SAM4L Datasheet, PDF(427/1185 Page) ATMEL Corporation – ATSAM ARM-based Flash MCU

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

SAM4L Datasheet, PDF (427/1185 Pages) ATMEL Corporation – ATSAM ARM-based Flash MCU

◁

ATSAM4L4/L2

Alternatively, the last Nk words of the expanded key can be automatically computed by AESA

when a decryption process is initiated if they have not been computed in advance or have

become invalid. Note that this will introduce a latency of Nr clock cycles to the first decryption

process.

The last Nk words of the expanded key are stored and reused until they are invalidated by one of

the following events:

â¢ System reset

â¢ Software reset of AESA (by writing a one to the SWRST bit in the CTRL register)

â¢ A change to the MODE.KEYSIZE field

â¢ A write to any of the KEY registers

Note that the last Nk words of the expanded key is automatically generated by AESA during an

encryption process, so their explicit computation is not necessary if a decryption process is pre-

ceded by an encryption process using the same key.

18.4.5 Security Features

18.4.5.1

Hardware Countermeasures Against Differential Power Analysis Attacks

AESA features four types of hardware countermeasures that are useful for protecting data

against differential power analysis attacks:

â¢ Type 1: Randomly add one cycle to data processing

â¢ Type 2: Randomly add one cycle to data processing (other version)

â¢ Type 3: Add a random number of clock cycles to data processing, subject to a maximum of 11

clock cycles for key size of 128 bits

â¢ Type 4: Add random spurious power consumption during data processing

By default, all countermeasures are enabled. One or more of the countermeasures can be dis-

abled by programming the Countermeasure Type (CTYPE) field in the MODE register.

The countermeasures use random numbers generated by a deterministic random number gen-

erator embedded in AESA. The seed for the random number generator is written to the

DRNGSEED register. Note that access to the DRNGSEED register is by 32-bit words only (i.e.,

no halfword or byte access). Note also that a new seed must be written after a change in the key

size.

Note that enabling countermeasures reduces AESAâs throughput. In short, the throughput is

highest with all the countermeasures disabled. On the other hand, with all of the countermea-

sures enabled, the best protection is achieved but the throughput is worst.

42023CâSAMâ02/2013

427

▷