 English |
|
|
|
|
|
|
|
| ISL6296 Datasheet, PDF (7/17 Pages) Intersil Corporation – FlexiHash For Battery Authentication | |||
| |||
| ◁ |
ISL6296
64-bit Secret
32-bit Hash Function
32-bit Hash Seed
32-bit pseudo-random
challenge word from host
FlexiHash
Engine
8-bit authentication
code
FIGURE 5. AUTHENTICATION PROCESS FLOW DIAGRAM
It is recommended that device authentication be done once
in a while to maximize its effectiveness. Before a new
challenge code can be accepted by the device, the SESL
register must be re-written again to ensure that the original
seeds are re-loaded from the OTP ROM into the hash
engine prior to performing the next authentication code
calculation. Failure to follow the sequence will result is a bus
error, causing the sBER flag to be set in the STAT register.
SET-UP FOR DEVICE AUTHENTICATION SUPPORT
To configure the host and the ISL6296 to support device
authentication function, the pack manufacturer will need to
select at least 2 sets of 32-bit secret codes. For greater
security, a third set of 32-bit secret may be used. The
FlexiHash⢠engine requires two sets of 32-bit secrets for
use in its hash calculation: the first set to define its hash
function, and the second set to initialize its seed for hash
calculation. These two sets can be selected from the same
secret location. The chosen secret codes are to be kept by
the pack manufacturer and maintained at utmost
confidentiality.
After the secrets have been determined, they are written into
the deviceâs OTP ROM. After verification that the codes have
been written in correctly, the relevant secrets lock-out bits at
ROM address location 0-00 should be set. Once set, the
lock-out bits can no longer be cleared. Thereafter, read/write
access to the secret information will no longer be possible,
and the secret codes are made available only to the
FlexiHash⢠engine for generation of authentication code
based on a challenge code input from the host.
On the host side, the same secret codes will need to be kept,
and the same FlexiHash⢠engine will have to be
implemented in firmware. Refer to the application note
AN1166 for detailed information of firmware implementation.
It is important that the secret codes be stored scrambled in
the hostâs non-volatile memory so that the secret information
cannot be easily revealed by monitoring signal transfer on
the host PCB.
START
Wake up ISL6296 using a
regular break signal
Select hash function and seed
by writing to SESL register
Send a 32-bit random
challenge to CHLG register
Read the authentication result
from AUTH register, after
waiting for 1 BTD
Calculate the expected
authentication result based on
the same secrets
The two results match?
NO
YES
Shut down
the system
END
FIGURE 6. FLOW CHART FOR AUTHENTICATION PROCESS
THE HASH ENGINE
The hash engine consists of 4 separate programmable 8-bit
CRC calculators. Two sets of 32-bit secret codes are use by
the hash engine for authentication code generation. The first
set is used to define the CRC polynomial as well as the input
selection for each of the CRC calculators. The second is
used as initial seeds for the CRC calculations. Outputs of the
4 CRC calculators are logically combined to produce the 8-
bit output of the overall FlexiHash⢠engine. Block diagram
of the FlexiHash engine is illustrated in Figure 7. More
detailed description on the hash engine can be found in the
application note AN1166.
7
FN9201.0
February 1, 2005
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese