DS5003 Datasheet, PDF(17/24 Page) Maxim Integrated Products

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

DS5003 Datasheet, PDF (17/24 Pages) Maxim Integrated Products – Secure Microprocessor Chip

◁

Secure Microprocessor Chip

Security Circuitry

Figure 9 shows the on-chip functions associated with

the DS5003âs software security feature. Encryption logic

consists of an address encryptor and a data encryptor.

Although each encryptor uses its own algorithm for

encrypting data, both depend on the 64-bit key word

that is contained in the encryption key registers. Both

the encryptors operate during loading of the application

software and also during its execution.

The address encryptor translates each logical address,

i.e., the normal sequence of addresses that are gener-

ated in the logical flow of program execution, into an

encrypted address (or physical address) at which the

byte is actually stored. Each time a logical address is

generated, either during program loading or during

program execution, the address encryptor circuitry

uses the value of the 64-bit key word and of the

address itself to form the physical address, which are

presented on the address lines of the SRAM. The

encryption algorithm is such that there is one and only

one physical address for every possible logical

address. The address encryptor operates over the

entire memory range, which is configured during boot-

strap loading for access on the byte-wide bus.

As bootstrap loading of the application software is per-

formed, the data encryptor logic transforms the op

code, operand, or data byte at any given memory loca-

tion into an encrypted representation. As each byte is

read back to the CPU during program execution, the

internal data encryptor restores it to its original value.

When a byte is written to the external nonvolatile pro-

gram/data SRAM during program execution, that byte

is stored in encrypted form as well. The data encryption

logic uses the value of the 64-bit key, the logical

address to which the data is being written, and the

value of the data itself to form the encrypted data,

which is written to the nonvolatile program/data SRAM.

The encryption algorithm is repeatable, such that for a

given data value, encryption key value, and logical

address the encrypted byte is always the same.

However, there are many possible encrypted data val-

ues for each possible true-data value due to the algo-

rithmâs dependency on the values of the logical

address and encryption key.

PROGRAM

COUNTER

DATA

POINTER

SECURE INTERNAL ADDRESS BUS

ADDRESS

ENCRYPTOR

ENCRYPTED BYTE-WIDE

ADDRESS BUS

BOOTSTRAP

LOADER

RANDOM-

NUMBER

GENERATOR

SECURITY

LOCK

64-BIT ENCRYPTION KEY

EXTERNAL

BYTE-WIDE

RAM

SECURE INTERNAL DATA BUS

DATA

ENCRYPTOR

ENCRYPTED BYTE-WIDE

DATA BUS

SDI

(SELF-DESTRUCT

INPUT)

Figure 9. Security Circuitry

______________________________________________________________________________________ 17

▷