 English |
|
|
|
|
|
|
|
| HCS473 Datasheet, PDF (43/68 Pages) Microchip Technology – Code Hopping Encoder and Transponder | |||
| |||
| ◁ |
5.5 Transponder Design
You must initially decide if a ferrite core or an air core
antenna will be used. There are advantages and disad-
vantages to using each. One advantage of using a fer-
rite core is that the coil can have a larger inductance for
a given volume. Volume will usually be the primary con-
straint as it will need to fit into a:
⢠key fob
⢠credit card
⢠other small package.
First step: choose the transponder coil external dimen-
sions because packaging places large constraints on
antenna design.
Second step: properties of the core, coil windings, as
well as the equivalent load placed across the coil must
be determined. Calculations from the first two steps will
fix the initial coil specification. The initial coil specifica-
tion includes:
⢠Minimum number of wire turns on the coil
⢠Wire diameter
⢠Wire resistance
⢠Coil inductance
⢠Required resonating capacitor.
Note:
The exact number of turns may be
tweaked such that a standard value reso-
nant capacitor may be used.
Build the initial coil and take appropriate measure-
ments to determine the coil quality factor. The data
gathered to this point may then be used to calculate an
Optimum Coil Specification.
It is not this data sheetâs purpose to present in-depth
details regarding LC antennae and their tuning. Please
refer to âLow Frequency Magnetic Transmitter Design
Application Noteâ, AN232, for appropriate LF antenna
design details.
Note:
Microchip also has a confidential Applica-
tion Note on Magnetic Sensors (AN832C).
Contact Microchip for a Non-Disclosure
Agreement in order to obtain this applica-
tion note.
5.6 Security Considerations
The strength of this security is based on keeping a
secret inside the transmitter that can be verified by
encrypted transmissions to a trained receiver. The
transmitter's secret is the manufacturer's key, not the
encryption algorithm. If that key is compromised, then
a smart transceiver can:
⢠capture any serial number
⢠create a valid code word
⢠trick all receivers trained with that serial number.
HCS473
The key cannot be read from the EEPROM without
costly die probing, but it can be calculated by brute
force decryption attacks on transmitted code words.
The cost for these attacks should exceed what you
would want to protect.
To protect the security of other receivers with the same
manufacturer's code, you need to use the random seed
for secure learn. It is a second secret that is unique for
each transmitter. Itâs transmission on a special button
press combination can be disabled if the receiver has
another way to find it, or is limited to the first 127 trans-
missions for the receiver to learn it. This way it is very
unlikely to ever be captured. Now if a manufacturer's
key is compromised, new transmitters can be created.
But without the unique seed, they must be relearned by
the receiver. In the same way, if the transmissions are
decrypted by brute force on a computer, the random
seed hides the manufacturer's key and prevents more
than one transmitter from being compromised.
The length of the code word at these baud rates makes
brute force attacks that guess the hopping code require
years to perform. To make the receiver less susceptible
to this attack, make sure that you test all the bits in the
decrypted code for the correct value. Do not just test
low counter bits for sync and the bit for the button input
of interest.
The main benefit of hopping codes is to prevent the
retransmission of captured code words. This works
very well for code words that the receiver decodes. Its
weakness is if a code is captured when the receiver
misses it, the code may trick the receiver once if it is
used before the next valid transmission. To make the
receiver more secure it could increment the counter on
questionable code word receptions. To make the trans-
mitter more secure it could use separate buttons for
lock and unlock functions. Another way would be to
require two different buttons in sequence to gain
access.
There are other ways to make KEELOQ systems more
secure, but these are all trade-offs. You need to find a
balance between:
⢠Security
⢠Design effort
⢠Usability (particularly in failure modes).
For example, if a button sticks or someone plays with
it, the counter should not end up in the blocked code
window, rendering the transmitter useless or requiring
the receiver to relearn the transmitter.
 2002 Microchip Technology Inc.
Preliminary
DS40035C-page 41
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese