Select (only relevant in synchronous protocol) The four most significant bits (b4 - b7) of every command comprise the Chip Select Address. All Atmel(R) CryptoMemory(R) devices will respond to the default Chip Select Address of $B (1011). Each device also responds to a second Chip Select Address programmed into CS0-CS3 of the Device Configuration Register. By programming each device to a unique Chip Select Address, it is possible to connect up to 15 devices on the same Serial Data bus and communicate individually to each. Global communications to all devices sharing the bus is accomplished using the default Chip Select Address $B. 20 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5.3.9. Access Registers Four, eight, or sixteen 8-bit access registers allow personalization of the device. Each access register works in conjunction with a Password/Key register to define the security settings for each individual zone of the user memory. Values in the access registers take immediate effect after programming. The default value for each bit is "1". Table 17. Access Register Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 PM1 PM0 AM1 AM0 ER WLM MDF PGO PM(1:0) Password Mode Table 18. Password Mode PM0 PM1 Access 1 1 No Password required 1 0 Write Password required 0 * Read and Write Passwords required When PM = "11", the user zone under protection requires no password. When PM = "10", the zone requires Write Password verification for writing and reading is free. When PM = "01" or "00", reading requires the read password verification and writing requires write password verification. However, proper verification of the Write Password also grants read access. The password set required is specified by PW(3:0) in the corresponding Passwords/Keys Register (see following section). Verification of the write password also allows modification of the read and the write passwords, for each password set. AM(1:0) - Authentication mode Table 19. Authentication Mode AM1 AM0 1 1 No Authentication required Access 1 0 Authentication for Write 0 1 Normal Authentication Mode 0 0 Dual Access Mode When AM = "11", the user zone under protection requires no authentication. When AM = "10", the zone requires authentication only for write accesses and read accesses are free. When AM = "01", the zone requires authentication for both write and read accesses. In both of these configurations, the Authentication Key (AK) in the corresponding Passwords/Keys Register specifies the required Secret Seed and corresponding cryptogram, and when applicable the session encryption key(see following section). Finally, when AM = "00", the dual access mode is active in which authentication using the Program Only Key (POK) gives a right to read and program the zone (i.e. write '0's only), while authentication using the Authentication Key (AK) gives full read and write access to the zone. In this way, a token application may be implemented, whereby regular hosts with knowledge of POK may decrement the stored value, and only master hosts with knowledge of AK may reset the token to its full value. Please see the following section on the Passwords/Keys Register for further definition of POK and AK. Note: 1. When AM = "00", the POK bits in the corresponding Password/Key Register are ignored 2. When AM = `00' and PGO = `0'; bits in the zone may not be written to `1' even when using the AK 3. Requiring authentication automatically requires the use of secure checksums for write operations (See "Encrypted Checksum" on page 17) 21 5211C-SMIC-01/10 ER - Encryption Required When ER = "0", the host is required to activate the encryption mode in order to read/write the corresponding user zone. No data read from or written to the zone may be transmitted in the clear. If ER = "1", the host may activate the encryption mode, but isn't specifically required to do so by the device. WLM - Write Lock Mode Asserting this bit (WLM = "0") divides the user zone into 8-byte pages. The first byte of each page becomes the Write Lock Byte and defines the locked/unlocked status for each byte in the page. Write access is forbidden to a byte if its associated bit in the Write Lock Byte is set to "0". Bit seven controls byte seven; bit six controls byte six, etc. By setting bit 0 to "0" locks the Write Lock Byte itself. Enabling Write Lock Mode limits write operations to one byte at a time. MDF - Modify Forbidden Asserting this bit (MDF = "0") renders the user zone read-only at all times. The user zone must, therefore, be programmed before setting this bit to "0" PGO - Program Only Asserting this bit (PGO = "0") allows changing of data within the user zone under protection from "1" to "0" and never from "0" to "1". 5.3.10. Password/Key Registers Four, eight or sixteen 8-bit Password/Key registers receive definition during device personalization. Each Password/Key register works in conjunction with a corresponding Access register to define the security settings of each zone. The values programmed have an immediate effect on the logic of the device. The default value is "1" for each bit. Bit 3 is reserved and should be left as value "1." Table 20. Password/Key Register Definition Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 AK1 AK0 POK1 POK0 Res PW2 PW1 PW0 AK(1:0) - Authentication Key These bits define which of the four secret seeds G0-G3 must be used in an authentication to allow access to the user zone if authentication is selected in the corresponding access register. Each access register may point to a unique authentication secret, or access registers for multiple zones may point to the same authentication secret. In this case authentication with a single secret seed will open several zones. POK(1:0) - Program Only Key When the user zone has the dual access mode selected (AM = "00"), these bits define which of the four secret seeds G0-G3 must be used in an authentication to allow read and program (i.e. write '0's only) access to the user zone. PW(2:0) - Password Set These bits define which of the eight password sets must be presented to allow access to the user zone when the password mode is selected. 5.3.11. Identification Number A 56-bit number the customer defines during personalization. It is recommended that a unique identification number be assigned to each device. 5.3.12. Cryptograms (C0 - C3) Each of these fields contains a 56-bit cryptogram for use during authentication. The internal logic modifies the cryptogram each time it successfully verifies the authentication. The customer may program an initial value for the cryptogram during personalization. It is recommended that the initial values be diversified or random. 22 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5.3.13. Session Keys (S0 - S3) Each of these fields contains a 64-bit session key for use during encryption. The internal logic modifies the session key each time it successfully processes authentication or encryption verification. The session keys do not require initial values and thus programming of initial values is not necessary. 5.3.14. Secret Seeds (G0-G3) Each of these fields contains a 64-bit secret seed that is used in conjunction with the corresponding cryptogram and session key during the authentication and encryption sequences. The customer programs the secret seeds during device personalization. 5.3.15. Password Sets The password fields contain eight sets of two 24-bit passwords for read and write operations. The customer defines the values of these passwords during personalization. Successfully verifying the write password allows modification of the read and the write passwords of the same set. 5.3.16. Secure Code The secure code is the Write 7 password. Properly presenting this password grants write access to the configuration memory during personalization. Atmel(R) defines the initial value of the secure code but the customer may change these values after successful presentation during a verify Write 7 password operation. Table 16 on page 19, show the secure codes for the various devices as they leave the Atmel factory. After blowing the PER fuse, verifying Write 7 password no longer grant write access to the configuration memory, and the configuration memory becomes read-only thereafter. 5.3.17. Password Attempts Counters (PAC) Each of the sixteen PAC fields contains an 8-bit attempts counter for the verify password process. Each PAC corresponds to a password. The attempts counter limits the number of incorrect consecutive presentations of the corresponding password to four, after which it locks the password from future use. The PAC will decrement ($FF, $EE, $CC, $88, $00) with each incorrect attempt to present the password. The PAC permanently locks the corresponding password once its value reaches $00. Prior to reaching $00, any correct presentation of the password resets the PAC value to $FF. 5.3.18. Authentication Attempts Counters (AAC) Each of the four AAC fields contains an 8-bit attempt counter for the authentication process. Each AAC field corresponds to each authentication key set. The attempts counter limits the number of incorrect consecutive attempts to authenticate to four, after which it locks the authentication key set from future use. The AAC will decrement ($FF, $EE, $CC, $88, $00) with each incorrect attempt to authenticate. The AAC permanently locks the corresponding key set once its value reaches $00. Prior to reaching $00, any correct attempt to authenticate resets the AAC value to $FF. 5.4. Security Fuses Atmel CryptoMemory(R) uses four fuses. The status of these fuses is given in a `fuse byte.' A value of `0' indicates that the fuse has been blown. Bits four to seven of this byte are not used as Security Fuses and are reserved for Atmel use. Table 21. Device Fuses F7 F6 F5 F4 F3 F2 F1 F0 resv resv resv resv SEC PER CMA FAB The bits, SEC, PER, CMA and FAB are non-volatile fuses blown at the end of various steps in the manufacturing and personalization process. Once blown, these fuses can never be reset. Atmel blows the SEC fuse to lock the lot history code before the device leaves the factory. Blowing the remainder of the fuses must follow the sequence: 23 5211C-SMIC-01/10 FAB To lock the Answer To Reset and the Fab Code portions of the Configuration Memory. CMA To lock the Card Manufacturer Code of the Configuration Memory PER To lock the remainder of the Configuration Memory Any attempt to blow a fuse out of sequence will be unsuccessful. Table 22 provides a summary of access rights for all portions of the memory for each fuse condition. Table 22. Fuse Access Rights Summary Fuse Zone Operation SEC = 0 FAB = 0 CMA = 0 PER = 0 Identification (Except MTZ and CMC) Read Free Free Free Free Write Secure Code Forbidden Forbidden Forbidden Memory Test Zone (MTZ) Read Free Free Free Free Card Manufacturer Code (CMC) Read Free Free Free Free Write Secure Code Secure Code Forbidden Forbidden Read Only (Lot History Code) Read Free Free Free Free Write Forbidden Forbidden Forbidden Forbidden Read Free Free Free Free Write Secure Code Secure Code Secure Code Forbidden Cryptography (Except Encryption Keys S) Read Free Free Free Free Write Secure Code Secure Code Secure Code Forbidden Encryption Keys (S) Read Secure Code Secure Code Secure Code Forbidden Secure Code Secure Code Secure Code Forbidden Secure Code Secure Code Secure Code Write PW Read Free Free Free Free Write Secure Code Secure Code Secure Code Write PW Forbidden Forbidden Forbidden Forbidden AR AR AR AR Access Control Write Write Read Secret Write Read Passwords Password Attempts Counters (PAC) Write Read Forbidden Write Read User Zones Note: 24 Write AR: Access Rights are defined by the Access Registers PW: Password Secure Code: Write 7 password is the Secure Code until the PER fuse is blown Forbidden: No access is permitted Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 6. Protocol Selection Atmel(R) CryptoMemory(R) supports two application areas with different communication protocols: a 2-wire serial communication for embedded applications and an ISO 7816 asynchronous T=0 smart card interface. The power-up sequence of CryptoMemory determines what mode it shall operate in. A brief description of each of these modes follows. 6.1. Synchronous Mode for Embedded Applications The 2-wire serial interface is used for fast and efficient communication with logic and controllers. The synchronous mode is the default after powering up VCC due to the internal and/or external pull-up on RST. For embedded applications using CryptoMemory in standard plastic packages RST is not bonded out and this is the only communication protocol. Power-up VCC, RST goes high also. After stable VCC, apply 5 pulses CLK-SCL CLK-SCL and I/O-SDA may then be driven. Figure 7. Asynchronous Mode Vcc I/O-SDA RST CLK-SCL 1 2 3 4 5 The asynchronous mode is selected when RST is low on a rising edge of CLK. Once the asynchronous mode has been selected, it is not possible to return to the synchronous mode other than by powering the device off and on again. 6.2. Asynchronous Mode for Smart Card Applications The asynchronous T=0 protocol defined by ISO 7816-3 is used for compatibility with the industry standard smart card readers. Selecting this mode requires the following power-up sequence, which complies with ISO 7816-3 for a cold reset in smart card applications. * * * * Power up VCC; RST, IO-SDA and CLK-SCL are low Set I/O-SDA in receive mode Provide a clock signal to CLK-SCL RST goes high after 400 clock cycles The device will respond with a 64-bit ATR code, including historical bytes to indicate the memory density within the CryptoMemory family. The 64-bit ATR code comes from a register that contains the characters shown in Table 23 on page 26 and Table 24 on page 26. The historical bytes (T1, T2, T3) show the density of the CryptoMemory device. This register may be modified during personalization but is locked when the PER fuse is blown. Care must be taken to respect the applicable standards defining the ATR value if operating in asynchronous mode. The CryptoMemory device will always output all 8-bytes in response to the asynchronous ATR command regardless of the contents of the register. 25 5211C-SMIC-01/10 Table 23. ATR Codes for Lower Density Atmel CryptoMemory Device TS T0 TA(1) TB(1) TD(1) TA(2) T1 T2 Atmel AT88SC0104C $3B $B2 $11 $00 $10 $80 $00 $01 Atmel AT88SC0204C $3B $B2 $11 $00 $10 $80 $00 $02 Atmel AT88SC0404C $3B $B2 $11 $00 $10 $80 $00 $04 Atmel AT88SC0808C $3B $B2 $11 $00 $10 $80 $00 $08 Atmel AT88SC1616C $3B $B2 $11 $00 $10 $80 $00 $16 Table 24. ATR Codes for Higher Density Atmel CryptoMemory Device TS T0 TA(1) TB(1) TD(1) T1 T2 T3 Atmel AT88SC3216C $3B $B3 $11 $00 $00 $00 $00 $32 Atmel AT88SC6416C $3B $B3 $11 $00 $00 $00 $00 $64 Atmel AT88SC12816C $3B $B3 $11 $00 $00 $00 $01 $28 Atmel AT88SC25616C $3B $B3 $11 $00 $00 $00 $02 $56 Once the asynchronous mode has been selected, it is not possible to switch to the synchronous mode without powering off the device. Figure 8. Power Up Sequence for Smart Card Mode Vcc I/O-SDA ATR RST CLK-SCL After a successful ATR, the Protocol and Parameter Selection (PPS) protocol defined by ISO 7816-3 may be used to negotiate the communications speed with Atmel(R) CryptoMemory(R) devices 32-Kbits and larger in user memory. CryptoMemory supports D values of 1, 2, 4, 8, 12 and 16 for an F value of 372. CryptoMemory also supports D values of 8 and 16 for F = 512. This allows selection of 8 communications speeds ranging from 9600 baud to 153,600 baud. Smart card applications that support the 2-Wire protocol can also use CryptoMemory in the synchronous mode. 26 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 7. Synchronous Protocol Communication with the Atmel(R) CryptoMemory(R) using the synchronous protocol is very similar to communication with Atmel AT24Cxxx Serial EEPROM devices using a two-wire protocol (TWI). Basic command structure and timing are the same however a significant difference exists when reading the CryptoMemory device that will be described below. 7.1. Start-up Sequence When first powering up the device, five pulses are required on CLK-SCL for reading of internal registers. This may be accomplished by sending one full command byte to the device. The device will not respond but will then be ready to respond to the next correct command sequence. * * * * Power-up VCC External pull-up resistor pulls I/O-SDA high with VCC After stable VCC, 5 pulses are applied to CLK-SCL CLK-SCL and I/O-SDA may be driven. Figure 9. Start-up Sequence Vcc I/O-SDA CLK-SCL 1 2 3 4 5 27 5211C-SMIC-01/10 7.2. Command Set The command set of Atmel(R) CryptoMemory(R) is expanded compared to a Serial EEPROM as the functionality of CryptoMemory exceeds that of a simple memory device. Each instruction sent to the CryptoMemory must have 4-bytes: Command, Address 1, Address 2 and N. The last byte, N, defines the number of any additional data bytes to be sent or received from the CryptoMemory device. Table 25. Atmel CryptoMemory Synchronous Command Set Command Description Write User Zone System Read Addr 2 N Data (N) Normal (Atmel AT88SC0104C-AT88SC1616C) $B0 addr addr N $10 N-bytes Normal (Atmel AT88SC3216C, AT88SC6416C) $B0 addr addr N $40 N-bytes Normal Atmel AT88SC12816C, AT88SC25616C) $B0 addr addr N $80 N-bytes with Anti-Tearing (all devices) $B0 addr addr N $08 N-bytes $B2 addr addr Write Config Zone (Atmel AT88SC0104C-AT88SC1616C) $B4 $00 addr N $10 N-bytes Write Config Zone (Atmel AT88SC3216C, AT88SC6416C) $B4 $00 addr N $40 N-bytes Write Config Zone (Atmel AT88SC12816C, AT88SC25616C) $B4 $00 addr N $80 N-bytes Write Fuses $B4 $01 fuse ID $00 Send Checksum $B4 $02 $00 $02 Set User Zone $B4 $03 zone $00 Write Config Zone with Anti-Tearing $B4 $08 addr Set User Zone with Anti-Tearing $B4 $0B zone Read Conifg Zone $B6 $00 addr N Read Fuse Byte $B6 $01 $00 $01 Read Checksum $B6 $02 $00 $02 Verify Authentication $B8 $0X $00 $10 8-random bytes + 8 challenge bytes X= key set (0-3) Verify Encryption $B8 $1X $00 $10 8-random bytes + 8-challenge bytes X= key set (0-3) Write Password $BA $0X $00 $03 3-byte password X=password set (0-7) Read Password $BA $1X $00 $03 3-byte password X=password set (0-7) Read User Zone System WRITE Command Addr 1 N 2-bytes N $08 N-bytes $00 Verify Crypto Verify Password 28 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 7.3. Command Format Most Atmel(R) CryptoMemory(R) commands have the same format as a two-wire interface (TWI) write command. The TWI write command is characterized by a zero in the LSB of the first byte (device address). The numbers of word address bytes in a TWI write command will vary depending on the size of the memory being addressed. All bytes whether part of the command or data are generated by the host and sent to the memory device that will acknowledge each byte. Figure 10. TWI Write Command S T A R T Device Address Word Address 1 Word Address 2 N Data Data X N xxxx xxx0 xxxx xxxx xxxx xxxx xxxx xxxx d7--- ---d0 d7--- ---d0 A C K A C K A C K A C K A C K S T O P A C K All CryptoMemory commands will have a zero for the LSB of the first byte. All CryptoMemory commands will have 4-bytes used for defining the command and addressing the memory. All but the CryptoMemory read commands will send an additional 0- to 128-bytes of data following the four command bytes. These commands comply with the format of a TWI write command. The CryptoMemory read commands (Read User Zone, System Read) do not comply with the format of a TWI write or read command. The CryptoMemory read command looks like a TWI write command (LSB of the first byte = 0) but after the fourth byte of the command the CryptoMemory device will begin to send data back on the bus. The number of bytes sent by CryptoMemory will be equal to the value of N. Figure 11. CryptoMemory Read Command S T A R T Command Address 1 xxxx 0x10 Address 2 xxxx xxxx A C K N xxxx xxxx A C K xxxx xxxx A C K NS AT CO KP A C K d7--- ---d0 A C K Data d7--- ---d0 Data x N The response of CryptoMemory will cause contention with the host on a standard TWI bus. Typically CryptoMemory cannot be used on a standard TWI bus but requires a modified TWI protocol to account for the unique read command format. 29 5211C-SMIC-01/10 7.4. Acknowledge Polling Each command is ended with a stop condition. Certain commands are required to be followed by an acknowledge polling sequence. Acknowledge polling consists of sending a start condition followed by the command byte and determining if the device responded with an ACK. If the device is not ready for the command it will not acknowledge and the sequence must be repeated (start condition, command byte, check for ACK). The ACK indicates the operation has completed but gives no indication of the success or failure of the command. Read Commands: No ACK polling required Write Commands: ACK polling required except encrypted write commands. Any command may be used Set commands: No ACK polling required Verify commands: ACK polling required with B2 or B6 commands only The following table lists the specific requirements for ACK polling and the maximum expected delay before the device will ACK indicating readiness for the next command. Table 26. Minimum Delay for ACK Polling for each Command Command Description Write User Zone Command Addr 1 Addr 2 N Normal $B0 addr addr N Required, any CMD 5ms Normal with Anti-Tearing Encrypted $B0 addr addr N Required, any CMD 20ms $B0 addr addr N No, Send Checksum 0 Encrypted with Anti-Tearing $B0 addr addr N No, Send Checksum 0 $B2 addr addr N Not Required 0 Write Config Zone $B4 addr addr N Required, any CMD 5ms Write Fuses $B4 $00 fuse ID $00 Required, any CMD 5ms Send Checksum $B4 $01 $00 $02 Required, any CMD 5ms Send Checksum with Anti-Tearing $B4 $02 $00 $02 Required, any CMD 20ms Set User Zone $B4 $03 zone $00 Not Required 0 Write Config Zone with Anti-Tearing $B4 $08 addr N Required, any CMD 20ms Set User Zone with Anti-Tearing $B4 $0B zone $00 Not Required 0 Read Config Zone $B6 $00 addr N Not Required 0 Read Fuse Byte $B6 $01 $00 $01 Not Required 0 Verify Authentication $B8 $0X $00 $10 Required; B2 or B6 only 10ms Verify Encryption $B8 $1X $00 $10 Required; B2 or B6 only 10ms Write Password $BA $0X $00 $01 Required; B2 or B6 only 10ms Read Password $BA $1X $00 $03 Required; B2 or B6 only 10ms Read User Zone System WRITE System Read Verify Crypto Verify Password Note: 7.5. ACK Polling CMD Delay Delays are based on operation at 25 C. Device Addressing The first nibble of the command byte corresponds to the device address. All Atmel(R) CryptoMemory(R) devices will respond to the device address $B. A specific device may be set to respond to another value ($0 to $F) in addition to $B by setting this value in the second nibble of the Device Configuration Register (DCR) in the configuration memory. The DCR is set to $FF at the Atmel factory and thus will respond to device address $B and $F unless the DCR is modified. For a device to respond only to $B the DCR should be set to $B also. 30 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 7.6. Command Descriptions In the following section operations are described in two parts: the instruction is described first from a functional point of view (parameters and data exchanged), after which they are detailed for the synchronous two-wire protocol. In these diagrams, values are shown in binary format with bits to the left transmitted first, i.e. bytes are transmitted most significant bit first. 7.6.1. Write User Zone: $B0 Functional Figure 12. Write User Zone Command Functional Description Host Device Command Address 1 Address 2 Number of bytes N Data N data bytes ... Data The Write User Zone command $B0 allows writing of data in the device's currently selected user zone (the procedure for selecting a user zone is described below, see "Section 7.6.3, System Write: $B4" ). The data byte address to be written is defined by Address 1 and Address 2 in the command. The value N defines how many bytes to write. The maximum number of bytes that may be written is as follows; * $10 for Atmel(R) AT88SC0104C through Atmel AT88SC1616C (EEPROM page size of 16-bytes) * $40 for Atmel AT88SC3216C and Atmel AT88SC6416C (EEPROM page size of 64-bytes) * $80 for Atmel AT88SC12816C and Atmel AT88SC25616C (EEPROM page size of 128-bytes) In anti-tearing mode the maximum value for N is $08 for all devices. A write in anti-tearing mode is activated with the Set User Zone with Anti-Tearing command; all subsequent writes to the user zone will be in anti-tearing mode. A write may be started in the middle of an EEPROM page but should not extend past the end of the page. If the host is not allowed to write in the zone, the device will not acknowledge the N-byte. After this command the host must perform ACK polling unless operating in the encrypted mode, then this command must be followed by the Send Checksum command. Figure 13. Write User Zone S T A R T Command Address 1 1011 0000 Address 2 xxxx xxxx A C K xxxx xxxx A C K xxxx xxxx A C K Data x N Data N d7--- ---d0 A C K S T O P d7--- ---d0 A C K A C K 31 5211C-SMIC-01/10 7.6.2. Read User Zone: $B2 Functional Figure 14. Read User Zone Command Functional Description Host Device Read Command Address 1 Address 2 Number of bytes N Data ... N data bytes Data The Read User Zone command $B2 allows reading of data from the device's currently selected user zone (the procedure for selecting a user zone is described below under Section 7.6.3). The data byte address to be read is defined by Address 1 and Address 2 in the command and is internally incremented following the transmission of each data byte. The value N defines how many bytes Atmel(R) CryptoMemory(R) will read, a value of zero will result in 256-bytes read. The host however may cease clocking the device and end the transmission with a NACK and STOP at any time prior to receiving all N-bytes. During a read operation the address will "roll over" from the last byte of the current zone, to the first byte of the same zone. If the host is not allowed to read the zone, the device will not acknowledge the N-byte. Figure 15. Read User Zone S T A R T Command Address 1 1011 0010 xxxx xxxx A C K 32 Address 2 N xxxx xxxx A C K xxxx xxxx A C K NS AT CO KP A C K d7--- ---d0 A C K Data d7--- ---d0 Data x N Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 7.6.3. System WRITE: $B4 Functional Figure 16. System WRITE Command Functional Description Host Device Command Address 1 Address 2 Number of bytes N Data N data bytes ... Data The System WRITE command allows writing of system data to the device. Depending on the value of the Address 1 parameter, the host may write data in the configuration memory, program the fuses, or set the user zone. Table 27. System WRITE Command Detail Command Description Command Addr 1 Addr 2 N Data (N) Write Config Zone Atmel AT88SC0104C-AT88SC1616C) $B4 $00 addr N $10 N-bytes Write Config Zone Atmel AT88SC3216C-AT88SC6416C) $B4 $00 addr N $40 N-bytes Write Config Zone Atmel AT88SC12816C-AT88SC25616C) $B4 $00 addr N $80 N-bytes Write Fuses $B4 $01 fuse ID $00 Send Checksum $B4 $02 $00 $02 Set User Zone $B4 $03 zone $00 2-bytes Write Config Zone The maximum number of bytes that may be written is as follows; * $10 for Atmel(R) AT88SC0104C through Atmel AT88SC1616C (EEPROM page size of 16-bytes) * $40 for Atmel AT88SC3216C and Atmel AT88SC6416C (EEPROM page size of 64-bytes) * $80 for Atmel AT88SC12816C and Atmel AT88SC25616C (EEPROM page size of 128-bytes) In anti-tearing mode the maximum value for N is $08 for all devices. A write may be started in the middle of an EEPROM page but should not extend past the end of the page. If the address provided is an unauthorized address, the device will not write the requested data. Since access rights vary throughout the configuration memory, the host may provide an authorized starting address, but a number of bytes that causes the device to reach unauthorized data. In this case, the device will prevent the internal write cycle and no bytes will be written in the EEPROM. After this command the host must perform ACK polling. 33 5211C-SMIC-01/10 Write Fuses The fuses may only be "programmed", that is written from '1' to '0'. The write fuses operation is allowed only after successfully presenting the secure code (Write 7 password). The fuses must be blown sequentially: FAB must be blown first, CMA may be blown only if FAB is `0', and PER only if CMA is `0'. After this command the host must perform ACK polling. Table 28. Fuse Writing Fuse Fuse ID FAB $06 CMA $04 PER $00 Send Checksum To write data to user zones that require Authentication for write access (AM [1:0] = "00" or "10" in the access register), the host should first carry out the write command $B0. At this point the memory is unchanged and the device is waiting for the host to provide a valid checksum before initiating the write cycle. The host sends the checksum it has computed using the System WRITE command with Address 1 = $02. Only if the checksum is valid will the device initiate the write cycle. Furthermore, if the device receives an incorrect checksum, it will clear the authentication privilege. After this command the host must perform ACK polling. Set User Zone Before reading and writing data in the user zones, the host must select a zone with this command. At this time the host chooses whether anti-tearing should be active for this zone. Table 29. Anti-Tearing Command Description Command Addr 1 Addr 2 N Data (N) Write Config Zone with Anti-Tearing $B4 $08 addr N $08 N-bytes Set User Zone with Anti-Tearing $B4 $0B zone $00 Data written to the configuration memory may be done with anti-tearing enabled by setting Address 1 to $08 of the Write Configuration Zone command. To enable anti-tearing for writes to a user zone a Set User Zone command is executed with Address 1 set to $0B. All subsequent write user zone commands will be executed with anti-tearing enabled until the next Set User Zone command. Anti-tearing should be turned off if not required, as it would otherwise cause more write cycles than necessary. Figure 17. System WRITE S T A R T Command Address 1 1011 0100 0000 xxxx A C K 34 Address 2 N xxxx xxxx A C K Data xxxx xxxx A C K Data x N d7--- ---d0 A C K S T O P d7--- ---d0 A C K A C K Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 7.6.4. System Read: $B6 Functional Figure 18. System Read Command Functional Description Host Device Read Command Address 1 Address 2 Number of bytes N Data ... N data bytes Data The System Read command allows reading of system data from the device. Depending on the value of Address 1, the host may read the data in the configuration memory, the fuses or a checksum. Table 30. System Read Command Detail Command Description Command Addr 1 Addr 2 N Read Config Zone $B6 $00 addr N Read Fuse Byte $B6 $01 $00 $01 Read Checksum $B6 $02 $00 $02 Read Config Zone The data byte address to be read is defined by Address 2 in the command and is internally incremented following the transmission of each data byte. The value N defines how many bytes Atmel(R) CryptoMemory(R) will read, a value of zero will result in 256-bytes read. If the address provided is an unauthorized address, the device will not ACK the N-byte and will not return any data. Since access rights vary throughout the configuration memory, the host may provide an authorized starting address and a number of bytes N that causes the device to reach unauthorized address. In this case the device will transmit the fuse byte (see below) in place of unauthorized bytes. Read Fuse Byte Fuse data is returned in the form of a single byte. Bits zero to three represent the fuse state. A value of `0' indicates the fuse has been blown. Bits four to seven are not used as security fuses and are reserved by Atmel. Table 31. Fuse Byte Definition F7 F6 F5 F4 F3 F2 F1 F0 resv resv resv resv SEC PER CMA FAB 35 5211C-SMIC-01/10 Read Checksum The checksum consists of 2-bytes, and the Read Checksum command must be sent with parameter N = 2. Figure 19. System Read S T A R T Command Address 1 1011 0110 0000 xxxx A C K N Address 2 xxxx xxxx A C K xxxx xxxx A C K NS AT CO KP A C K d7--- ---d0 A C K Data d7--- ---d0 Data x N 7.6.5. Verify Crypto: $B8 Functional Figure 20. Verify Crypto Command Functional Description Host Device Command Key Index Q1 Q2 Q3 8-random bytes Q4 Q5 Q6 Q7 Q8 CH1 CH2 CH3 8-challenge bytes CH4 CH5 CH6 CH7 CH8 36 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C When the device receives the Verify Crypto command, it computes a challenge based on the received random number, Q, the internally stored associated Cryptogram, Ci, and Secret Seed, Gi (or Session Encryption Key, Si). The device also decrements the associated attempts counter. It then compares the computed challenge with the challenge sent by the host. If the challenges match, the device computes and writes a new Ci and Si. The device utilizes the success or failure information of the authentication process and updates the attempts counter accordingly. Key index: b0000_00nn : Secret Seed G0-G3 b0001_00nn : Session Encryption Key S0-S3 Data : Q : Host random number, 8 bytes CH : Host challenge, 8 bytes Figure 21. Verify Crypto S T A R T Command Key Index 1011 1000 000e 00nn A C K N=16 Parameter 2 xxxx xxxx A C K Data x 16 0001 0000 A C K S T O P d7--- ---d0 A C K A C K Once the sequence has been carried out, the device requires the host to perform an ACK polling with either the Read User Zone $B2 command or System Read $B6 command. To verify whether the authentication succeeded, the host could either read the associated attempts counter to confirm the value is $FF, or read the post authentication cryptogram from the device and compare with the cryptogram generated when the host computed the challenge bytes. 37 5211C-SMIC-01/10 7.6.6. Verify Password: $BA Functional Figure 22. Verify Password Command Functional Description Host Device Command Password Index PW1 8-password bytes PW2 PW3 Read password indices: $10 to $17 for passwords 0 to 7. Write password indices: $00 to $07 for passwords 0 to 7. Secure code index: $07 (equivalent to Write 7 Password). Four password index bits "r" and "ppp" indicate the password to compare: r = 0 : Write password r = 1 : Read password p2p1p0: Password set number Figure 23. Verify Password S T A R T Command PW Index 1011 1010 Parameter 2 000r 0p2p1p0 A C K N=3 xxxx xxxx A C K Data x 3 0000 0011 A C K S T O P d7--- ---d0 A C K A C K Once the sequence has been carried out, the device requires the host to perform an ACK polling sequence with the system read command $B6. In order to know whether the inserted password was correct, the host can read the corresponding password attempts counter and verify the value is $FF. 38 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 8. Initialization Example The first step in initializing Atmel(R) CryptoMemory(R) is to determine what data is to be stored in the device and what the security settings need to be to protect this data. Once defined the proper settings for CryptoMemory registers can be determined and values for passwords and keys may be selected. To initialize the CryptoMemory device the following sequence is recommended to take place in a secure location to protect sensitive data, passwords and keys that may be loaded into the device. 8.1. Write Data to User Zones In the Atmel default configuration, all user zones have free access rights. Writing initial data into the user zones should be done before setting security configurations. Use the Set User Zone command and Write User Zone command to write initial data into the user zones. The Read User Zone command may be used to verify the data written. 8.2. Unlock the Configuration Memory Before any data can be written to the configuration memory, it must be unlocked by presenting the correct security code (Write 7 Password). Use the Verify Password command with the proper secure code supplied by Atmel to unlock the configuration memory. Use the Read Config Zone command to read back the security code at address $E9 for verification that the configuration memory has been unlocked. 8.3. Write Data to the Configuration Memory Writing this data is accomplished by performing the Write Config Zone command at the appropriate address location. The Read Config Zone command may be used to verify the data written. As soon as values are written to the registers, keys, and passwords, they become effective in determining the security of the user zones. 8.4. Set Security Fuses Once all data is written and verified into user zones and the configuration memory the security fuses should be set before the device is released from the secure location used for device initialization. There are three fuses, FAB, CMA and PER that must be set. These three fuses must be set in the order listed (FAB, then CMA, then PER). The Write Fuse command is used to set each of the three fuses individually. The Read Fuse command may be used to check the status of all three fuses. Once all fuses have been set the Read Fuse command should return a value of zero for the second nibble of the fuse byte. The Atmel AT88SC0104C is used for this example. A small pattern is written into each of the four user zones. Security for each of the four user zones and the associated register values are shown in the table below. Simple values for codes, keys and passwords are used. Table 32. Example Zones Configuration Access Register Password/Key Register None $FF $FF Zone 1 Data Read/Write Password (Set 1) $7F $F9 2 Zone 2 Data Read/Write Authentication (Set 2) $DF $BF 3 Zone 3 Data Read/Write Password (Set 1), Read/Write Authentication (Set 2) with Encryption Required $57 $B9 User Zone Data 0 Zone 0 Data 1 Security Requirements The following shows the two-wire commands sent to the CryptoMemory device for the purpose of initializing the device. The flow is consistent with the steps described above, comments have been added as indicated with an asterisk (*). 39 5211C-SMIC-01/10 *Atmel AT88SC0104C Initialization Example *WRITE DATA TO USER ZONES *Set User Zone 0 B4 03 00 00 *Write data = Zone 0 Data B0 00 00 0B 5A 6F 6E 65 20 30 20 44 61 74 61 *Set User Zone 1 B4 03 01 00 *Write data = Zone 1 Data B0 00 00 0B 5A 6F 6E 65 20 31 20 44 61 74 61 *Set User Zone 2 B4 03 02 00 *Write data = Zone 2 Data B0 00 00 0B 5A 6F 6E 65 20 32 20 44 61 74 61 *Set User Zone 3 B4 03 03 00 *Write data = Zone 3 Data B0 00 00 0B 5A 6F 6E 65 20 33 20 44 61 74 61 *UNLOCK CONFIGURATION MEMORY BA 07 00 03 DD 42 97 *WRITE CODES IN CONFIGURATION MEMORY *Write Card Mfg Code = P001 B4 00 0B 04 50 30 30 31 *Write Identification Number = 00000000012345 B4 00 19 07 00 00 00 00 01 23 45 *Write Issuer Code = STATION 035 B4 00 40 10 53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00 *WRITE REGISTERS IN CONFIGURATION MEMORY *Write Registers AR1/PR1 = 7F F9, AR2/PR2 = DF BF, AR3/PR3 = 57 B9 B4 00 22 06 7F F9 DF BF 57 B9 *WRITE KEYS IN CONFIGURATION MEMORY *Write Ci for set 2 = 22222222222222 B4 00 71 07 22 22 22 22 22 22 22 *Write Gc for set 2 = 5B4F9AE4B5098BE7 B4 00 A0 08 5B 4F 9A E4 B5 09 8B E7 *WRITE PASSWORDS IN CONFIGURATION MEMORY *Write Passwords, read 7 = 10 00 01, write 7 = 11 00 11 B4 00 B9 07 11 00 11 FF 10 00 01 40 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C *READ ENTIRE CONFIGURATION MEMORY TO VERIFY B6 00 00 F0 *Device Response: 3B B2 11 00 10 80 8C AD A8 10 0A AB FF FF 7F F9 DF BF FF FF FF FF FF FF 53 54 41 54 49 4F FF FF FF FF FF FF FF FF FF FF FF FF FF 22 22 22 22 22 FF FF FF FF FF FF FF FF FF FF FF FF 5B 4F 9A E4 B5 09 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 FF 57 FF 4E FF FF 22 FF FF 8B FF FF FF FF 01 FF B9 FF 20 FF FF 22 FF FF E7 FF FF FF FF 10 FB FF FF 30 FF FF FF FF FF D8 FF FF FF FF 10 00 FF FF 33 FF FF FF FF FF FF 11 FF FF FF FF 00 FF FF 35 FF FF FF FF FF FF 00 FF FF FF 50 00 FF FF 00 FF FF FF FF FF FF 11 FF FF FF 30 00 FF FF 00 FF FF FF FF FF FF FF FF FF FF 30 01 FF FF 00 FF FF FF FF FF FF 10 FF FF FF 31 23 FF FF 00 FF FF FF FF FF FF 00 FF FF FF FF 45 FF FF 00 FF FF FF FF FF FF 01 FF FF FF *SET SECURITY FUSES *Set FAB Fuse B4 01 06 00 *Set CMA Fuse B4 01 04 00 *Set PER Fuse B4 01 00 00 *Read Fuse Byte = X0 B6 01 00 01 *Device Response: 00 41 5211C-SMIC-01/10 9. 9.1. Asynchronous T=0 Protocol Character Format Atmel(R) CryptoMemory(R) complies with the asynchronous T=0 protocol defined in ISO 7816-3. The character format is shown in the following figure. Figure 24. Character Format 8 data bits Start bit Z I/O Parity bit d0 d1 d2 d3 d4 d5 d6 d7 p Next Start bit Guard Time A 0 t1 tn t 10 (n 0,2) etu Note: The byte is transmitted with the least significant bit first Even parity is used: the parity bit is such that the overall sum of bits in the data byte and the parity bit is an even number. If a transmission error is detected, the receiving device indicates this by applying a low level on the I/O channel during the guard time. This tells the transmitting device to retransmit the byte. 9.2. Command format The command sequence is as follows: 1. In compliance with ISO 7816-3, the host must send the header consisting of five characters: CLA, INS, P1, P2, P3 2. 3. 4. The device replies with a "procedure byte" normally equal to the INS code received. If a problem occurred, then the device will respond with a status word pair SW1-SW2, indicating the end of the command. Data transfer (P3-bytes) A final SW1-SW2 sequence gives the status of the device after completion of the command. A normal completion is indicated by SW1-SW2 = $90-$00. Note: 42 CLA refers to a class of instructions. This byte isn't tested by the device. INS is the instruction byte P1 and P2 are reference bytes, such as a data byte address or password index P3 is the number of data bytes transferred during the command. For outgoing transfers (e.g. read commands), P3 = 0 means that 256-data bytes will be emitted by the card. For incoming commands, P3 = 0 means that no data bytes will be transferred. For all bytes transmitted by the device or by the host, including header, procedure, status and data bytes, if a parity error is detected, the receiver requests that byte to be sent again (see character format) Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 9.3. PPS Support All Atmel(R) CryptoMemory(R) devices with user memory size 32-Kbits and larger support the Protocol and Parameter Selection (PPS) protocol, Section 7 of ISO 7816-3. This section only applies to these larger devices; CryptoMemory devices with memory sizes 16-Kbit or smaller do not support PPS. At the end of an ATR sequence, subsequent to either a cold or a warm reset initiated by the reader, the device will be expecting either a `Class' byte as part of a command header, or the initial character, PPSS, of a PPS request. If the device receives a byte = $FF, it will process subsequent incoming bytes as a PPS request. In all other cases, it will proceed with command processing. There are 4 bytes that comprise a PPS request or response; * Initial Character PPSS. Always equal to $FF * Format Character PPS0. CryptoMemory supports two response values for PPS0, $00 and $01. See ISO 7816 for further definition of PPS0 * Parameter Character PPS1. Encodes Fn and Dn in the same manner as TA(1) in the ATR * Checksum PCK The following table shows the PPS1 values supported by CryptoMemory devices with memory sizes 32-Kbits and above. Table 33. PPS1 Values Atmel CryptoMemory Supports Dl 0001b 0010b 0011b 0100b 0101b 1000b Dl 1 2 4 8 16 12 f Max 4MHz 5MHz 5MHz Fl 0000b 0001b 1001b Fl 372 372 372 PPS1 01 11 F/D 372 372 baud rate 9600 9600 PPS1 02 12 F/D 186 186 baud rate 19200 19200 PPS1 03 13 F/D 93 93 baud rate 38400 38400 PPS1 04 14 94 F/D 46.5 46.5 64 baud rate 76800 76800 55800 PPS1 05 15 95 F/D 23.25 23.25 32 baud rate 153600 153600 111600 PPS1 08 18 F/D 31 31 baud rate 115200 115200 After the ATR, the reader will have the choice of proceeding with commands using default values of F=372 and D=1 (9600-baud at 3.5712MHz), or negotiating values Fn and Dn through a PPS exchange. Following, are four examples of PPS requests and responses: 43 5211C-SMIC-01/10 Example 1 We assume Atmel(R) CryptoMemory(R) ATR contains the byte TA(1) = 15h, indicating that it is capable of using F=372 and D=16, leading to a baud rate of 153,600-baud at 3.5712MHz. Assuming that this is the maximum speed supported by the device, the reader immediately attempts to set the F and D parameters leading to these values. * PPS_request= $FF $10 $15 $FA * PPS_response = $FF $10 $15 $FA The newly negotiated values are effective immediately following this exchange, so that the ETU, or duration of one bit on I/O, will now be 23 clock cycles instead of 372. Example 2 The reader insists on negotiating Fn and Dn equal to the default values, even though these would be used by default without the use of a PPS exchange. The two ways of doing this are by sending PPS1_request = $11 or not sending PPS1_request at all. * PPS_request = $FF $10 $11 $FE * PPS_response = $FF $10 $11 $FE or * PPS_request = $FF $00 $FF * PPS_response = $FF $00 $FF Example 3 The reader attempts to negotiate values that are not supported by the CryptoMemory device. In its response, the CryptoMemory proposes to continue with F and D, by not sending PPS1_response. Even though new Fn and Dn values aren't negotiated, this scenario is still considered a "successful" exchange according to ISO 7816. * PPS_request = $FF $10 $45 $AA * PPS_response = $FF $00 $FF Example 4 If the reader attempts to change the protocol to any protocol other than T = 0, such as T = 1, the CryptoMemory will indicate that it only supports T = 0. * PPS_request = $FF $01 $FE * PPS_response = $FF $00 $FF CryptoMemory will only operate at baud rates above the default 9600 baud through a successful PPS exchange. CryptoMemory cannot be set to higher baud rates through use of a TA(2)-byte in the ATR. 44 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 9.4. Command Set Table 34. Atmel CryptoMemory Asynchronous Command Set Command Description B0 B2 B4 B6 B8 BA CLA INS P1 P2 P3 Normal (0104C-1616C) $00 $B0 addr addr N $10 N-bytes Normal (3216C, 6416C) $00 $B0 addr addr N $40 N-bytes Normal (12816C, 25616C) $00 $B0 addr addr N $80 N-bytes with Anti-Tearing (all dvcs) $00 $B0 addr addr N $08 N-bytes $00 $B2 addr addr N Write Config Zone (Devices 0104C-1616C) $00 $B4 $00 addr N $10 N-bytes Write Config Zone (Devices 3216C, 6416C) $00 $B4 $00 addr N $40 N-bytes Write Config Zone (Devices 12816C, 25616C) $00 $B4 $00 addr N $80 N-bytes Write Fuses $00 $B4 $01 fuse ID $00 Send Checksum $00 $B4 $02 $00 $02 Set User Zone $00 $B4 $03 zone $00 Write Config Aone w/a-t $00 $B4 $08 addr N $08 Set User Zone w/a-t $00 $B4 $0B zone $00 Read Config Zone $00 $B6 $00 addr N Read Fuse Byte $00 $B6 $01 $00 $01 Read Checksum $00 $B6 $02 $00 $02 Verify Authentication $00 $B8 $0X $00 $10 8-random bytes + 8-challenge bytes X=key set (0-3) Verify Encryption $00 $B8 $1X $00 $10 8-random bytes + 8-challenge bytes X=key set (0-3) Write Password $00 $BA $0X $00 $03 3-byte password X=password set (0-7) Read Password $00 $BA $1X $00 $03 3-byte password X=password set (0-7) Write User Zone Read User Zone System WRITE System Read Data (N) 2-bytes N-bytes Verify Crypto Verify Password 45 5211C-SMIC-01/10 9.4.1. Status Words Table 35. Atmel CryptoMemory Asynchronous Mode Status Words SW1 SW2 Meaning $62 $00 The memory is unchanged (waiting for checksum) $67 $00 The length is incorrect $69 $00 The command is unauthorized $6B $00 The address is incorrect $6D $00 The instruction code is invalid $90 $00 The command was successfully executed These status words indicate the state of the device at the end of the command. In normal conditions, the device sends the INS byte as the procedure byte, and $90 $00 as the final status word. In certain conditions described below, the device may interrupt the command by returning a status word in place of INS as the procedure byte. $62 $00 is returned as a status word after a write command when the device is waiting for the host to send a secure checksum before initiating the write cycle. This will happen only in Authentication Mode and Encryption Mode. $67 $00 is returned as a procedure byte when the number of data bytes to be transferred is incorrect. $69 $00 is returned after read/write commands as procedure bytes if the host is not allowed to read/write at the address provided. It is also returned after Password and Authentication commands if the maximum number of attempts has been reached. The device will return $69 $00 as a final status word in place of $90 $00, if the password presentation, authentication or encryption activation failed due to invalid data, or if any incoming command failed due to a bad checksum (MAC). $6B $00 is returned as procedure bytes if the address is incorrect. $6D $00 is returned as procedure bytes if the INS code received is not supported. 46 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 9.4.2. Example: Write EEPROM command The following illustrates the data exchanges that occur during a WRITE Operation of 4-bytes: $04, $09, $19, $97 to addresses $02, $03, $04, $05 in the current user zone. Start Host Device Val Class (ignored by Atmel CryptoMemory) CLA ** INS $B0 P1 ** P2 $02 Address byte A2 = $02 P3 $04 4-data bytes $B0 Device responds with INS code Data $04 Byte to be written at start address $02 Data $09 Byte to be written at address $03 Data $19 Byte to be written at address $04 Data $97 Byte to be written at address $05 INS Write Cycle Finish Note Write instruction Address byte A1 (ignored by 0104C - 1616C) ~5ms SW1 90 SW2 $00 WRITE Operation successful 47 5211C-SMIC-01/10 9.4.3. Write User Zone: $B0 Functional Figure 25. Write User Zone Command Functional Description Host Device Command Address A1 Address A2 Number of bytes N Data N data bytes ... Data The Write User Zone command $B0 allows writing of data into the device's currently selected user zone (the procedure for selecting a user zone is described in Section 9.4.5, System WRITE: $B4) The maximum number of bytes that may be written is as follows; * $10 for Atmel(R) AT88SC0104C through Atmel AT88SC1616C (EEPROM page size of 16-bytes) * $40 for Atmel AT88SC3216C and Atmel AT88SC6416C (EEPROM page size of 64-bytes) * $80 for Atmel AT88SC12816C and Atmel AT88SC25616C (EEPROM page size of-128 bytes) Each data byte within a page must only be loaded once. In anti-tearing mode the maximum value for N is $08 for all devices. A write in Anti-Tearing mode is activated with the Set User Zone with anti-tearing command (00 B4 0B zz 00); all subsequent writes to the user zone will be in anti-tearing mode. If the host is not allowed to write in the zone, the device will return the "Command Unauthorized" code ($69 $00) after it has received the P3 byte. Table 36. Write User Zone Write User Zone Command 48 Data Sent CLA INS : Command P1 : Address 1 P2 : Address 2 P3 : N Data(1) ... Data(N) ** $B0 0000 0000 0a6-- ---a0 000n4 --- n0 d7--- ---d0 ... d7--- ---d0 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 9.4.4. Read User Zone: $B2 Functional Figure 26. Read User Zone Command Functional Description Host Device Read Command Address A1 Address A2 Number of bytes N Data ... N data bytes Data The Read User Zone command $B2 allows reading of data from the device's currently selected user zone (the procedure for selecting a user zone is described below under Section 9.4.5, System WRITE: $B4). The byte address is internally incremented following the transmission of each data byte. During a read operation the address will "roll over" from the last byte of the current zone, to the first byte of the same zone. If the host is not allowed to read the zone, the device will return the "Command Unauthorized" code ($69 $00) after it has received the header. Table 37. Read User Zone User Read Data Returned CLA INS : Command P1 : Address 1 P2 : Address 2 P3 : N Data(1) ... Data(N) ** $B2 0000 0000 0a6-- ---a0 N7 --- n0 d7--- ---d0 ... d7--- ---d0 49 5211C-SMIC-01/10 9.4.5. System WRITE: $B4 Functional Figure 27. System WRITE Command Functional Description Host Device Command Address P1 Address P2 Number of bytes N Data N data bytes ... Data The System WRITE command allows writing of system data to the device. Depending on the value of the P1 parameter, the host may write data in the configuration memory, program the fuses, send a checksum or set the user zone. Table 38. System WRITE Command Detail Command CLA INS P1 P2 P3 Data(N) Write Config Zone (Devices 0104C-1616C) $00 $B4 $00 addr N $10 N-bytes Write Config Zone (Devices 3216C-6416C) $00 $B4 $00 addr N $40 N-bytes Write Config Zone (Devices12816C-25616C) $00 $B4 $00 addr N $80 N-bytes Write Fuses $00 $B4 $01 fuse ID $00 Send Checksum $00 $B4 $02 $00 $02 Set User Zone $00 $B4 $03 zone $00 2-bytes The anti-tearing function is controlled by P1: the host may choose to write in the configuration memory with anti-tearing enabled by setting P1 = $08 instead of $00. Similarly, the host may choose to activate anti-tearing for a user zone by carrying out the Set User Zone command with P1 = $0B instead of $03. All subsequent Write User Zone commands are then carried out with anti-tearing enabled until the next Set User Zone command. Anti-tearing should be turned off if not required, as it would otherwise cause more write cycles than necessary. Table 39. Anti-Tearing Command Description 50 CLA INS P1 P2 P3 Data(N) Write Config Zone w/ a-t $00 $B4 $08 addr N $08 N-bytes Set User Zone w/ a-t $00 $B4 $0B zone $00 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Write Config Zone The maximum number of bytes that may be written is as follows: * $10 for Atmel(R) AT88SC0104C through Atmel AT88SC1616C (EEPROM page size of 16-bytes) * $40 for Atmel AT88SC3216C and Atmel AT88SC6416C (EEPROM page size of 64-bytes) * $80 for Atmel AT88SC12816C and Atmel AT88SC25616C (EEPROM page size of 128-bytes) Each data byte within a page must only be loaded once. In anti-tearing mode the maximum value for N is $08 for all devices. If the address provided at P2 is an unauthorized address, the device will return the "Command Unauthorized" code ($69 $00) after it has received the header. Since access rights vary throughout the configuration memory, the host may provide an authorized starting address, but a number of bytes that causes the device to reach unauthorized address. In this case, the device will prevent the internal write cycle and no bytes will be written in the EEPROM. At the end of the command the "Command Unauthorized" code ($69 $00) will be returned instead of $90 $00 to indicate that no write cycle occurred. Write Fuses The fuses may only be "programmed", that is written from '1' to '0'. The write fuses operation is only allowed after successfully presenting the secure code (Write 7 Password). The fuses must be blown sequentially: FAB must be blown first, CMA may be blown only if FAB is `0', and PER only if CMA is `0'. Table 40. Fuse Writing Fuse Fuse ID FAB $06 CMA $04 PER $00 9.4.6. Send Checksum To write data to user zones that require Authentication for write access (AM [1:0] = "01" or "00" in the access register), the host should first carry out the Write User Zone command $B0, after which the device will return a special status word: $62 $00. This indicates that the memory is unchanged and the device is waiting for the host to provide a valid checksum before initiating the write cycle. The host sends the checksum it has computed using the System WRITE command opcode $B4 with P1 = $02. Only if the checksum is valid will the device initiate the write cycle. Furthermore, if the device receives an incorrect checksum, it will clear the authentication privilege. Set User Zone Before reading and writing data in the user zones, the host should select a zone with this command. At this time the host may choose whether anti-tearing should be active for this zone. Table 41. System WRITE User Read Data Returned CLA INS : Command P1 P2 P3 Data(1) ... Data(N) ** $B4 p7 --- p0 p7 --- p0 n7 --- n0 d7--- ---d0 ... d7--- ---d0 51 5211C-SMIC-01/10 9.4.7. System READ: $B6 Functional Figure 28. System READ Command Functional Description Host Device Read Command Address P1 Address P2 Number of bytes N Data ... N data bytes Data The System Read command allows reading of the system data from the device. Depending on the value of the P1 parameter, the host may read the data in the configuration memory, the fuses, or a checksum. Table 42. System READ Command Detail Command CLA INS P1 P2 P3 Read Config Zone $00 $B6 $00 addr N Read Fuse Byte $00 $B6 $01 $00 $01 Read Checksum $00 $B6 $02 $00 $02 Read Config Zone To read 256-bytes, the host should set N = $00. This is true for any outgoing command, and is defined by ISO 7816-3. If the address provided at P2 is an unauthorized address, the device will return the "Command Unauthorized" code ($69 $00) after it has received the header. Since access rights vary throughout the configuration memory, the host may provide an authorized starting address, but a number of bytes N that causes the device to reach unauthorized address. In this case, the device will transmit the authorized bytes, but unauthorized bytes will be replaced by the "fuse byte" (see below). At the end of this command the "Command Unauthorized" code ($69 $00) will be returned instead of $90 $00 to indicate that some of the bytes returned were not valid. Read Fuse Byte Fuse data is returned in the form of a single byte. Bits zero to three represent the fuse states; a value of `0' indicates the fuse has been blown. Bits four to seven are not used as Security Fuses and are reserved by Atmel(R). Table 43. Fuse Byte Definition 52 F7 F6 F5 F4 F3 F2 F1 F0 resv resv resv resv SEC PER CMA FAB Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Read Checksum The checksum consists of 2-bytes, and the Read Checksum command must be sent with parameter P3 = 2. Table 44. System READ System Read Data Returned CLA INS : Command P1 P2 P3 Data(1) ... Data(N) ** $B6 p7 --- p0 p7 --- p0 n7 --- n0 d7--- ---d0 ... d7--- ---d0 9.4.8. Verify CRYPTO: $B8 Functional Figure 29. Verify Crypto Command Functional Description Host Device Command Key Index Q1 Q2 Q3 8-random bytes Q4 Q5 Q6 Q7 Q8 CH1 CH2 CH3 8-challenge bytes CH4 CH5 CH6 CH7 CH8 53 5211C-SMIC-01/10 When the device receives the Verify Crypto command, it computes a challenge based on the received random number, Q, the internally stored associated Cryptogram, Ci, and Secret Seed, Gi (or Session Encryption Key, Si). The device also increments the associated attempts counter. It then compares the computed challenge with the challenge sent by the host. If the challenges match, the device computes and writes a new Ci and Si. The device utilizes the success or failure information of the authentication process and updates the authentication attempts counter accordingly. Key index: b0000_00nn : Secret Seed G0-G3 b0001_00nn : Session Encryption Key S0-S3 Data : Q : Host random number, 8-bytes CH : Host challenge, 8-bytes Table 45. Verify Crypto Verify Crypto Data Sent CLA INS : Command P1 P2 P3 Q1 Q8 CH1 CH8 ** $B8 000e 00nn ** $10 d7--- ---d0 d63--- ---d56 d7--- ---d0 d63--- ---d56 The device increments the associated attempts counter each time prior to verifying the challenge, to prevent attacks. If the authentication succeeds, the device memorizes this success, clears the attempts counter and returns $90 $00. If the authentication fails, the device simply returns $69 $00. If the maximum number of trials has been exceeded, the device will return $69 $00 instead of the INS code, after receiving the header, to indicate the command is unauthorized. 9.4.9. Verify Password: $BA Functional Figure 30. Verify Command Functional Description Host Device Command Password Index PW1 8-password bytes PW2 PW3 Read password indices: $10 to $17 for passwords 0 to 7. Write password indices: $00 to $07 for passwords 0 to 7. Secure code index: $07 (equivalent to Write 7 Password). Four password index bits "r" and "ppp" indicate the password to compare: r = 0: Write password r = 1: Read password p2p1p0: Password set number 54 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 46. Verify Password Verify Password Data Sent CLA INS : Command P1 P2 P3 PW1 PW2 PW3 ** $BA 000r 0p2p1p0 ** $30 d7--- ---d0 d15--- ---d8 d23--- ---d16 If the maximum number of trials has been exceeded, the device will return $69 $00 instead of the INS code, after receiving the header, to indicate the command is unauthorized. The device decrements the associated password attempts counter before verifying the password, to prevent attacks. If the password is correct, the device memorizes this success, clears the attempts counter and returns $90 $00. If the password is wrong, the device simply returns $69 $00 after decrementing the attempts count. The Write 7 password is also known as the Secure Code and must be properly presented before Write access to the configuration memory is granted when personalizing the device. 10. Initialization Example The first step in initializing Atmel(R) CryptoMemory(R) is to determine what data is to be stored in the device and what the security settings need to be to protect this data. Once defined, determine the proper settings for CryptoMemory registers and select values for passwords. To initialize the CryptoMemory device, the following sequence is recommended to take place in a secure location to protect sensitive data and passwords that may be loaded into the device. 10.1. Write Data to User Zones In Atmel default configuration form, all user zones have free access rights. Writing initial data into the user zones should be done before setting security configurations. Use the Set User Zone command and Write User Zone command to write initial data into the user zones. The Read User Zone command may be used to verify the data written. 10.2. Unlock the Configuration Memory Before any data can be written to the configuration memory, it must be unlocked by presenting the correct security code (Write 7 Password). Use the Verify Password command with the proper secure code supplied by Atmel to unlock the configuration memory. Use the Read Config Zone command to read back the security code at address $E9 for verification that the configuration memory has been unlocked. 10.3. Write Data to the Configuration Memory Writing this data is accomplished by performing the Write Config Zone command at the appropriate address location. The Read Config Zone command may be used to verify the data written. As soon as values are written to the registers, keys, and passwords, they become effective in determining the security of the user zones. 10.4. Set Security Fuses Once all data is written and verified into user zones and the configuration memory the security fuses should be set before the device is released from the secure location used for device initialization. There are three fuses, FAB, CMA and PER that must be set. These three fuses must be set in the order listed (FAB, then CMA, then PER). The Write Fuse command is used to set each of the three fuses individually. The Read Fuse command may be used to check the status of all three fuses. Once all fuses have been set the Read Fuse command should return a value of zero for the second nibble of the fuse byte. Atmel AT88SC0104C is used for this example. A small pattern is written into the first four user zones. Security for each of these four user zones and the associated register values are shown in the table below. Simple values for passwords are used. 55 5211C-SMIC-01/10 Table 47. Zone Configuration Example User Zone Data 0 Zone 0 Data 1 Security Requirements Access Register Password/Key Register None $FF $FF Zone 1 Data Read/Write Password (Set 1) $7F $F9 2 Zone 2 Data Read/Write Authentication (Set 2) $DF $BF 3 Zone 3 Data Read/Write Password (Set 1), Read/Write Authentication (Set 2) with Encryption Required $57 $B9 The following shows the TPDU commands sent to the Atmel(R) CryptoMemory(R) device for the purpose of initializing the device. The flow is consistent with the steps described above; comments have been added as indicated with an asterisk (*). *Atmel AT88SC0104C Initialization Example *WRITE DATA TO USER ZONES *Set User Zone 0 00 B4 03 00 00 *Write data = Zone 0 Data 00 B0 00 00 0B 5A 6F 6E 65 20 30 20 44 61 74 61 *Set User Zone 1 00 B4 03 01 00 *Write data = Zone 1 Data 00 B0 00 00 0B 5A 6F 6E 65 20 31 20 44 61 74 61 *Set User Zone 2 00 B4 03 02 00 *Write data = Zone 2 Data 00 B0 00 00 0B 5A 6F 6E 65 20 32 20 44 61 74 61 *Set User Zone 3 00 B4 03 03 00 *Write data = Zone 3 Data 00 B0 00 00 0B 5A 6F 6E 65 20 33 20 44 61 74 61 *UNLOCK CONFIGURATION MEMORY 00 BA 07 00 03 DD 42 97 *WRITE CODES IN CONFIGURATION MEMORY *Write Card Mfg Code = P001 00 B4 00 0B 04 50 30 30 31 *Write Identification Number = 00000000012345 00 B4 00 19 07 00 00 00 00 01 23 45 *Write Issuer Code = STATION 035 00 B4 00 40 10 53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00 56 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C *WRITE REGISTERS IN CONFIGURATION MEMORY *Write Registers AR1/PR1 = 7F F9, AR2/PR2 = DF BF, AR3/PR3 = 57 B9 00 B4 00 22 06 7F F9 DF BF 57 B9 *WRITE KEYS IN CONFIGURATION MEMORY *Write Ci for set 2 = 22222222222222 00 B4 00 71 07 22 22 22 22 22 22 22 *Write Gc for set 2 = 5B4F9AE4B5098BE7 00 B4 00 A0 08 5B 4F 9A E4 B5 09 8B E7 *WRITE PASSWORDS IN CONFIGURATION MEMORY *Write Passwords, read 7 = 10 00 01, write 7 = 11 00 11 00 B4 00 B9 07 11 00 11 FF 10 00 01 *READ ENTIRE CONFIGURATION MEMORY TO VERIFY 00 B6 00 00 F0 *Device Response: 3B B2 11 00 10 80 8C AD A8 10 0A AB FF FF 7F F9 DF BF FF FF FF FF FF FF 53 54 41 54 49 4F FF FF FF FF FF FF FF FF FF FF FF FF FF 22 22 22 22 22 FF FF FF FF FF FF FF FF FF FF FF FF 5B 4F 9A E4 B5 09 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 00 FF 57 FF 4E FF FF 22 FF FF 8B FF FF FF FF 01 FF B9 FF 20 FF FF 22 FF FF E7 FF FF FF FF 10 FB FF FF 30 FF FF FF FF FF D8 FF FF FF FF 10 00 FF FF 33 FF FF FF FF FF FF 11 FF FF FF FF 00 FF FF 35 FF FF FF FF FF FF 00 FF FF FF 50 00 FF FF 00 FF FF FF FF FF FF 11 FF FF FF 30 00 FF FF 00 FF FF FF FF FF FF FF FF FF FF 30 01 FF FF 00 FF FF FF FF FF FF 10 FF FF FF 31 23 FF FF 00 FF FF FF FF FF FF 00 FF FF FF FF 45 FF FF 00 FF FF FF FF FF FF 01 FF FF FF *SET SECURITY FUSES *Set FAB Fuse 00 B4 01 06 00 *Set CMA Fuse 00 B4 01 04 00 *Set PER Fuse 00 B4 01 00 00 *Read Fuse Byte = X0 00 B6 01 00 01 *Device Response: 00 90 00 power_off 57 5211C-SMIC-01/10 11. Absolute Maximum Ratings* Operating Temperature ............................ -40C to +85C *NOTICE: Storage Temperature ........................... -65C to + 150C Voltage on Any Pin with Respect to Ground....................... - 0.7 to VCC +0.7V Maximum Operating Voltage ..................................... 6.0V DC Output Current .................................................5.0 mA 11.1. Stresses beyond those listed under "Absolute Maximum Ratings" may cause permanent damage to the device. This is a stress rating only and functional operation of the device at these or any other condition beyond those indicated in the operational sections of this specification is not implied. Exposure to absolute maximum rating conditions for extended periods of time may affect device reliability. DC and AC Characteristics Table 48. DC Characteristics Applicable over recommended operating range from VCC = +2.7 to 5.5V, TAC = -40C to +85C (unless otherwise noted) Symbol Test Condition Max Units 5.5 V Async READ at 3.57MHz 5 mA Supply Current (VCC = 5.5V) Async WRITE at 3.57MHz 5 mA ICC Supply Current (VCC = 5.5V) Synch READ at 1MHz 5 mA ICC Supply Current (VCC = 5.5V) Synch WRITE at 1MHz 5 mA ISB Standby Current (VCC = 5.5V) VIN = VCC or GND 100 A VIL SDA/IO Input Low Voltage(1) 0 VCC x 0.2 V 0 VCC x 0.2 V 0 VCC x 0.2 V VCC x 0.7 VCC V VCC x 0.7 VCC V VCC x 0.7 VCC V Supply Voltage ICC Supply Current (VCC = 5.5V) ICC VIL VIL VIH VIH 2.7 Clock Input Low Voltage RST Input Low Voltage Min (1) (1) SDA/IO Input High Voltage (1) SCL/CLK Input High Voltage (1) (1) Typ VIH RST Input High Voltage IIL SDA/IO Input Low Current 0 < VIL < VCC x 0.15 15 A IIL SCL/CLK Input Low Current 0 < VIL < VCC x 0.15 15 A IIL RST Input Low Current 0 < VIL < VCC x 0.15 50 A IIH SDA/IO Input High Current VCC x 0.7 < VIH < VCC 20 A IIH SCL/CLK Input High Current VCC x 0.7 < VIH < VCC 100 A IIH RST Input High Voltage VCC x 0.7 < VIH < VCC 150 A VOH SDA/IO Output High Voltage 20K ohm external pull-up VCC x 0.7 VCC V VOL SDA/IO Output Low Voltage IOL = 1mA 0 VCC x 0.15 V IOH SDA/IO Output High Current VOH 20 A Notes: 58 Parameter VCC 1. VIL min and VIH max are reference only and are not tested Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Table 49. AC Characteristics Applicable over recommended operating range from VCC = +2.7 to 5.5V, TAC = -40C to +85C (unless otherwise noted) Symbol 11.2. Parameter Min Max Units fCLK Async Clock Frequency (VCC Range: +4.5 - 5.5V) 1 5 MHZ fCLK Async Clock Frequency (VCC Range: +2.7 - 3.3V) 1 4 MHZ fCLK Synch Clock Frequency 0 1 MHZ Clock Duty cycle 40 60 % tR Rise Time - SDA/IO, RST 1 S tF Fall Time - SDA/IO, RST 1 S tR Rise Time - SCL/CLK 9% x period S tF Fall Time - SCL/CLK 9% x period S tAA Clock Low to Data Out Valid 35 S tHD.STA Start Hold Time 200 nS tSU.STA Start Set-up Time 200 nS tHD.DAT Data In Hold Time 10 nS tSU.DAT Data In Set-up Time 100 nS tSU.STO Stop Set-up Time 200 nS tDH Data Out Hold Time 20 nS tWR Write Cycle Time (at 25 C) 5 mS tWR Write Cycle Time 7 mS Timing Diagrams for Synchronous Communications Figure 31. Bus Timing tHIGH tF tR tLOW tLOW SCL tSU.STA tHD.STA tHD.DAT tSU.DAT tSU.STO SDA IN tAA tDH tBUF SDA OUT 59 5211C-SMIC-01/10 Figure 32. Write Cycle Timing SCL SDA 8th BIT ACK WORDn (1) tWR STOP CONDITION Note: START CONDITION The write cycle time tWR is the time from a valid stop condition of a write sequence to the end of the internal clear/write cycle Figure 33. Data Validity SDA SCL DATA STABLE DATA STABLE DATA CHANGE 60 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C Figure 34. Start and Stop Definition SDA SCL START STOP Figure 35. Output Acknowledge 1 SCL 8 9 DATA IN DATA OUT START ACKNOWLEDGE 61 5211C-SMIC-01/10 12. DC Tamper Detection Limits The Atmel(R) CryptoMemory(R) device family incorporates several tamper detection circuits to prohibit operation outside the limits of reliable circuit operation. 12.1. High Voltage and Low Voltage Limit If VCC is taken below or above these voltage limits the device will enter a reset sequence once VCC is returned to normal levels and before the device operation can begin again. 12.2. Minimum Clock Pulse In synchronous operation if the clock pulse width falls below the limit of this circuit the device will enter a reset sequence. 12.3. Maximum Clock Frequency In asynchronous operation if the clock frequency exceeds the limit of this circuit the device will enter a reset sequence. 12.4. Power On Reset (POR) Delay Anytime the device is reset either on initial power up or by a tamper detection circuit, there is a time delay from when normal conditions are restored to when the device may be operated. During this reset sequence all security flags within the device are reset to their initial values. 12.5. Noise Suppression Pulses of short duration on SCL/CLK, SDA/IO and RST are ignored if they fall below the threshold of this circuit. The pulses are filtered out and the device does not enter the reset sequence. Table 50. Tamper Detection Applicable over recommended operating range from TAC = -40 to +85 C (unless otherwise noted) Symbol 62 Parameter Test Condition Min Typ Max Units VCC High Voltage Limit 6.0 6.5 V VCC Low Voltage Limit 2.0 2.4 V tCLK Minimum CLK pulse width Synchronous Operation 200 280 nS fCLK Minimum CLK frequency Asynchronous Operation 12 14 MHz tPOR POR Delay 10 70 S tSUP Min. SCL, SDA, RST pulse 50 200 nS Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 13. Ordering Information Ordering Code Package Voltage Range Temperature Range AT88SCxxxxC-MJ AT88SCxxxxC-MP AT88SCxxxxC-MJTG AT88SCxxxxC-MPTG M2 - J Module - ISO M2 - P Module - ISO M2 - J Module - TWI M2 - P Module - TWI 2.7V-5.5V Commercial (0C-70C) AT88SCxxxxC-PU AT88SCxxxxC-SU 8P3 8S1 2.7V-5.5V Green compliant (exceeds RoHS)/Industrial (-40C-85C) AT88SCxxxxC-WI 7 mil wafer 2.7V-5.5V Industrial (-40C-85C) Note: Ordering Codes are valid for all devices covered by this datasheet. (See P.1 for a complete list) Package Type(1) (2) Description M2 - J Module : ISO or TWI M2 ISO 7816 Smart Card Module M2 - P Module : ISO or TWI M2 ISO 7816 Smart Card Module with Atmel Logo 8P3 8-lead, 0.300" Wide, Plastic Dual Inline Package (PDIP) 8S1 8-lead, 0.150" Wide, Plastic Gull Wing Small Outline Package (JEDEC SOIC) Note: 1. Formal drawings may be obtained from an Atmel sales office 2. Both the J and P Module Packages are used for either ISO (T=0 / 2-wire mode) or TWI (2-wire mode only) 63 5211C-SMIC-01/10 Appendix A. Revision History 64 Doc. Rev. Date Comments 5211C 01/2010 Added MJTG module and added Ordering Information 5211B 01/2010 Convert to MS Word 5211A 06/2010 Initial document release Atmel AT88SC0104/0204/0404/0808/1616/3216/6416/12816/25616C 5211C-SMIC-01/10 Headquarters International Atmel Corporation 2325 Orchard Parkway San Jose, CA 95131 USA Tel: (+1) (408) 441-0311 Fax: (+1) (408) 487-2600 www.atmel.com Atmel Asia Limited Unit 01-5 & 16, 19F BEA Tower, Millennium City 5 418 Kwun Tong Road Kwun Tong, Kowloon HONG KONG Tel: (+852) 2245-6100 Fax: (+852) 2722-1369 Atmel Munich GmbH Business Campus Parkring 4 D-85748 Garching b. Munich GERMANY Tel: (+49) 89-31970-0 Fax: (+49) 89-3194621 Atmel Japan 9F, Tonetsu Shinkawa Bldg. 1-24-8 Shinkawa Chuo-ku, Tokyo 104-0033 JAPAN Tel: (+81) (3) 3523-3551 Fax: (+81) (3) 3523-7581 Sales Contact www.atmel.com/contacts Literature Requests www.atmel.com/literature Product Contact Technical Support securerf@atmel.com Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN ATMEL'S TERMS AND CONDITIONS OF SALE LOCATED ON ATMEL'S WEB SITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDEN-TAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel's products are not intended, authorized, or warranted for use as components in applications intended to support or sustain life. (c) 2010 Atmel Corporation. All rights reserved. Atmel(R), logo and combinations thereof, Everywhere You Are(R), CryptoMemory(R) and others are registered trademarks or trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others. 5211C-SMIC-01/10