English
Language : 

HCS473 Datasheet, PDF (6/68 Pages) Microchip Technology – Code Hopping Encoder and Transponder
HCS473
• Transponder Reader (Reader, for short) - A
device that authenticates a transponder using bi-
directional communication.
• Transport code - An access code, ‘password’
known only by the manufacturer, allowing write
access to certain secure device memory areas
(Section 3.2.3.2).
1.2 Encoder Overview
The HCS473 code hopping transcoder is designed
specifically for passive entry systems; particularly vehi-
cle access. The transcoder portion of a passive entry
system is integrated into a fob, carried by the user and
operated to gain access to a vehicle or restricted area.
The HCS473 is meant to be a cost-effective yet secure
solution to such systems, requiring very few external
components (Figure 2-1).
1.2.1
LOW-END SYSTEM SECURITY
RISKS
Most low-end keyless entry transmitters are given a
fixed identification code that is transmitted every time a
button is pushed. The number of unique identification
codes in a low-end system is usually a relatively small
number. These shortcomings provide an opportunity
for a sophisticated thief to create a device that ‘grabs’
a transmission and retransmits it later, or a device that
quickly ‘scans’ all possible identification codes until the
correct one is found.
1.2.2 HCS473 SECURITY
The HCS473, on the other hand, employs the KEELOQ
code hopping technology coupled with a transmission
length of 69 bits to virtually eliminate the use of code
‘grabbing’ or code ‘scanning’. The high security level of
the HCS473 is based on the patented KEELOQ technol-
ogy. A block cipher based on a block length of 32 bits
and a key length of 64 bits is used. The algorithm
obscures the information in such a way that even if the
transmission’s pre-encrypted information differs by
only one bit from that of the previous transmission, sta-
tistically greater than 50 percent of the transmission’s
encrypted result will change.
1.2.3 HCS473 HOPPING CODE
The 16-bit synchronization counter is the basis behind
the transmitted code word changing for each transmis-
sion; it increments each time a button is pressed.
Once the device detects a button press, it reads the
button inputs and updates the synchronization counter.
The synchronization counter and crypto key are input
to the encryption algorithm and the output is 32 bits of
encrypted information. This encrypted data will change
with every button press, its value appearing externally
to ‘randomly hop around’, hence it is referred to as the
hopping portion of the code word. The 32-bit hopping
code is combined with the button information and serial
number to form the code word transmitted to the
receiver. The code word format is explained in greater
detail in Section 3.1.2.
1.3 Identify Friend or Foe (IFF)
Overview
Validation of a transponder first involves an authenti-
cating device sending a random challenge to the
device. The transponder then replies with a calculated
response that is a function of the received challenge
and its stored crypto key. The authenticating device,
transponder reader, performs the same calculation and
compares it to the transponder’s response. If they
match, the transponder is identified as valid and the
transponder reader can take appropriate action.
The HCS473’s IFF response is generated using one of
two possible crypto keys. The authenticating device
precedes the challenge with a three bit field dictating
which key to use in calculating the response.
The bi-directional communication path required for IFF
is typically inductive for short range (<10cm) transpon-
der applications with an inductive challenge and induc-
tive response. Longer range (~1.5m) passive entry
applications still transmit using the LF inductive path
but the response is transmitted RF.
DS40035C-page 4
Preliminary
 2002 Microchip Technology Inc.