AT88SA10HS_10 Datasheet, PDF(3/23 Page) ATMEL Corporation – Atmel CryptoAuthentication Host Security Chip

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

AT88SA10HS_10 Datasheet, PDF (3/23 Pages) ATMEL Corporation – Atmel CryptoAuthentication Host Security Chip

◁

Atmel AT88SA10HS Host Authentication Chip

Status Fuses

Fuse Disable

These 23-fuses should be used to store information which is not secret, as their value can

always be determined using the Read command. Typical usage would be model or

configuration information. They cannot be automatically included in the messages to be

hashed by the HOST commands, but the system may read them and pass them back to

HOST1 in the input stream if desired.

This fuse is used to prevent access to fuses on chips in which a partial set of fuses has been

burned. This fuse must be burned using the BurnSecure command.

1.3.

Chip Identification

The chip includes a total of 72-bits of information that can be used to distinguish between individual chips in a

reliable manner. The information is distributed between the ROM and fuse blocks in the following manner.

Serial Number

This 48-bit value is composed of ROM SN (16-bits) and Fuse SN (32-bits). Together they

form a serial number that is guaranteed to be unique for all devices ever manufactured within

the AtmelÂ® CryptoAuthenticationï£ª family. This value is optionally included in the MAC

calculation.

Manufacturing ID This 24-bit value is composed of ROM MfrID (16-bits) and Fuse MfrID (8-bits). Typically this

value is the same for all chips of a given type. It is always included in the cryptographic

computations.

1.4.

Key Values

The values stored in the Atmel AT88SA10HS internal key array are hardwired into the masking layers of the chip

during wafer manufacture. All chips have the same keys stored internally, though the value of a particular key

cannot be determined externally from the chip. For this reason, customers should ensure they program a unique

(and secret) number into the 64-secret fuses and they should store the Atmel provided key values securely.

Individual key values are made available to qualified customers upon request to Atmel and are always transmitted

in a secure manner.

When the serial number is included in the MAC calculation, the response is considered to be diversified and the

host needs to know the base secret in order to be able to verify the authenticity of the client. A diversified

response can also be obtained by including the serial number in the computation of the value written to the secret

fuses. The AT88SA10HS provides a secure hardware mechanism to validate responses to determine if they are

authentic.

1.5.

SHA-256 Computation

AT88SA10HS performs only one cryptographic calculation â a keyed digest of an input challenge. It optionally

includes various other information stored on the chip within the digested message.

The AT88SA10HS computes the SHA-256 digest based on the algorithm documented here:

http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

As a security measure, the 24-bit MfrID code (both ROM and Fuse bits) is automatically included in every

message digested by the AT88SA10HS. The secret fuses are conditionally appended, depending on the

parameters to the HOST command.

For complete sample calculations, refer toâAtmel AT88SA100Sâ and/or âAtmel AT88SA102Sâ datasheets.

8595FâSMEMâ8/10

▷