View AT88SC0104CA_3654687.PDF datasheet online --- IC-ON-LINE

Datasheet File OCR Text:

at88sc0104c a , at88sc0404c a at88sc0204ca , at88sc0808c a atmel cryptomemory specification datasheet features ? one of a family of devices with user memories from 1kbit to 8 kbit ? eeprom user memory ? four or eight zones ? self - timed write cycles ? single - byte or mult iple - byte page- write modes ? programma ble access rights for each zone ? 2 kbit configuration zone ? 37- byte otp area for user - defined codes ? 160- byte area for user - defined keys and passwords ? high security features ? 64- bit mutual authentication protocol (under licen se of elva) ? cryptographic message authentication codes (mac) ? stream encryption ? fou r key sets for authentication and encryption ? eight sets of two 24 - bit passwords ? anti - tearing function ? voltage and frequency monitor ? embedded application features ? low voltage supply: 2.7v to 3.6v ? secure nonvolatile storage for sensitive system or user information ? two - wire serial interface (twi, 5v compatible ) ? 1.0 mhz compatibility for fast operation ? standard 8 - lead plastic packages, green compliant (exceeds rohs) ? same pinout as two - wire serial eeprom s ? smart card features ? iso 7816 class b (3v) operation ? iso 7816 -3 asynchronous t = 0 protocol (gemplus ? patent ) ? multiple zones, key sets and passwords for multi - application use ? synchron ous two - wire serial interface for faster device in itialization ? programmable 8 - byte answer -to - reset (atr) register ? iso 7816 -2 compliant moduls ? high reliability ? endurance: 100,000 cycles ? data retention : 10 years ? esd protection : 2,000v 8664e ? crypto ? 12 /11
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 2 table o f contents 1. pin configuration and package information ................................ .................... 4 1.1 pin configuration ................................................................................................ 4 1. 2 package information ........................................................................................... 4 2. description ................................ ................................ ................................ ....... 5 2.1 atmel at88scxxxxc family of products differences ......................................... 5 2.2 embedded applications ...................................................................................... 5 2.3 smart card applications ..................................................................................... 5 2.4 scope 5 3. block diagram ................................ ................................ ................................ . 6 4. pin description ................................ ................................ ................................ 7 4.1 supply voltage (v cc )........................................................................................... 7 4.2 clock (scl/clk) ................................................................................................. 7 4.3 serial data (sda/io) ........................................................................................... 7 4.4 reset (rst) ........................................................................................................ 7 5. configuration and user zone descri ption ................................ ....................... 8 5.1 detailed description ............................................................................................ 8 5.2 control logic ....................................................................................................... 8 5.3 configuration memory ......................................................................................... 8 5.4 user memory .................................................................................................... 11 6. communication security modes ................................ ................................ .... 14 6.1 security operations .......................................................................................... 14 6.2 data protection features .................................................................................. 17 6.3 configuration memory values ........................................................................... 18 6.4 security fuses .................................................................................................. 22 7. protocol selection ................................ ................................ .......................... 24 7.1 synchronous mode for embedded applications ............................................... 24 7.2 asy nchronous mode for smart card applications ............................................. 25 8. synchronous protocol ................................ ................................ ................... 26 8.1 start - up sequence ............................................................................................ 26 8.2 command set ................................................................................................... 27 8.3 command format ............................................................................................. 28 8.4 acknowledge polling ......................................................................................... 29 8.5 device addressing ............................................................................................ 30 8.6 twi command descriptions ............................................................................. 30 8.7 write user zone: $b0 ....................................................................................... 31 8.8 random read: $b1 .......................................................................................... 32 8.9 read user zone: $b2 ....................................................................................... 33 8.10 system write: $b4 ............................................................................................ 34 8.11 system read: $b6 ............................................................................................ 36 8.12 verify crypto: $b8 ............................................................................................. 38 8.13 verify password: $ba ....................................................................................... 40 9. initialization example ................................ ................................ ..................... 41 9.1 write data to user zones ................................................................................. 41 9.2 unlock the configurat ion memory ..................................................................... 41 9.3 write data to the configuration memory ........................................................... 41 9.4 set security fuses ............................................................................................ 41
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 3 10. asynchronous t=0 protocol ................................ ................................ .......... 44 10.1 character format .............................................................................................. 44 10.2 command format .............................................................................................. 44 10.3 command set ................................................................................................... 45 10.4 t=0 command descriptions ............................................................................. 47 10.5 write user zone: $b0 ....................................................................................... 47 10.6 read user zone: $b2 ....................................................................................... 48 10.7 system write: $b4 ......................................................................................... 49 10.8 system read: $b6 ........................................................................................... 51 10.9 verify crypto: $b8 ........................................................................................ 53 10.10 verify password: $ba ..................................................................................... 55 11. initialization example ................................ ................................ ..................... 56 11.1 write data to user zones ................................................................................. 56 11.2 unlock the configu ration memory ..................................................................... 56 11.3 write data to the configuration memory ........................................................... 56 11.4 set security fuses ............................................................................................ 56 12. absolute maximum ratings* ................................ ................................ ......... 59 12.1 dc and ac characteristics ............................................................................... 59 12.2 timing diagrams for synchronous communications ........................................ 60 13. por and tamper conditions ................................ ................................ ........ 62 13.1 power on reset (po r) delay .......................................................................... 62 13.2 tamper detection ............................................................................................. 62 14. ordering information ................................ ................................ ..................... 63 appendix a. errata ................................ ................................ .............................. 64 a.1 send checksum command in twi mo de ......................................................... 64 appendix b. revision history ................................ ................................ .............. 65
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 4 1. pin configuration and package information 1.1 pin configuration table 1 -1. package pin configuration pad description iso module contact standard package pin tssop mini - map v cc supply voltage c1 8 8 4 gnd ground c5 4 1 5 scl/clk serial clock input c3 6 6 2 sda/io serial data input/output c7 5 3 7 rst reset input c2 nc nc nc 1.2 package information figure 1 -1. atmel cryptomemory packages 1 2 3 4 8 7 6 5 sma r t card module v cc = c1 rst = c2 scl/clk = c3 nc = c4 c5 = gnd c6 = nc c7 = s d a/io c8 = nc 8-lead soi c , pdip nc nc nc gnd v cc nc scl sd a 8-lead t s so p nc v cc 8 1 nc c n 7 2 8-lead tssop nc k l c 6 3 gnd 5 4 s d a 1 2 3 4 8 7 6 5 sd a gnd clk v cc 8-lead ult r a thin mini-map (mlp 2x3) bo t t om v iew nc nc nc nc
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 5 2. description the atmel ? at88scxxxxca is a family of four high - performance secure memory devices providing 1k to 8k b its of user memory with advanced built - in security and cryptographic features. the mem ory is divided into four or eight user zones each of which may be individually set with different security access rights or used together to provide space for one or mult iple data files. a configuration zone contains registers to define the security rights for each user zone and space for passwords and secret keys used by the security logic of atmel cryptomemory ? . through dynamic, symmetric - mutual authentication, data encr yption, and the use of encrypted checksums, cryptomemory provides a secure place for storage of sensitive information within a system. with its tamper protection circuits, this infor mation remains safe even under attack. cryptomemory also provides high se curity, low cost and ease of implementation of host - client type systems without the need for a microprocessor operating system. the embedded cryptographic engine provides for a dynamic, symmetric - mutual authentication between the device and host, as well a s performs stream encryption for all data and passwords exchanged between the device and host. up to four unique key sets may be used for these operations. 2.1 atmel at88scxxxxc family of products differences the key differentiating feature of the at88scxxxxc a family of memory devices from at88scxxxxc family is support for hardware implementation of the twi read command. support for this twi hardware command allows for faster application development and also permits greater device versatility. in addition, at8 8scxxxxca offers a random read command , whereby given a starting address, the user can clock unlimited number of bytes from the device up to the memory capacity. last but no t least, the at88scxxxxca family of devices specifically targets low voltage and lo w power applications. 2.2 embedded applications a two - wire serial interface running at 1.0 mhz is used for fast and efficient communications with up to 15 devices that may be individually addressed. cryptomemory is available in industry standard 8 - lead packages with the same familiar pin layout as two - wire serial eeprom s supporting only the synchronous communications protocol. note: tssop pinout not the same 2.3 smart card applications cryptomemory offers the ability to communicate with virtually any smart card reader u sing the asynchronous t=0 protocol defined in iso 7816 - 3. all cryptomemory devices in smart card module form will also c ommunicate using a synchronous two - wire serial interface. 2.4 scope this cryptomemory specification document includes all specifications fo r the standard, authentication, and encryption modes of cryptomemory operation.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 6 3. block diagram figure 3 -1. block diagram authentication, encryption and certification unit eeprom answer to reset data transfer password verification reset block asynchronous iso interface synchronous interface power management v cc gnd scl/clk s d a/io rst
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 7 4. pin description 4.1 supply voltage (v cc ) the v cc input is a 2.7v to 3.6v positive voltage supplied by the host. 4.2 clock (scl/clk) in the asynchronous t=0 protocol, the scl/clk input is used to provide the device with a carrier frequency f . the nominal length of one bit emitted on i/o is defined as an "elementary time unit" (etu) and is equal to 372/ f . when the synchronous protocol i s used, the scl/clk input is used to clock data in on the positive clock edge and clock data out on the negative clock edge. 4.3 serial data (sda/io) the sda pin is bi - directional for serial data transfer. this pin is open- drain driven and may be wired with an y number of other open drain or open collector devices. an external pull up resistor should be connected between sda and v cc , a nominal value of 4.7k ohm may be used. the value of this resistor and the system capacitance loading the sda bus will determine the rise time of sda. this rise time will determine the maximum frequency during read operations. low value pull up resistors will allow higher frequency operations while drawing higher average power supply current. 4.4 reset (rst) cryptomemory provides an iso 7816- 3 compliant asynchronous answer -to - reset (atr) sequence. when the reset sequence is activated, the device will output the data programmed into the 64 - bit atr register. when rst is low, all internal logic, access rights and write cycles are in reset, except the asynchronous mode activation flag. a weak internal pull - up on the rst input pad allows the device to be used in synchronous mode without bonding rst. for synchronous only smart card applications an external pull - up on rst is recommended to ensur e synchronous operation under any system timings or conditions. cryptomemory does not support a synchronous answer to reset sequence. the rst input is not available in the plastic package options for cryptomemory. figure 4 -1. connection diagram 2.7v - 5.5v 2.7v - 3.6v sda scl cryptomemory microprocessor note: while the atmel cryp tomemory at88scxxxxca is a low voltage device (2.7v to 3.6v) its i/o buffers are designed for standard high voltage applications (2.7v to 5.5v)
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 8 5. configuration and user zone description 5.1 detailed description to enable the security features of cryptomemory, pe rsonalize the device by setting up registers and loading appropriate passwords and keys. this is accomplished though programming the configuration zone of cryptomemory using simple write and read commands. to gain access to the configuration zone, the secu re code ( write 7 password) must be successfully presented. after writing and verifying data in the configuration zone, the security fuses must be blown to lock this informat ion in the device. for additional information on personalizing cryptomemory, please see the examples in the protocol sections of this specification. 5.2 control logic access to the user zones occurs only through the control logic built into the device. this logic is configurable through acce ss reg isters, key registers and keys programmed into the configuration memory during device personalization. also implemented in the control logic is a cryptographic engine for performing the various higher - level security functions of the device. 5.3 configuration m emory the configuration memory consists of 2048 bits of eeprom memory used for storing passwords, keys, codes , and defining security levels to be used for each user zone . the control logic defines access rights to the configuration memory and the user may not alter these rights. the access rights include the ability to program certain portions of the configuration memory and then lock the data written through use of security fuses . the configuration memory for each cryptomemory device is identical with the exception of the number of access registers and password/key registers available. devices with four user zones have four sets of registers, and those with eight user zones , eight sets of registers. unused memory space in the register region becomes reserve d to ensure other components of the configuration memory remain at the same address location regardless of the number of user zones in a device.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 9 table 5 -1. atmel AT88SC0104CA /0204ca/ 0404ca configuration memory $0 $1 $2 $3 $4 $5 $6 $7 $00 answer to reset identification $08 fab code mtz card manufacturer code $10 lot history code read only $18 dcr identification number nc access control $20 ar0 pr0 ar1 pr1 ar2 pr2 ar3 pr3 $28 reserved $30 $38 $40 issuer code $48 $50 aac0 cryptog ram c 0 cryptography $58 session encryption key s 0 $60 aac1 cryptogram c 1 $68 session encryption key s 1 $70 aac2 cryptogram c 2 $78 session encryption key s 2 $80 aac3 cryptogram c 3 $88 session encryption key s 3 $90 secret seed g 0 secret $98 s ecret seed g 1 $a0 secret seed g 2 $a8 secret seed g 3 $b0 pac write 0 pac read 0 password $b8 pac write 1 pac read 1 $c0 pac write 2 pac read 2 $c8 pac write 3 pac read 3 $d0 pac write 4 pac read 4 $d8 pac write 5 pac read 5 $e0 pac write 6 pac read 6 $e8 pac write 7 pac read 7 $f0 reserved forbidden $f8
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 10 table 5 -2. atmel at88sc0808ca configuration memory $0 $1 $2 $3 $4 $5 $6 $7 $00 answer to reset identification $08 fab code mtz card manufacturer code $10 lot history code read only $18 dcr identification number nc access control $20 ar0 pr0 ar1 pr1 ar2 pr2 ar3 pr3 $28 ar4 pr4 ar5 pr5 ar6 pr6 ar7 pr7 $30 reserved $38 $40 issuer code $48 $50 aac0 cryptogram c 0 cryptography $58 session encryption key s 0 $60 aac1 crypto gram c 1 $68 session encryption key s 1 $70 aac2 cryptogram c 2 $78 session encryption key s 2 $80 aac3 cryptogram c 3 $88 session encryption key s 3 $90 secret seed g 0 secret $98 secret seed g 1 $a0 secret seed g 2 $a8 secret seed g 3 $b0 pac wr ite 0 pac read 0 password $b8 pac write 1 pac read 1 $c0 pac write 2 pac read 2 $c8 pac write 3 pac read 3 $d0 pac write 4 pac read 4 $d8 pac write 5 pac read 5 $e0 pac write 6 pac read 6 $e8 pac write 7 pac read 7 $f0 reserved forbidden $f 8
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 11 5.4 user memory the eepr om user memory is divided into four (AT88SC0104CA / 0204ca / 0404ca) or eight (at88sc0808ca) user zones. multiple zones allow for the storage of different data types or files in different zones. access to user zones is possible o nly after meeting security requirements. the customer defines these security requirements in the configuration zone during device personalization. when the same security requirements define access to multiple zones, the zones effectively serve as one large storage area albeit with the requirement to select each zone prior to access. user zone access is personalized by customer via t he access registers. table 5 -3. atmel at88sc0104c a user memory zone $0 $1 $2 $3 $4 $5 $6 $7 user 0 $00 32 b ytes $18 user 1 $00 32 b ytes user 2 $00 32 b ytes $18 user 3 $00 32 b ytes $18 note: page size = 16 bytes
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 12 table 5 -4. atmel at88sc0204c a user memory z one $0 $1 $2 $3 $4 $5 $6 $7 user 0 $00 64 b ytes $38 user 1 $00 64 b ytes $38 user 2 $00 64 b ytes $38 user 3 $00 64 b ytes $38 note: page size = 16 bytes
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 13 table 5 -5. atmel at88sc0404c a user memory zone $0 $1 $2 $3 $4 $5 $6 $7 user 0 $00 128 b ytes $78 user 1 $00 128 b ytes $78 user 2 $00 128 b ytes $78 user 3 $00 128 b ytes $78 note: page size = 16 bytes table 5 -6. atmel at88sc0808c a user memory zone $0 $1 $2 $3 $4 $5 $6 $7 user 0 $00 128 b ytes $78 user 1 us er 6 $00 $78 user 7 $00 128 b ytes $78 note: page size = 16 bytes
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 14 6. communication security modes communication between the device and host operates in three basic modes. standard mod e is the default mode for the device after power - up. authentication mode is activated by a successful authentication sequence. encryption mode is activated by a successful encryption activation following a successful authentication. data transferred to and from the device is handled per the following table. table 6 -1. communication security modes mode configuration data user data passwords data integrity check standard/password clear clear clear mdc authentication clear clear encrypted mac encryption clear encrypte d encrypted mac note: 1. configuration data includes the entire configurati on memory except the passwords ? mdc: modification detection code ? m ac: message authentication code 6.1 security operations 6.1.1 password verification the use of passwords protects read and write ac cesses to the user zones. any one of eight password sets is available for assignment to any user zone through configuration of access registers. cryptomemory provides separate 24 - bit passwords for read and write operations. read passwords grant only read a ccesses to zones under password protection, while write passwords grant both read and write accesses. successful presentation of any password renders the verify password command active until the presentation of another password or device reset. only one pa ssword may be active at a time. presenting incorrect passwords decrements the value of the corresponding password attempts counter (pac). decrementing the pac to $00 permanently disables the corresponding password and permanently renders the corresponding user zone(s) under protection inaccessible. operation in authentication or encryption modes requires encryption of passwords for all password transactions. figure 6 -1. password verification c o mm a nd / c o mm un i ca t i on s c r y p t o m e m o r y d e v i c e verify password allow access h o s t log i c send password encrypted if performed after mutual authentication verify password
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 15 6.1.2 authentication protocol the use of a mutual authentication protocol f urther protects access to u ser zones. any one of four key sets is available for assignment to any user zone through configuration of access registers. each key set consists of a secret seed, a cryptogram, and a session encryption key. a verify crypt o comma nd exists to allow the use of any one of the key sets to enter authentication mode. each successful entry into authentication mode renders the mode active for the current key set until the next call to the verify crypt o command or device reset. only one ke y set may be active at anytime. unsuccessful calls of the verify crypt o command exits authentication mode and decrements the value of the authentication attempts counter (aac) register. decrementing aac to $00 permanently disables the corresponding key set and permanently renders the corresponding user zone(s) under protection inaccessible. entry into authentication mode is a process through which the host and cryptomemory device mutually authenticate one another. first, the host generates a 64 - bit random number, reads a current cryptogram and identification information from the device, and uses this information in conjunction with the corresponding secret seed to generate a 64 - bit challenge for the device. the host also generates a new cryptogram and sessi on encryption key in the process. the host then sends the challenge and random number to the device by calling the verify crypt o command. the device utilizes the random number from the host to generate its own challenge, new cryptogram and session encrypti on key. it then compares the challenge to the one from the host. if the challenges match, then the device declares the host authentic, overwrites its corresponding current cryptogram and session encryption key with the new ones. to complete the mutual auth entication, the host reads the new cryptogram from the device and compares it with its new cryptogram. the new cryptogram from the device serves as a challenge to the host. if the cryptograms match then the device is a uthentic. only an authentic pair of ho st and device can generate the same challenges and cryptograms. activating mutual authentication requires the use of the verify authentication variant of the verify crypto command (see section 8.2 , command set and section 10.3 , command set ). figure 6 -2. the mutual authentication process cr yptomemo r y d e vice de vice in f o , c r ypto gr am [secret seed] compute challenge a v er ify challenge a compute challenge b compute session k e y all o w access host logic read d e vice in f o , c r ypto gr am compute secret seed gene r ate random number compute challenge a compute challenge b compute session k e y read challenge b v er ify challenge b all o w access read config zone v er ify a uthentication read config zone command/communications
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 16 6.1.3 data encryption cryptomemory allows the use of encryption b etween a host system and the cryptomemory device to protect the confidentiality of data during read - write accesses and verify password operations. to enable encryption, the host must generate a challenge using the session encryption key generated from the authentication activation step. the host then needs to call the verify crypto command again with the device still in active authentication mode. the session encryption key must belong to the active authentication key set. the host may enable encryption at any time after which data content of communication between host and device user zones becomes encrypted. if a user zone configuration in the access register requires encryption, however, then the host must enter encryption mode and must encrypt all data co ntent to and from the zone in the remainder of the active encryption session in order to communicate with the zone. cryptomemory does not encrypt system zone data except for password and password attempt counters. passwords and password attempt counters re quire encryption during active authentication or encryption modes. each successful entry into encryption mode renders the mode active for the current key set until the next call to the verify crypt o command or device reset. only one key set may be active a t anytime. unsuccessful calls of the verify crypto command exits both encryption and authentication modes and decrements the value of the authentication attempts counter (aac) register. decrementing aac to $00 permanently disables the corresponding key set and permanently renders the corresponding user zone(s) under protection inaccessible. activating encryption is similar in process to activating authentication with the exception that the session encryption key replaces the secret seed. the process uses th e verify encryption variant of the verify crypto c ommand ( see section 8.2, command set and section 10.3 , command set ) figure 6 -3. encryption activation process from active authentication mode cr yptomemo r y d e vice session k e y , c r ypto gr am compute challenge a v er ify challenge a compute challenge b ena b le enc r yption host logic session k e y , c r ypto gr am gene r ate random number compute challenge a compute challenge b read challenge b v er ify challenge b v er ify enc r yption read config zone command/communications 6.1.4 encrypted checksum (message authentication code, mac) cryptomemory implements a data validity check function in the form of an encrypted checksum. this che cksum provides a bi - directional data integrity check and data origin authentication capability in the form of a message authentication code (mac) : only the host/device that carried out a valid authentication is capable of computing a valid mac. when writin g data to the cryptomemory device in authentication or encryption communication modes, the host must send a valid checksum immediately following the write command. if the checksum is invalid, the device rejects the write command and resets the device secur ity privileges. the host must reinitiate entry into authentication and, if applicable, encryption modes to continue. the use of checksum is optional when reading data. calls to the read checksum command resets device security so its use is recommended only at the completion of all data read operations from the device.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 17 6.2 data protection features security operations control access to data stored in cryptomemory. after gaining access, additional options exist to protect data in the user memory. 6.2.1 modify forbidden the modify forbidden option renders the user zone read - only by restricting all write operations to it. it is recommended to program all required data in the user zone prior to enabling this option. modify forbidden is available for any user zone and is sel ectable by configuring appropriate access registers . 6.2.2 program only the program only o ption constrains data bit modification to programming from logic ?1? to logic ?0? only. data bits may never change from logic ?0? to logic ?1?. program only is available fo r any user zone and is selectable by configuring appropriate access registers . 6.2.3 write lock the write lock option provides ability to render individual bytes within a user zone read - only by restricting all write operations to it. it operates on 8 - byte page l evel whereby the lowest addressed byte of the page serves as the write access control byte for that page. table 6 -2 shows the use of write lo ck for data at addresses $080 - $087. the byte at $080 controls write access to bytes from $080 to $087. table 6 -2. write lock example address $0 $1 $2 $3 $4 $5 $6 $7 $080 11011001 xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx locked locked locked the write lock option also applies to the access control byte for each page by writing its least significant (rightmost) bit to logic ?0?. moreover, only logic modifications from logic ?1? to logic ?0? of the access control byte are permissible. write lock i s available for any user zone and is selectable by configuring approp riate access registers. furthermore, configuring a user zone with the write lock option restricts writing to that zone to a byte at a time. attempts to write several bytes within a command ; results in writing only the first byte. 6.2.4 anti - tearing (power loss p rotection) in the event of a power loss during a write cycle, the integrity of the device's stored data may be recovered. this function is optional , and the host may choose to activate the anti - tearing function for any write to a user zone or configuration zone by use of the appropriate b4 system write command. when anti - tearing is active, write commands will take longer to execute since more write cycles are required. additionally, the data written is limited to eight bytes. data is written first to a buf fer zone in eeprom instead of the intended destination address in the user zone or configuration zone, but with the same access conditions. if this write cycle is interrupted the original data remains intact in the user zone or configuration zone. the data is then written in the required memory location. if this second write cycle is interrupted the device will automatically recover the data from the system buffer zone at the next power - up and write it to the intended destination address. in two - wire mode, the host is required to perform ack polling for 36ms after write commands when anti - tearing is active. at power - up five clock cycles are required to check the anti - tearing flags. in the event that the device needs to carry out the data recovery process th e host is required to perform ack polling for 18ms.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 18 6.3 configuration memory values this section describes each individual field in the configuration memory. 6.3.1 default values atmel programs certain fields of the system zone at the factory. the customer may elec t to change the content of all of these fields except for the lot history code f ield, which is permanently locked. atmel programs the remainder of the fields, including all of the configuration memory and user zones to ones prior to releasing the device fr om the factory. table 6 - 3 , ? factory progra mmed fields ,? summarizes device fields atmel programs at the factory. a brief description of each field follows. table 6 -3. factory progra mmed fields device atr fab code lot history code write 7 password (secure code) at88sc0104c a 3b b2 11 00 10 80 00 01 10 10 variable, locked dd 42 97 at88sc0204c a 3b b2 11 00 10 80 00 02 20 20 variable, locked e5 47 47 at88sc0404c a 3b b2 11 00 10 80 00 0 4 40 40 variable, locked 60 57 34 at88sc0808c a 3b b2 11 00 10 80 00 08 80 60 variable, locked 22 e8 3f 6.3.2 answer to reset (atr) this is an eight byte wide register with content that atmel defines. this register is read/write accessible prior to blowing the fab fuse, but becomes read - only after blowing the fuse. 6.3.3 fab code this field is a 16 - bit wide register with content that atmel defines. this field is read/write accessible prior to blowing the fab fuse, but becomes read - only after blowing the fuse. 6.3.4 memory test zone (mtz) this field is a 16 - bit wide register with open read/write access privileges at all times for testing basic communication to the device. this field is free of all security constraints at all times. 6.3.5 card manufacturer code this field is a 32 -b it wide register with read/write access privileges for the customer to define its content. the content of this field becomes read - only after blowing the per fuse. 6.3.6 lot history code this field is a 64 - bit wide register with content that atmel defines. this f ield is read - only. 6.3.7 issuer code this field is a 128 - bit wide register with read/write access privileges for customer to define its content. the content of this field becomes read - only after blowing the per fuse.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 19 6.3.8 device configuration register (dcr) this 8 - bit register allows selection of the following device configuration options (active low). the values programmed have an immediate effect on the logic of the device. the default value is ?1? for each bit. table 6 -4. device configuration register (dcr) bit 7 bit 6 b it 5 bit 4 bit 3 bit 2 bit 1 bit 0 sme ucr uat eta cs3 cs2 cs1 cs0 6.3.8.1 sme ? supervisor mode enable asserting this bit (sme = ?0?) enables supervisor mode for write 7 password such that verifying write 7 password grants read and write accesses to all passwo rd sets and pacs. verifying write 7 password does not grant access to other passwords when this bit is not asserted (sme = ?1?). 6.3.8.2 ucr ? unlimited checksum reads asserting this bit (ucr = ?0?) allows unlimited number of checksum reads without requiring a new authentication. not asserting this bit (ucr = ?1?) limits the read of checksum to one attempt after which the device resets the crypto algorithm after executing the read checksum command. 6.3.8.3 uat ? unlimited authentication trials asserting this bit (uat = ?0? ) disables the authentication attempts counter (aac) thus allowing unlimited authentication attempts. the aac decrements after each unsuccessful attempt but the internal logic ignores it value. asserting this bit also prevents reset of the crypto algorithm after reading the mac in encryption mode. the uat bit does not affect the password attempts counter. 6.3.8.4 eta ? eight trials allowed asserting this bit (eta = ?0?) extends the trials limit to 8 incorrect attempts to authenticate or verify a password. the cou nt er (aac or pac) will decrement ($ff, $fe, $fc, $f8, $f0, $e0, $c0, $80, $00) with each incorrect attempt. disabling this bit (eta = ?1?) limits authentication and password verification trials to only four incorrect attempts ($ff, $ee, $cc, $88, $00). 6.3.8.5 cs0 ? cs3: programmable chip select ( only relevant in synchronous protocol) the four most significant bits (b4 ? b7) of every command comprise the chip select address . all cryptomemory devices will respond to the default chip select address of $b (1011). each d evice also responds to a second chip select address programmed into cs0 - cs3 of the device configuration register . by programming each device to a unique chip select address, it is possible to connect up to 15 devices on the same serial data bus a nd communi cate individually to each. global communications to all devices sharing the bus is accomplished using the default chip select address $b. 6.3.9 access registers four (AT88SC0104CA/0204ca/ 0404ca) or eight (at88sc0808ca) 8 - bit access registers allow personalizatio n of the device. each access register works in conjunction with a password/key regi ster to define the security settings for each individual zone of the user memory. values in the access registers take immediate effect after programming. the default value f or each bit is ?1?. table 6 -5. access register bit 7 bit 6 bit 5 bit 4 bit 3 bit 2 bit 1 bit 0 pm1 pm0 am1 am0 er wlm mdf pgo
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 20 6.3.9.1 pm(1:0) password mode table 6 -6. password mode pm0 pm1 access 1 1 no password required 1 0 write password required 0 * read and write passwords re quired when pm = ?11?, the user zone under protection requires no password. when pm = ?10?, the zone requires write password verification for writing and reading is free. when pm = ?01? or ?00?, reading requires the read password verification and wri ting requires write password verification. however, proper verification of the write pas sword also grants read access. the password set required is specified by pw(3:0) in the corresponding passwords/keys register (see section 6.3.10 , password/key registers ). verification of the write password also allows modification of the read and the write passwords. 6.3.9.2 am(1:0) ? authentication mode table 6 -7. authentication mode am1 am0 access 1 1 no authentication required 1 0 authentication for write 0 1 normal authentication mode 0 0 dual access mode when am = ?11?, the user zone under protection requires no authentication. when am = ?10?, the zone requires authentication only for write access es and read accesses are free. when am = ?01?, the zone requires authentication for both write and read accesses. in both of these configurations, the authentication key (ak) in the corresponding passwords/keys register specifies the required secret seed a nd corresponding cryptogram, and when applicable the session encryption key (see the following s ection 6.3.10 ). finally, when am = ?00?, the dual access mode is active in which authentication using the program o nly key (pok) giv es a right to read and program the zone (i.e. write '0's only), while authentication using the ak gives full read and write access to the zone. in this way, a token application may be implemented, whereby regular hosts with knowledge of po k may decrement the stored value, and only master hosts with knowledge of ak may reset the token to its full value. please see the following s ection 6.3.10 on the passwords/keys register for f urther definition of pok and ak. notes: 1. when am = "00", the pok bits in the corresponding password/key register a re ignored 2. when am = ?00? and pgo = ?0?; bits in the zone may not be written to ?1? even when using the ak 3. r equiring authentication automatically requires the use of s ecure checksums for write operations (see section 6.1.4 , encrypted checksum (message authentication code, mac) 6.3.9.3 er ? encryption required when er = "0", the host is requi red to activate the encryption mode in order to read/write the corresponding user zone. no data read from or written to the zone may be transmitted in the clear. if er = "1", the host may activate the encryption mode , but isn't specifically required to do so by the device.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 21 6.3.9.4 wlm ? write lock mode asserting this bit (wlm = ?0?) divides the user zone into 8 - byte pages. the first byte of each page becomes the write lock byte and defines t he locked/unlocked status for each byte in the page. write access is forbid den to a byte if its associated bit in the write lock byt e is set to ?0?. bit 7 controls byte 7; bit 6 controls byte 6, etc. by setting bit 0 to ?0? locks the write lock byte i tself. enabling write lock mode limi ts write operations to one byte at a time. 6.3.9.5 m df ? modify forbidden asserting this bit (mdf = ?0?) renders the user zone read - only at all times. the user zone must, therefore, be programmed before setting this bit to ?0? 6.3.9.6 pgo ? program only asserting this bit (pgo = ?0?) allows changing of data within the user zone under protection from ?1? to ?0? and never from ?0? to ?1?. 6.3.10 password/key registers four (AT88SC0104CA/0204ca/ 0404ca) or eight (at88sc0808ca) 8 - bit password/key reg isters receive definition during device personalization. each password/key re g ister works in conjunction with a corresponding access register to define the security settings of each zone. the values programmed have an immediate effect on the logic of the device. the default value is ?1? for each bit. bit 3 is reserved and should be left as value ?1.? table 6 -8. password/key register bit map bit 7 bit 6 bit 5 bit 4 bit 3 bit 2 bit 1 bit 0 ak1 ak0 pok1 pok0 res pw2 pw1 pw0 6.3.10.1 ak(1:0) ? authentication key these bits define which of the four secret seeds g 0 -g 3 must be used in an authentication to a llow access to the user zone if authentication is selected in the corresponding access register. each access register may point to a unique authentication secret, or access registers for multiple zones may point to the same authentication secret. in this c ase authentication with a single secret seed will open several zones. 6.3.10.2 pok(1:0) ? program only key when the user zone has the dual access mode selected (am = "00"), these bits define which of the four secret seeds g 0 -g 3 must be used in an authentication to allow read and program (i.e. write '0's onl y ) access to the user zone. 6.3.10.3 pw(2:0) ? password set these bits define which of the eight password sets must be presented to allow access to the user zone when the password mode is selected. 6.3.11 identification number a 56- bit number the customer defines during personalization. it is recommended that a unique identification number be assigned to each device. 6.3.12 cryptograms (c 0 ? c 3 ) each of these fields contains a 56 - bit cryptogram for use during authentication. the internal logic modifies the cryptogram each time it successfully verifies the authentication. the customer may program an initial value for the cryptogram during personalization. it is recommended that the initial values be random numbers.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 22 6.3.13 session keys (s 0 ? s 3 ) e ach of these fields contains a 64- bit session key for use during encryption. the internal logic modifies the session key each time it successfully processes authentication or encryption verification. the session keys do not require initial values and does programming initial values are not necessary. 6.3.14 secret seeds (g 0 - g 3 ) each of these fields contains a 64 - bit secret seed that is used in conjunction with the corresponding cryptogram and session key during the authentication and encryption sequences. the cust omer programs the secret seeds during device personalization. 6.3.15 password sets the password fields contain eight sets of two 24 - bit passwords for read and write operations. the customer defines the values of these passwords during personalization. successfull y verifying the write password allows modification of the read and the write passwords of the same set. 6.3.16 secure code the secure code is the write 7 password. properly presenting this password grants write access to the configuration memory during personaliz ation. atmel defines the initial value of the secure code but the customer may change these values after successful presentation during a verify password operation for write 7 password. table 6 -3 , factory progra mmed fields shows the secure codes for various devices when they leave the atmel factory. after blowing the per fuse, verifying write 7 password no longer grants write access to the configuration memory, and the co nfiguration memory becomes read - only thereafter. 6.3.17 password attempts counters (pac) each of the sixteen pac fields contains an 8 - bit attempts counter for the verify password process. each pac corresponds to a password. the attempts counter limits the number of incorrect consecutive presentations of the corresponding password to four, after which it locks the password from future use. the pac will decrement ($ff, $ee, $cc, $88, $00) with each incorrect attempt to present the password. the pac permanently locks the corresponding password once its value reaches $00. prior to reaching $00, any correct presentation of the password resets the pac value to $ff . 6.3.18 authentication attempts counters (aac) each of the four aac fields contains an 8 - bit attempt counter for th e authentication process. each aac field corresponds to each authentication key set. the attempts counter limits the number of incorrect consecutive attempts to authenticate to for, after which it locks the authentication key set from future use. the aac w ill decrement ($ff, $ee, $cc, $88, $00) with each incorrect attempt to authenticate. the aac permanently locks the corresponding key set once its value reaches $00. prior to reaching $00, any correct attempt to authenticate resets the aac value to $ff. 6.4 sec urity fuses cryptomemory uses four fuses. the status of these fuses is given in a ?fuse byte.? a value of ?0? indicates that the fuse has been blown. bits four to seven of this byte are not used as security fuses and are reserved for atmel use. table 6 -9. device fuse s f 7 f 6 f 5 f 4 f 3 f 2 f 1 f 0 resv resv resv resv sec per cma fab
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 23 sec, per, cma , and fab are non - volatile fuses blown at the end of various steps in the manufacturing and personalization process. once blown, these fuses can never be reset. atmel blows the s ec fuse to lock the lot history code before the device leaves the factory. blowing the remainder of the fuses must follow the sequence: ? fab to lock the atr and the fab code portions of the configuration memory ? cma to loc k the card manufacturer code of the configuration memory ? per to lock the remainder of th e configuration memory any attempt to blow a fuse out of sequence will be unsuccessful. table 6 -10 provides a summary of access rights for all portions of the memory for each fuse condition. table 6 -10. configuration memory access control by security fuses zone operation fuse sec = 0 fab = 0 cma = 0 per = 0 identification (except mtz and cmc) read free free free free write secure code forbidden forbidden forbidden memory test zone ( mtz) read free free free free write card manufacturer code (cmc) read free free free free write secure code secure code forbidden forbidden read only (lot history code) read free free free free write forbidden forbidden forbidden forbidden acc ess control read free free free free write secure code secure code secure code forbidden cry p tography (except encryption keys s) read free free free free write secure code secure code secure code forbidden encryption keys (s) read secure code secure code secure code forbidden write secret read secure code secure code secure code forbidden write passwords read secure code secure code secure code write pw write password attempts counters (pac) read free free free free write secure code secure code secure code write pw forbidden read forbidden forbidden forbidden forbidden write note: secure code : write 7 password is the secure code until th e per fuse is blown
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 24 7. protocol selection cryptomemory supports two application areas wi th differ ent communication protocols: ? two - wire serial communication for embedded applications ? iso 7816 asynchr onous t=0 smart card interface the power - up sequence of cryptomemory determines what mode it shall operate in. a brief description of each of th ese modes follows. 7.1 synchronous mode for embedded applications the two - wire serial interface is used for fast and efficient communication with logic and controllers. the synchronous mode is the default after powering up v cc due to the internal and/or extern al pull - up on rst. for embedded applications using cryptomemory in standard plastic packages rst is not bonded out and this is the only communication protocol. ? power - up v cc , rst goes high also ? after stable v cc , apply five pulses clk - scl ? clk - scl and i/o - sda may then be driven figure 7 -1. asynchronous mode v cc i/o-s d a rst clk-scl 1 2 3 4 5 the asynchronous mode is selected when rst is low on a rising edge of clk. once the asynchronous mode has been selected, it is not possible to return to the synchronous mode other than by powering the device off and on again.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 25 7.2 asynchronous mode for smart card applications the asynchronous t=0 protocol defined by iso 7816 - 3 is used for compatibility with the industry standard smart card readers. selecting this mode requires the following power - up sequenc e, which complies with iso 7816 - 3 for a cold reset in smart card applications. ? power up v cc ; rst, io - sda and clk - scl are low ? set i/o - sda in receive mode ? provide a clock signal to clk - scl ? rst g oes high after 400 clock cycles the device will respond with a 64- bit atr code, including historical bytes to indicate the memory density within the cryptomemory family. once the asynchronous mode has been selected, it is not possible to switch to the synchronous mode without powering off the device. table 7 -1. atr codes for low er density cryptomemory atmel device ts t0 ta(1) tb(1) td(1) ta(2) t1 t2 at88sc0104c a $3b $b2 $11 $00 $10 $80 $00 $01 at88sc0204c a $3b $b2 $11 $00 $10 $80 $00 $02 at88sc0404c a $3b $b2 $11 $00 $10 $80 $00 $04 at88sc0808c a $3b $b2 $11 $00 $10 $80 $00 $08 figure 7 -2. power up sequence for smart card mode v cc i/o-s d a rst clk-scl a tr smart card applications that support the two - w ire protocol can also use cryptomemory in the synchronous mode.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 26 8. synchronous protocol communication with the cryptomemory using the synchronous protocol is ve ry similar to communication with at24cxxx serial eeprom devices using a two - wire protocol (twi). basic command structure and timing are the same . h owever , a significant difference exists when reading the cryptomemory device that will be described below. 8.1 st art - up sequence when first powering up the device, five pulses are required on clk - scl for reading of internal registers. this may be accomplished by sending one full command byte to the device. the device will not respond but will then be ready to respond to the next correct command sequence. ? power - up v cc ? external pull - up resistor pulls i/o - sda high with v cc ? after stable v cc , 5 pulses are applied to clk - scl ? clk - scl and i/o - sda may be driven figure 8 -1. start - up sequence v cc i/o-s d a clk-scl 1 2 3 4 5
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 27 8.2 command set the command se t of cryptomemory is expanded compared to a serial eeprom as the functionality of cryptomemory exceeds that of a simple memory device. each instruction sent to the cryptomemory must have four bytes, command , address 1 , address 2, and n . the last byte, n, d efines the number of any additional data bytes to be sent or received from the cryptomemory device. in addition, the random read command is available. it is the only one byte command but must be preceded by an aborted write command in order to set up the r ead address. table 8 -1. atmel cryptomemory synchronous command set command description command addr 1 addr 2 n data (n) write user zone normal (AT88SC0104CA - at88sc0808ca) $b0 addr addr n $10 n bytes with anti - tearing (all devices) $b0 addr addr n $08 n bytes read read random read $b1 details on command usage below read user zone normal read $b2 addr a ddr n n bytes system write write config zone (AT88SC0104CA - at88sc0808ca) $b4 $00 a ddr n $10 n bytes write fuses $b4 $01 fuse id $00 send checksum $b4 $02 $00 $02 2 bytes set user zone $b4 $03 zone $00 write config zone with anti - tearing $b4 $08 addr n $08 n bytes set user zone with anti - tearing $b4 $0b zone $00 system read read conifg zone $b6 $00 addr n read fuse byte $b6 $01 $00 $01 read checksum $b6 $02 $00 $02 verify crypto verify authentication $b8 $0x $00 $10 8 random bytes + 8 challenge bytes x= key set (0 -3) verify encryption $b8 $1x $00 $10 8 random b ytes + 8 challenge bytes x= key set (0 -3) verify password write password $ba $0x $00 $03 3 byte password x=password set (0 -7) read password $ba $1 x $00 $03 3 byte password x=password set (0 -7)
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 28 8.3 command format most cryptomemory commands have the sa me format as a two wire interface (twi) write command characterized by a zero in the lsb of the first byte (device address). the only exception is the random read command that has a one in the lsb of the device address byte. 8.3.1 write command format the host generates all command and data bytes within a write transaction and sends these to the device. the device acknowledges each byte. figure 8 -2. cryptomemory write command s t a r t s t o p write command address 1 address 2 n data data x n a c k a c k a c k a c k a c k a c k xxxx xxx0 0000 0000 0a6-- ---a0 n7--- ---n0 d7--- ---d0 d7--- ---d0 the number of bytes cryptomemory can write within each call of a write command is constrained by the physical page size of the eeprom memory. the maximum number of bytes to write for each call to the write command is $10. all cryptomemory write commands comply with the format for the twi write command. 8.3.2 read command format the cryptomemory read comman ds (read user zone, system read and random read) do not comply with the format of the twi read command. the cryptomemory read user zone and system read co mmands closely resemble the twi write command format by having a zero in the lsb in the device address byte. the random read c ommand closely resembles the format for the twi read command but requires additional steps to specify the read address. 8.3.2.1 normal read: $b2 or $b6 (read user zone or system read) the cryptomemory normal read comm and looks like a twi wr ite command (lsb of the fist byte = 0) but after the fourth byte of the command the cryptomemory device will begin to send data back on the bus. the number of bytes sent by cryptomemory will be equal to the value of n. figure 8 -3. cryptomemory normal read command s t a r t s t o p read command address 1 address 2 data data x n a c k a c k a c k a c k a c k n a c k xxxx xxx0 0000 0000 0a6-- ---a0 n7--- ---n0 d7--- ---d0 d7--- ---d0 n t he response of cryptomemory will cause contention with the host on a standard twi bus. typically cryptomemory cannot be used on a standard twi bus but requires a modified twi protocol to account for the unique read command format.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 29 8.3.2.2 random read: $b1 the rand om read command prov ides the host ability to sequentially clock data from the device starting from a specified address. the host needs to issue a ?dummy? write operation in order to specify the start address for the random read . the host does this by clock ing in the four bytes of the write command and then follows them with a start condition instead of a data byte. at this point, the device?s internal logic is pointing to the address from the aborted write operation. the host may then issue the random read com mand byte ($b1) to which the device will respond with the eeprom byte at the current address location and then increment the internal address by one. the device will continue to sequentially send out bytes as long as t he host keeps acknowledging each by te with an ack. address ?roll over? is from the last byte of the current zone to the first byte of that zone. the host terminates random read by issuing a nack signal instead of an ack. figure 8 -4. random read command s t a r t write command address 1 address 2 data data a c k a c k a c k a c k a c k s t a r t n a c k xxxx xxx0 0000 0000 0a6--- ---a0 n7--- ---n0 xxxx 0001 d7--- ---d0 n s t o p data x n a c k n a c k d7--- ---d0 random read command cryptomemory will nack the n parameter of the d ummy write operation if the write were issued to an illegal write location. the nack response, however, does not affect the loading of the read address. the random read command works for both configuration and user memory . it is important to implement the cryptomemory read commands as specified; otherwise cryptomemory responses will cause contention on the bus with a host using standard twi protocol. 8.4 acknowledge polling a stop condition ends each command. certain commands require an acknowledge polling seq uence. acknowledge polling consists of sending a start condition followed by the command byte and determining if the device responds with an ack. if the device is not ready for the command it will not acknowledge and the sequence must be repeated (start co ndition, command byte, check for ack). the ack indicates the operation has completed but gives no indication of the success or failure of the command . ? read commands: no ack polling required ? write commands: ack polling required except encrypted write co mman ds. any command may be used ? set commands: no ack polling required ? verify commands: ack polling requi red with b2 or b6 commands only
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 30 the following table lists the specific requirements for ack polling and the maximum expected delay before the device will ack indicating readiness for the next command. table 8 -2. minimum delay for ack polling for each command command description command addr 1 addr 2 n ack polling cmd delay write user zone normal $b0 addr addr n required, any cmd 5ms normal with anti - tearing e ncrypted $b0 addr addr n required, any cmd 20ms $b0 addr addr n no, send checksum 0 encrypted with anti - tearing $b0 addr addr n no, send checksum 0 random read $b1 n/a n/a n/a not required read user zone $b2 addr addr n not required 0 system wri te write config zone $b4 $00 addr n required, any cmd 5ms write fuses $b4 $01 fuse id $00 required, any cmd 5ms send checksum $b4 $02 $00 $02 required, any cmd 5ms send checksum with anti - tearing $b4 $02 $00 $02 required, any cmd 20ms set user zone $b4 $03 zone $00 not required 0 write config zone with anti - tearing $b4 $08 addr n required, any cmd 20ms set user zone with anti - tearing $b4 $0b zone $00 not required 0 system read read config zone $b6 $00 addr n not required 0 read fuse byte $b6 $01 $00 $01 not required 0 read checksum $b6 $02 $00 $02 note required 0 verify crypto verify authentication $b8 $0x $00 $10 required; b2 or b6 only 10ms verify encryption $b8 $1x $00 $10 required; b2 or b6 only 10ms verify password write password $b a $0x $00 $03 required; b2 or b6 only 10ms read password $ba $1x $00 $03 required; b2 or b6 only 10ms note: delays are based on operation at 25 c 8.5 device addressing the first nibble of the command byte corresponds to the device address. all cryptomemory devi ces will respond to the device address $b. a specific device may be set to respond to another value ($0 to $f) in addition to $b by setting this value in th e second nibble of the device configuration register (dcr) in the configuration memory. the dcr is s et to $ff at the atmel factory and thus will respond to device address $b and $f unless the dcr is modified. for a device to respond only to $b the dcr should be set to $b also . 8.6 twi command descriptions in the following section operations are described in two parts: the instruction is described first from a functional point of view (parameters and data exchanged), after which they are detailed for the synchronous two - wire protocol. in these diagrams, values are shown in binary format with bits to the left t ransmitted first, i.e. bytes are transmitted most significant bit first.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 31 8.7 write user zone: $b0 8.7.1 functional figure 8 -5. write user zone command functional description host device command address 1 address 2 number of bytes n data n data bytes ? data the write user zone command $b0 allows writing of data in the device's currently selected user zone (the procedure for selecting a user zone is described below , see section 8.10 system write: $b4 ). the data byte address to be written is defined by address 1 and address 2 in the command. the value n defines how many bytes are to be written. the maximum number of bytes that may be written is $10 corresponding to the eeprom page size. in anti - tearing mode the maximum value for n is $08 for all devices. a write in anti - tearing mode is activated with the set user zone with anti - tearing command; all subsequent write operations to the user zone will be in anti - teari ng mode. a write may be started in the middle of an eeprom page but should not extend past the end of the page. when a write user zone command is sent in authentication mode or encryption m ode the data is saved in a buffer until a cryptographic checksum is received. the host must send the checksum it has computed immediately after the write user zone comman d. if the checksum is valid, cryptomemory writes the data; if the checksum is incorrect , the data is discarded and the cryptographic engine is reset. if the host is not allowed to write in the zone, the device will not acknowledge the n byte. after this command the host must perform ack polling. figure 8 -6. write user zone command structure s t a r t s t o p command address 1 address 2 data data x n a c k a c k a c k a c k a c k a c k 1011 0000 xxxx xxxx xxxx xxxx xxxx xxxx d7--- ---d0 d7--- ---d0 n
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 32 8.8 random read: $b1 8.8.1 functional figure 8 -7. random read sequence description host de vice write command address a1 address a2 number of bytes n random read command data ? n data bytes data the random read c ommand $b1 allows reading of data from the device s configuration memory or currently selected use r zone (the section 8.10 system write: $b4 describes how to select a user zone). th e random read com mand provides the host ability to sequentially clock data from the device starting from a specified address. the host needs to first specify the start address to read from in the memory by executing a ?dummy? operation. the host does this by clocking in the four bytes of the write command and then follows th em with a start condition instead of a data byte. at this point, the device?s internal logic is pointing to the address from the aborted write operation. the host may then issue the random read com mand byte ($b1) to which the device will respond with the e eprom byte at the current address location and then increment the internal address by one. the device will continue to sequentially send out bytes as long as t he host keeps acknowledging each byte with an ack. during this operation the address will ?roll o ver? from the last byte of the current zone to the first byte of the same zone. the host terminates random read by issuing a nack signal instead of an ack. figure 8 -8. random read command structure w r i t e c o mm an d a dd r e ss 1 a dd r e ss 2 n n a c k r ando m r ead c o mm an d a c k n a c k s t o p xxxx xxx 0 0000 000 0 0a6 -- --- a 0 n7 --- --- n 0 xxxx 000 1 d7 --- --- d 0 d7 --- --- d 0 d a t a d a t a x n s t a r t s t a r t a c k a c k a c k a c k a c k
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 33 8.9 read user zone: $b2 8.9.1 functional figure 8 -9. read user zone command functional description host device read command address 1 address 2 number of bytes n data ? n data bytes data the read user zon e command $b2 allows reading of data from the device's c urrently selected user zone (the procedure for selecting a user zone is described in section 8.10 , system write: $b4 ). the data byte address to be read is defined by address 1 and address 2 in the comm and and is internally incremented following the transmission of each data byte. the value n defines how many bytes cryptomemory will read, a value of zero will result in 256 bytes read. the host however , may cease clocking the device and end the transmissi on with a nack and stop at any time prior to receiving all n bytes. during a read operation the address will "roll over" from the last byte of the curre nt zone, to the first byte of the same zone. if the host is not allowed to read the zone, the device wil l not acknowledge the n byte. figure 8 -10. read user zone command structure s t a r t s t o p command address 1 address 2 data data x n a c k a c k a c k a c k a c k n a c k 1011 0010 xxxx xxxx xxxx xxxx xxxx xxxx d7--- ---d0 d7--- ---d0 n
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 34 8.10 system write: $b4 figure 8 -11. system write command functional description host device command address 1 address 2 number of bytes n data n d ata bytes ? data the system write command allows writing of configuration data to the device. depending on the value of the address 1 parameter, the host may write data in the configuration zone, program the fuses, or set the user zone. table 8 -3. system writ e command detail command description command addr 1 addr 2 n data (n) write config zone $b4 $00 addr n $10 n bytes write fuses $b4 $01 fuse id $00 send checksum $b4 $02 $00 $02 2 bytes set user zone $b4 $03 zone $00 8.10.1.1. write config zone the maximum number of bytes that may be written is $10 and this corresponds to the eeprom page size. in anti - tearing mode the maximum value for n is $08 for all devices. a write may be started in the middle of an eeprom page but should not extend past the end of the page. if the address provided is an unauthorized address, the device will not write the requested data. s ince access rights vary throughout the configuration zone, the host may provide an authorized starting address, but a number of bytes that causes the device to reach unauthorized data. in this case, the device will prevent the internal write c ycle and no b ytes will be written in the eeprom. after this command the host must perform ack polling.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 35 8.10.1.2 write fuses the fuses may only be "programmed", that is written from '1' to '0'. the write fuses operation is allowed only after successf ully presenting the se cure code ( write 7 password). the fuses must be blown sequentially: fab must be blown first, cma may be blown only if fab is ?0?, and per only if cma is ?0?. after this command the host must perform ack polling. the sec fuse is blown at the atmel factory t o protect lot history information. table 8 -4. fuse identification fuse fuse id sec $07 fab $06 cma $04 per $00 8.10.1.3 send checksum to write data to user zones that require authentication or encryptio n for write access (er = ?0?, am[1:0] = ?00?, ?01?, or ?10? in the a ccess register), the host should first carry out the write command $b0. at this point the memory is unchanged and the device is waiting for the host to provide a valid checksum before initiating the write cycle. the host immediately sends the checksum it h as computed using the system write command with p1 = $02. only if the checksum is valid will the device initiate the write cycle. furthermore, if the device receives an incorrect checksum, it will clear the authentication privilege. after this command the host must perform ack polling. 8.10.1.4 set user zone before reading and writing data in the user zones, the host must select a zone with this command. at this time the host chooses whether anti - tearing should be active for this zone. table 8 -5. anti - tearing command descripti on command addr 1 addr 2 n data (n) write config zone with anti - tearing $b4 $08 addr n $08 n bytes set user zone with anti - tearing $b4 $0b zone $00 data written to the configuration zone may be done with anti - tearing enabled by setting address 1 to $08 of the write configuration zone command. to enable anti - tearing for writes to a user zone , a set user zone command is executed with address 1 set to $0b. all subsequent write user zone commands will be executed with anti - tearing enabled until the next set user zone command. anti - tearing should be turned off if not required, as it would otherwise cause more write cycles than necessary figure 8 -12. system write command detail s t a r t s t o p command address 1 address 2 data data x n a c k a c k a c k a c k a c k a c k 1011 0100 0000 xxxx xxxx xxxx xxxx xxxx d7--- ---d0 d7--- ---d0 n
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 36 8.11 system read: $b6 8.11.1 functional figure 8 -13. system read command functional description host device read command address 1 address 2 number of bytes n data ? n data bytes data the system read c ommand allows reading of system data from the device. depending on the value of address 1, the host may read the data in the configuration zone, or the fuses. table 8 -6. zone configuration example command description command addr 1 addr 2 n read config zone $b6 $00 addr n read fuse byte $b6 $01 $00 $01 read checksum $b6 $02 $00 $02 8.11.2 read config zon e the data byte address to be read is defined by address 2 in the command and is internally incremented following the transmission of each data byte. the value n defines how many bytes cryptomemory will read, a value of zero will result in 256 bytes read. if the address provided is an unauthorized address, the device will not ack the n byte and will not return any data. since access rights vary throughout the configuration zone, the host may provide an authorized starting address and a number of bytes n tha t causes the device to reach unauthorized data. in this case the device will transmit the fuse byte (see below) in place of unauthorized bytes. 8.11.3 read fuse byte fuse data is returned in the form of a single byte. bits zero to three represent the fuse states; a value of ?0? indicates the fuse has been blown. bits four to seve n are not used as security fuses and are reserved by atmel. table 8 -7. fuse byte definition f 7 f 6 f 5 f 4 f 3 f 2 f 1 f 0 resv resv resv resv sec per cma fab
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 37 8.11.3.1 read checksum the checksum consists of two bytes, and the read checksum c ommand must be sent with parameter n = 2. figure 8 -14. system read s t a r t s t o p command address 1 address 2 data data x n a c k a c k a c k a c k a c k n a c k 1011 0110 0000 xxxx xxxx xxxx xxxx xxxx d7--- ---d0 d7--- ---d0 n
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 38 8.12 verify crypto: $b8 8.12.1 functional figure 8 -15. verify crypto command functional description host device command key index 8 random bytes q1 q2 q3 q4 q5 q6 q7 q8 8 challenge bytes ch1 ch2 ch3 ch4 ch5 ch6 ch7 ch8 when the device receives the verify crypto command, it computes a challe nge based on the received random number, q, the internally stored associated cryptogram , c i , and secret seed , g i (or session encryption key , s i ). the device also decrements the associated attempts counter. it then compares the computed challenge with the c hallenge sent by the host. if the challenges match, the device computes and writes a new c i and s i . the device utilizes the success or failure information of the authentication process and updates the attempts counter accordingly. key index: b0000_00nn : secret seed g 0 -g 3 b0001_00nn : session encryption key s 0 -s 3 data : q : host random number, 8 bytes ch : host challenge, 8 bytes
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 39 figure 8 -16. verify crypto s t a r t s t o p command k e y ind e x p ar ameter 2 data x 16 a c k a c k a c k a c k a c k 1011 1000 000e 00nn xxxx xxxx 0001 0000 d7--- ---d0 n=16 once the sequence has been carried out, the device requires the host to perform an ack polling with either th e read user zone $b2 command or system read $b6 command. to verify whether the authentication succeeded, the host could either read the associated attempts counter to confirm the value is $ff, or read the post authentication cryptogram from the device and compare with the cryptogram generated when the host computed the challenge bytes.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 40 8.13 verify password : $ba 8.13.1 functional figure 8 -17. verify password command functional description host device command password index pw1 3 password bytes pw2 pw3 read password indices: $1 0 to $17 for passwords 0, 1, 2, and 7. write password indices: $0 0 to $07 for passwords 0, 1, 2, and 7. secure code index: $07 (equivalent to write password 7). four password index b its "r" and "ppp" indicate the password to compare: r = 0 : write password, r = 1 : read password, p 2 p 1 p 0 : password set number figure 8 -18. verify password s t a r t s t o p command pw ind e x p ar ameter 2 data x 3 a c k a c k a c k a c k a c k 1011 1010 000r 0p2p1p0 xxxx xxxx 0000 0011 d7--- ---d0 n=3 once the sequence has been carried out, the device requires the host to perform an ack polling sequence with the system read command $b6. in order to know whether the inserted password was correct, the host can read the corresponding attempts counter and verify the value is zero.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 41 9. initialization example the first step in initializing cryptomemory is to determine what data is to be stored in the device and what the security settings need to be to protect this data. once defined, determine the proper settings for cryptomemory registers and select values for passwords. to initialize the cryptomemory device , the following sequence is recommended to take place in a secure location to protect sensitive data and passwords that may be loaded into the device. 9.1 write data to user zones in the default configuration from atmel, all user zones have free access rights. writing initial data into the user zones should be done before setting security configurations. use the set user zone command and write user zone com mand to write initial data into the user zones. the read user zone c ommand may be used to verify the data written. 9.2 unlock the configuration memory before any data can be written to the configuration zone, it must be unlocked by presenting the correct security code ( write 7 password ). use the verify password command with the proper secure code supplied by atmel to unlock the configuration zone. use the read config zone command to read back the security code at address $e9 for verification that the configuration zone has been unlocked. 9.3 write data to the configuration memory writing this data is accomplished by pe rforming the write config zone command at the appropriate address location. the read config zone command may be used to verify the data written. as soon as values are written to the registers, keys, and passwords, they become effective in determining the s ecurity of the user zones. 9.4 set security fuses once all data is written and verified into user zones and the configuration zone the security fuses should be set before the device is released from the secure location used for device initialization. there are three fuses, fab, cma and per that must be set. these three fuses must be set in the order listed (fab, then cma, then per). the write fuse command is used to set each of the three fuses individually. the read fuse c ommand may be used to check the status of all three fuses. once all fuses have been set the read fuse command should return a value of zero for the second nibble of the fuse byte. the AT88SC0104CA is used for this example. a small pattern is written into the first two user zones. security for e ach of these two user zones and the associated register values are shown in the table below. simple values for passwords are used. table 9 -1. cryptomemory asynchronous command set user zone data security requirements access register password/key register 0 zone 0 no ne $ff $ff 1 zone 1 read/write password (set 1) $7f $f9 2 zone 2 read/write authentication (set 2) $df $bf 3 zone 3 read/write password (set 1), read/write authentication (set 2) with encryption required $57 $b9
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 42 the following shows the two - wire co mmands sent to the cryptomemory device for the purpose of initializing the device. the flow is consistent with the steps described above; comments have been added as indicated with an asterisk (*). * atmel at88sc0104c a initialization example *write data to user zones *set user zone 0 b4 03 00 00 *write data = zone 0 data b0 00 00 0b 5a 6f 6e 65 20 30 20 44 61 74 61 *set user zone 1 b4 03 01 00 *write data = zone 1 data b0 00 00 0b 5a 6f 6e 65 20 31 20 44 61 74 61 *set user zone 2 b4 03 02 00 *write data = zone 2 data b0 00 00 0b 5a 6f 6e 65 20 32 20 44 61 74 61 *set user zone 3 b4 03 03 00 *write data = zone 3 data b0 00 00 0b 5a 6f 6e 65 20 33 20 44 61 74 61 *unlock configuration zone ba 07 00 03 dd 42 97 *write codes in configuration zone *write card mfg code = p001 b4 00 0b 04 50 30 30 31 *write identification number = 00000000012345 b4 00 19 07 00 00 00 00 01 23 45 *write issuer code = station 035 b4 00 40 10 53 54 41 54 49 4f 4e 20 30 33 35 00 00 00 00 00 *write registers in configuration zone *write registers ar1/pr1 = 7f f9 b4 00 22 02 7f f9 df bf 57 b9 *write keys in configuration memory *write ci for set 2 = 22222222222222 b4 00 71 07 22 22 22 22 22 22 22 *write gc for set 2 = 5b4f9ae4b5098be7 b4 00 a0 08 5b 4f 9a e4 b5 09 8b e7 *write passwords in configuration memory *write passwords in configuration zone *write passwords, read 7 = 10 00 01, write 7 = 11 00 11 b4 00 b9 07 11 00 11 ff 10 00 01 *read entire configuration zone to verify b6 00 00 f0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 43 *device response: 3b b2 11 00 10 80 00 01 10 10 ff 50 30 30 31 ff 8c ad a8 10 0a ab ff ff fb 00 00 00 00 01 23 45 ff ff 7f f9 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 53 54 41 54 49 4f 4e 20 30 33 35 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 11 00 11 ff 10 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff *set security fuses *set fab fuse b4 01 06 00 *set cma fuse b4 01 04 00 *set per fuse b4 01 00 00 *read fuse byte = x0 b6 01 00 01 *device response: 00 90 00
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 44 10. asynchronous t=0 protocol 10.1 character format the cryptomemory complies with the asynchronous t=0 protocol defined in iso 7816 - 3. the charact er format is shown in the following figure . n ote that the byte is transmitted with the least significant bit first. figure 10 -1. character format (n 0,2) etu p ar ity bit ne xt sta r t bit sta r t bit guard time d d d d d d d d p 0 t t t i/o z a 8 data bits 0 1 1 10 n 2 3 4 5 6 7 even parity is used: the parity bit is such that the overall sum of bits in the data byte and the parity bit is an even number. if a transmission error is detected, the receiving device indicates this by applying a low level on the i/o channel during the gua rd time. this tells the transmitting device to retransmit the byte . 10.2 command format the command sequence is as follows: 1. in compliance with iso 7816 - 3, the host must send the header consisting of five c haracters: cla, ins, p1, p2, p3 ? cla refers to a class of instructions. this byte isn't tested by the device ? ins is the instruction byte ? p1 and p2 are reference bytes, such as a data byte address or password index ? p3 is the number of data bytes transferred during the command. for outgoing transfers (e.g. read commands), p3 = 0 means that 256 data bytes will be emitted by the card. for incoming commands, p3 = 0 means that no dat a bytes will be transferred 2. the device replies with a "procedure byte ? normally equal to the ins code received. if a problem occurred, then the device will respond with a status word pair sw1 - sw2, in dicating the end of the command 3. data transfer (p3 bytes) 4. a final sw1 - sw2 sequence gives the status of the device after completion of the command. a normal completion is indicated by sw1 - sw2 = $90 - $00 note: f or all bytes transmitted by the device or by the host, including header, procedure, status and data byte s, if a parity error is detected, the receiver requests that byte to be sent again (see character format)
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 45 10.3 command set table 10 -1. cryptomemory asynchronous command set command description cla ins p1 p2 p3 data (n) b0 write user zone normal $00 $b0 addr addr n $10 n bytes with anti - tearing $00 $b0 addr addr n $08 n bytes b2 read user zone read user zone $00 $b2 addr addr n b4 system write write config zone $00 $b4 $00 addr n $10 n bytes write fuses $00 $b4 $01 fuse id $00 send checksum $ 00 $b4 $02 $00 $02 2 bytes set user zone $00 $b4 $03 zone $00 write config aone w/a -t $00 $b4 $08 addr n $08 n bytes set user zone w/a -t $00 $b4 $0b zone $00 b6 system read read config zone $00 $b6 $00 addr n read fuse byte $00 $b6 $01 $00 $01 read checksum $00 $b6 $02 $00 $02 b8 verify crypto verify authentication $00 $b8 $0x $00 $10 8 random bytes + 8 challenge bytes x=key set (0 -3) verify encryption $00 $b8 $1x $00 $10 8 random bytes + 8 challenge bytes x=key set (0 -3) ba veri fy password write password $00 $ba $0x $00 $03 3 byte password x=password set (0, 1,2 or 7) read password $00 $ba $1x $00 $03 3 byte password x=password set (0, 1,2 or 7) 10.3.1 status words table 10 -2. asynchronous mode return status words definitions sw1 sw2 meaning $62 $00 the memory is unchanged (waiting for checksum) $67 $00 the length is incorrect $69 $00 the command is unauthorized $6b $00 the address is incorrect $6d $00 the instruction code is invalid $90 $00 the command was successfully executed
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 46 these s tatus words indicate the state of the device at the end of the command. in normal conditions, the device sends the ins byte as the procedure byte , and $90 $00 as the final status word . in certain conditions described below, the device may interrupt the com mand by returning a status word in place of ins as the procedure byte. $67 $00 is returned as a procedure byte when the number of data bytes to be transferred is incorrect. $69 $00 is returned after read/write commands as procedure bytes if the host is n ot allowed to read/write at the address provided. it is also returned after password commands if the maximum number of attempts has been exceeded. the device will return $69 $00 as a final status word in place of $90 $00, if the password presentation faile d. $6b $00 is returned as procedure bytes if the address is incorrect. $6d $00 is returned as procedure bytes if the ins code received is not supported. 10.3.2 example: write eeprom command the following illustrates the data exchanges that occur during a write operat ion of four bytes : $04, $09, $19, and $97 to addresses $02, $03, $04, and $05 in the current user zone. start finish host device val note cla ** class (ignored by cryptomemory) ins $b0 write instruction p1 ** a ddress byte a1 (ignored by 0104c - 1616c) p2 $02 address byte a2 = $02 p3 $04 four data bytes ins $b0 device responds with ins code data $04 byte to be written at start address $02 data $09 byte to be written at address $03 data $19 byte to be written at address $04 data $97 byte to be written at address $05 write cycle ~5ms sw1 90 write operation successful sw2 $00
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 47 10.4 t=0 command descriptions the command set of cryptomemory is expanded compared to a serial eeprom as the functionality of cryptomemory exceeds that of a simple memory device. each instruction sent to the cryptomemory must have four bytes: command, address 1, address 2 , and n. the last byte, n, defines the number of any additional data bytes to be sent or rec eived from the cryptomemory device. 10.5 write user zone: $b0 10.5.1 functional figure 10 -2. write user zone command functional description host device command address a1 address a2 number of bytes n data n data bytes ? data the write user zon e command $b0 allows writing of data into the device's currently selected user zone (the procedure for selecting a user zone is described below. the maximum numbers of bytes that may be written in a single write operation is $10 a nd corresponds to the eeprom page size. each data byte within a page must only be loaded once. in anti - tearing mode the maximum value for n is $08 for all devices. a write in anti - tearing mode is activated with the set user zone command with the anti - teari ng option (00 b4 0b zz 00) ; all subsequent writes to the user zone will be in anti - tearing mode. "when a write user zone command is sent in authentication mode or encryption mode the data is saved in a buffer until a cryptographic checksum is received. th e host must send the checksum it has computed immediately after the write user zone command. if the checksum is valid, cryptomemory writes the data; if the checksum is incorrect the data is discarded and the cryptographic engine is reset." if the host is n ot allowed to write in the zone, the device will return the "command unauthorized" code ($69 $00) after it has received the p3 byte. table 10 -3. write user zone command structure command header data sent cla ins : command p1 : address 1 p2 : address 2 p3 : n data(1) ... data(n) ** $b0 0000 0000 0a 6 -- ---a 0 000n 4 --- n 0 d 7 --- ---d 0 ... d 7 --- ---d 0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 48 10.6 read user zone: $b2 10.6.1 functional figure 10 -3. read user zone command functional description host device read command address 1 address 2 number of bytes n data ? n data bytes data the read user zone co mmand $b2 allows reading of data from the device's currently selected user zone (the procedure for selecting a user zone is described below). the byte address is internally incremented following the transmission of each data byte. during a read operation the address will "roll over" from the last byte of the current zone, to the first byte of the s ame zone. if the host is not allowed to read the zone, the device will return the "command unauthorized" code ($69 $00) after it has received the header. table 10 -4. read user zone command structure command header data returned cla ins : command p1 : address 1 p2 : address 2 p3 : n data(1) ... data(n) ** $b2 0000 0000 0a 6 -- ---a 0 n 7 --- n 0 d 7 --- ---d 0 ... d 7 --- ---d 0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 49 10.7 system write: $b4 10.7.1 functional figure 10 -4. system write command functional description host device command address p1 address p2 number of bytes n data n data b ytes ? data the system write command allows writing of system data to the device. depending on the value of the p1 parameter, the host may write data in the configuration memory, program the fuses, send a checksum or set the user zone. table 10 -5. system write command detail command cla ins p1 p2 p3 data(n) write config zone $00 $b4 $00 addr n $10 n bytes write fuses $00 $b4 $01 fuse id $00 send checksum $00 $b4 $02 $00 $02 2 bytes set user zone $00 $b4 $03 zone $00 the anti - tearing function is controlled by p1: the host may choose to write in the configuration zone with anti - tearing ena bled by setting p1 = $08 instead of $00. similarly, the host may choose to activate anti - tearing for a user zone by carrying out the set user zone command with p1 = $0b instead of $03. all subsequent write user zone commands are then carried out with anti - tearing enabled until the next set user zone command. anti - tearing should be turned off if not required, as it would otherwise cause more write cycles than necessary. table 10 -6. anti - tearing command description cla ins p1 p2 p3 data(n) write config zone w/ a -t $00 $ b4 $08 addr n $08 n bytes set user zone w/ a -t $00 $b4 $0b zone $00
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 50 10.7.2 write c o nfig zone the maximum number of bytes to write for each call of the write command is $16 and corresponds to the eeprom page size. each data byte within a page must only be loaded once. in anti - tearing mode the maximum value for n is $08 for all devices. if the address provided at p2 is an unauthorized address, the device will return the "command unauthorized" code ($69 $00) after it has received the header. since access rights vary throughout the configuration zone, the host may provide an authorized starting address, but a number of bytes that causes the device to reach unauthorized data. in this case, the devic e will prevent the internal write cycle and no bytes will be written in the eeprom. at the end of the command the "command unauthorized" code ($69 $00) will be returned instead of $90 $00 to indicate that no write cycle occurred. 10.7.3 write fuses table 10 -7. fuse bytes fuse fuse id sec $07 fab $06 cma $04 per $00 the fuses ma y only be "programmed", that is written from '1' to '0'. the write fuses operation is only allowed after successfully presenting the secure code ( write 7 password). the fuses must be blown sequentially: fab must be blown first, cma may be blown only if fab is ?0?, and per only if cma is ?0?. the sec fuse is blown at the atmel factory to protect lot history information. 10.7.4 send checksum to write data to user zones that require authentication or encryption f or write access (er = ?0?, am [1:0] = ?00?, ?01?, or ?1 0? in the access register), the host should first carry out the write command $b0, after which the device will return a special sta tus word: $62 $00. at this point the memory is unchanged and the device is waiting for the host to provi de a valid checksum b efore initiating the write cycle. the host immediately sends the checksum it has computed using the system write command with p1 = $02. only if the checksum is valid will the device initiate the write cycle. furthermore, if the device receives an incorrect checksum, it will clear the authentication privilege. after this command the host must perform ack polling. 10.7.5 set user zone before reading and writing data in the user zones, the host should select a zone with this command. at this time the host may choose whether anti - tearing should be active for this zone. table 10 -8. system write command structure command header data sent cla ins : command p1 p2 p3 data(1) ... data(n) ** $b4 p 7 --- p 0 p 7 --- p 0 n 7 --- n 0 d 7 --- ---d 0 ... d 7 --- ---d 0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 51 10.8 system read: $b6 10.8.1 functional figure 10 -5. s ystem read command functional description host device read command address 1 address 2 number of bytes n data ? n data bytes data the system read command allows reading of th e system data from the device. depending on the value of the p1 parameter, the host may read the data in the configuration memory, the fuses, or a checksum. table 10 -9. system read command detail command cla ins p1 p2 p3 data (n) read config zone $00 $b6 $00 addr n read fuse byte $00 $b6 $01 $00 $01 read checksum $00 $b6 $02 $00 $02 10.8.2 read config zone to read 256 bytes, the host should set n = $00. this is true for any outgoing command, and is defined by iso 7816 - 3. if the address provided at p2 is an unauthorize d address, the device will return the "command unauthorized" code ($69 $00) after it has received the header. since access rights vary throughout the configuration zone, the host may provide an authorized starting address, but a number of bytes n that caus es the device to reach unauthorized data. in this case, the device will transmit the authorized bytes, but unauthorized bytes will be replaced by the "fuse byte" (see below). at the end of this command the "command unauthorized" code ($69 $00) will be retu rned instead of $90 $00 to indicate that some of the bytes returned are not valid 10.8.3 read fuse byte fuse data is returned in the form of a single byte. bits 0 to 3 represent the fuse states; a value of ?0? indicates the fuse has been blown. bits 4 to 7 are no t used as security fuses and are reserved by atmel. table 10 -10. fuse byte definition f 7 f 6 f 5 f 4 f 3 f 2 f 1 f 0 resv resv resv resv sec per cma fab
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 52 10.8.4 system read command structure table 10 -11. system read command header data returned cla ins : command p1 p2 p3 data(1) ... data(n) ** $b6 p 7 --- p 0 p 7 --- p 0 n 7 --- n 0 d 7 --- ---d 0 ... d 7 --- ---d 0 10.8.5 read checksum the checksum consists of two bytes, and the read checksum command must be sent with parameter p3 = 2. table 10 -12. system read system read data returned cla ins : command p1 p2 p3 data(1) ... data(n) ** $b6 p 7 --- p 0 p 7 --- p 0 n 7 --- n 0 d 7 --- ---d 0 ... d 7 --- ---d 0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 53 10.9 verify crypto: $b8 10.9.1 functional figure 10 -6. verify crypto command functional description host device command key index 8 random bytes q1 q2 q3 q4 q5 q6 q7 q8 8 challenge bytes ch1 ch2 ch3 ch4 ch5 ch6 ch7 ch8 when the device receives the verify crypto command, it computes a challenge bas ed on the received random number, q, the internally stored associated cryptogram , c i, and secret seed , g i (or session encryption key , s i ). the device also increments the associated attempts counter. it then compares the computed challenge with the challeng e sent by the host. if the challenges match, the device computes and writes a new c i and s i . the device utilizes the success or failure information of the authentication process and updates the authentication attempts counter accordingly. key index: b0000 _00nn : secret seed g 0 -g 3 b0001_00nn : session encryption key s 0 -s 3 data : q : host random number, 8 bytes ch : host challenge, 8 bytes
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 54 table 10 -13. verify crypto verify crypto data sent cla ins : command p1 p2 p3 q1 q8 ch1 ch8 ** $b8 000e 00nn ** $10 d 7 --- ---d 0 d 63 --- ---d 56 d 7 --- ---d 0 d 63 --- ---d 56 the device increments the associated attempts counter each time prior to verifying the challenge, to prevent attacks. if the authentication succeeds, the device memorizes this success, clears the attempts counter a nd returns $90 $00. if the authentication fails, the device simply returns $69 $00. if the maximum number of trials has been exceeded, the device will return $69 $00 instead of the ins code, after receiving the header, to indicate the command is unauthoriz ed.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 55 10.10 verify password: $ba 10.10.1 functional figure 10 -7. verify password command functional description host device command password index pw1 3 password bytes pw2 pw3 read password indices: $ 10 to $17 for passwords 0, 1, 2 , and 7. write password indices: $00 to $07 for passwords 0, 1, 2 , and 7. secure code index: $07 (equivalent to write password 7). four password index bits "r" and "ppp" indicate the password to compare: r = 0: write passwor d, r = 1: read password, p 2 p 1 p 0 : pas sword set number table 10 -14. verify password command structure command structure data sent cla ins : command p1 p2 p3 pw1 pw2 pw3 ** $ba 000r 0p 2 p 1 p 0 ** $30 d 7 --- ---d 0 d 15 --- ---d 8 d 23 --- ---d 16 if the maximum number of trials has been exceeded, the device will return $69 $00 instead of the ins code, after receiving the header, to indicate the command is unauthorized. the device increments the associated attempts count before verifying the password, to prevent attacks. if the pa ssword is correct, the device memorizes this success, clears the attempts count and returns $90 $00. if the password is wrong, the device simply returns $69 $00 after incrementing the attempts count. the write 7 password is also known as the secure code a n d must be properly presented before access to the configuration zone is granted when personalizing the device.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 56 11. initialization example the first step in initializing cryptomemory is to determine what data is to be stored in the device and what the secur ity settings need to be to protect this data. once defined, determine the proper settings for cryptomemory registers and select values for passwords. to initialize the cryptomemory device, the following sequence is recommended to take place in a secure loc ation to protect sensitive data and passwords that may be loaded into the device. 11.1 write data to user zones in the default configuration from atmel, all user zones have free access rights. writing initial data into the user zones sho uld be done before setti ng security configurations. use the set user zone command and write user zone c ommand to write initial data into the user zones. the read user zone c ommand may be used to verify the data written. 11.2 unlock the configuration memory before any data can be writt en to the configuration zone, it must be unlocked by presenting the correct security code (write 7 password). use the verify password command with the proper secure code supplied by atmel to unlock the configuration zone. use the read config zone c ommand t o read back the security code at address $e9 for verification that the configuration zone has been unlocked. 11.3 write data to the configuration memory writing this data is accomplished by performing the write config zone command at the appropriate address loc ation. the read config zone command may be used to verify the data written. as soon as values are written to the registers, keys, and passwords, they become effective in determining the security of the user zones. 11.4 set security fuses once all data is writte n and verified into user zones and the configuration zone the security fuses should be set before the device is released from the secure location used for device initialization. there are three fuses, fab, cma , and per that must be set. these three fuses m ust be set in the order listed (fab, then cma, then per). the write fuse command is used to set each of the three fuses individually. the read fuse command may be used to check the status of all three fuses. once all fuses have been set the read fuse comma nd should return a value of zero for the second nibble of the fuse byte. the AT88SC0104CA is used for this example. a small pattern is written into the first two user zones. security for each of the se two user zones and the associated register values are s hown in the table below. simple values for passwords are used. table 11 -1. zone configuration example user zone data security requirements access register password/key register 0 zone 0 none $ff $ff 1 zone 1 read/write password (set 1) $7f $f9 2 zone 2 read/write a uthentication (set 2) $df $bf 3 zone 3 read/write password (set 1), read /write authentication (set 1 ) with encryption required $57 $b9
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 57 the following shows the tpdu commands sent to the cryptomemory device for the purpose of initializing the device. the flow is consistent with the steps described above; comments have been added as indicated with an asterisk (*). * atmel at88sc0104c a initialization example *write data to user zones *set user zone 0 00 b4 03 00 00 *write data = zone 0 data 00 b0 00 00 0b 5a 6f 6e 65 20 30 20 44 61 74 61 *set user zone 1 00 b4 03 01 00 *write data = zone 1 data 00 b0 00 00 0b 5a 6f 6e 65 20 31 20 44 61 74 61 *set user zone 2 b4 03 02 00 *write data = zone 2 data b0 00 00 0b 5a 6f 6e 65 20 32 20 44 61 74 61 *set user zone 3 b4 03 03 00 *write data = zone 3 data b0 00 00 0b 5a 6f 6e 65 20 33 20 44 61 74 61 *unlock configuration zone 00 ba 07 00 03 dd 42 97 *write codes in configuration zone *write card mfg code = p001 00 b4 00 0b 04 50 30 30 31 *write identification number = 00000000012345 00 b4 00 19 07 00 00 00 00 01 23 45 *write issuer code = station 035 00 b4 00 40 10 53 54 41 54 49 4f 4e 20 30 33 35 00 00 00 00 00 *write registers in configuration zone *write registers ar1/pr1 = 7f f9 00 b4 00 22 02 7f f9 df bf 57 b9 *write keys in configuration memory *write ci for set 2 = 22222222222222 b4 00 71 07 22 22 22 22 22 22 22 *write gc for set 2 = 5b4f9ae4b5098be7 b4 00 a0 08 5b 4f 9a e4 b5 09 8b e7 *write passwords in configuration memory *write passwords in configuration zone *write passwords, read 7 = 10 00 01, write 7 = 11 00 11 00 b4 00 b9 07 11 00 11 ff 10 00 01 *read entire configuration zone to verify 00 b6 00 00 f0
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 58 *device response: 3b b2 11 00 10 80 00 01 10 10 ff 50 30 30 31 ff 8c ad a8 10 0a ab ff ff fb 00 00 00 00 01 23 45 ff ff 7f f9 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 53 54 41 54 49 4f 4e 20 30 33 35 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 11 00 11 ff 10 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff *set security fuses *set fab fuse 00 b4 01 06 00 *set cma fuse 00 b4 01 04 00 *set per fuse 00 b4 01 00 00 *read fuse byte = x0 00 b6 01 00 01 *device response: 00 90 00
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 59 12. absolute maximum ratings * operating temperature .................... ? 40c to +85c storage temperature ................... ? 65c to + 150c voltage on any pin with respect to ground ............... ? 0.7 to v cc +0.7v maximum operating voltage ............................. 6.0v dc output current ......................................... 5.0ma * notice: stresses beyond those listed under ?absolute maximum ratings? may cause per manent damage to the device. this is a stress rating only and functional operation of the device at these or any other condition beyond those indicated in the operational sections of this specification is not implied. exposure to absolute maximum rating co nditions for extended periods of time may affect device reliability. 12.1 dc and ac characteristics table 12 -1. dc characteristics symbol parameter test condition min typ max units v cc supply voltage 2.7 3.6 v i cc supply current (v cc = 3.3 v) async read at 3.57mhz 5 ma i cc supply current (v cc = 3.3 v) async write at 3.57mhz 5 ma i cc supply current (v cc = 3.3 v) synch read at 1mhz 5 ma i cc supply current (v cc = 3.3 v) synch write at 1mhz 5 ma i sb standby current (v cc = 3.3 v) v in = v cc or gnd 100 a v il sda/ io input low voltage 0 v cc x 0.2 v v il clk input low voltage 0 v cc x 0.2 v v il rst input low voltag e 0 v cc x 0.2 v v ih (3) sda/io input high voltage v cc x 0.7 5.5 v v ih (3) scl/clk input high voltage v cc x 0.7 5.5 v v ih (3) rst input high volta ge v cc x 0.7 5.5 v i il sda/io input low current 0 < v il < v cc x 0.15 15 a i il scl/clk input low current 0 < v il < v cc x 0.15 15 a i il rst input low current 0 < v il < v cc x 0.15 50 a i ih sda/io input high current v cc x 0.7 < v ih < v cc 20 a i ih scl/clk input high current v cc x 0.7 < v ih < v cc 100 a i ih rst input high voltage v cc x 0.7 < v ih < v cc 150 a v oh sda/io output high voltage 20k ? external pull - up v cc x 0.7 v cc v v ol sda/io output low voltage i ol = 1ma 0 v cc x 0.15 v i o h sda/io output high current v oh 20 a i o l sda/io output high current v o l 10 a notes: 1. applicable over recommended operating voltage range from v cc = 2.7v to 3.6v 2. t ac = - 40c to +85c (unless otherwise noted) 3. to preven t latch up conditions from occurrin g during power up of the at88scxxxxca, v cc must be turned on before applying v ih . for powering dow n, v ih must be removed before turning v cc off
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 60 table 12 -2. ac characteristics symbol parameter min max units f clk async clock frequency 1 4 mhz f clk synch clock frequen cy 0 1 mhz clock duty cycle 40 60 % t r rise time - sda / i o, rst 1 s t f fall time - sda / i o, rst 1 s t r rise time ? scl/ clk 9% x period s t f fall time ? scl/ clk 9% x period s t aa clock low to data out valid 250 n s t hd.sta start hold time 200 ns t su.sta start set - up time 200 ns t hd.dat data in hold time 10 ns t su.dat data in set - up time 100 ns t su.sto stop set - up time 200 ns t dh data out hold time 20 ns t wr write cycle time 5 ms notes: 1. applicable over recommended operating range from v cc = 2.7v to 3.6v 2. t ac = - 40c to +85c, cl = 30pf (unless otherwise noted) 12.2 timing diagrams for synchronous communications figure 12 -1. bus timing scl: serial clock, sda: serial data i/o scl sd a in sd a out t f t high t lo w t lo w t r t aa t dh t b uf t su .s t o t su .d a t t hd .d a t t hd .s t a t su .s t a
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 61 figure 12 -2. write cycle timing scl: serial clock, sda: serial data i/o t wr (1) st op condition st ar t condition w ordn a ck 8th bit scl sd a note: the write c ycle time t wr is the time from a valid stop condition of a write sequence to the end of the internal clear/write cycle figure 12 -3. data validity sd a scl d at a s t able d at a change all o wed d at a s t able
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 62 figure 12 -4. start and stop definition sd a scl st ar t st op figure 12 -5. output acknowledge scl d a t a in d a t a out e g d e l w o n k c a t r a t s 9 8 1 13. por and tamper conditions the cryptomemory device family incorporates several tamper detection circuits to prohibit operation outside the limits of reliable circuit operation. 13.1 power on reset (por) delay anytime the device is reset either on initial power up or by a tamper detection circuit, there is a time dela y from when normal conditions are restored to when the device may be operated. during this reset sequence all security flags within the device a re reset to their initial values. . 13.2 tamper detection cryptomemory contains tamper detection sensors to detect ope ration outside of specified limits. these sensors monitor the internal supply voltage and clock frequency. an additional sensor detects high intensity light attacks. the die is disabled a nd will not function when tampering is detected.
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 63 14. ordering information atmel ordering code package voltage range t emperature range at88scxxxx c a-mj m2 ? j module - iso 2.7v ? 5.5v commercial (0c ? 70c) at88scxxxx c a-mp m2 ? p module - iso at88scxxxx c a-mj tg m2 ? j module - twi at88scxxxx c a-mp tg m2 ? p module ? twi at88scxxxxc a-pu 8p3 2.7v ? 5.5v green compliant (exceeds rohs) / industrial ( ? 40c ? 85c) at88scxxxxc a-sh 8s1 at88scxxxxca -th 8 x 2.7v ? 5.5v industrial ( ? 40c ? 85c) at88scxxxxca - y6h -t 8 ma2 at88scxxxx c a-wi 7 mil wafer note: ordering codes are valid for all devices covered by this datashee t. (see p.1 for a complete list ) package type (1) (2) description m2 ? j module : iso or twi m2 iso 7816 smart card module m2 ? p module : iso or twi m2 iso 7816 smart card module with atmel ? logo 8p3 8 - lead, 0.300? wide , plastic dual inline (pdip) 8s1 8 - lead, 0.150? wide , plastic gull wing small outline (jedec soic) 8 x 8 - lead, 4.4mm body, plastic thin shrink small outline (tssop) 8 ma 2 8 - lead, 2.0x3.0mm, 0.50mm pitch, ultra thin mini - map, dual no lead (dfn), (mlp 2x3) note: 1. formal drawings m ay be obta ined from an atmel sales office 2. both the j and p module packages a re used for either iso (t=0 / 2 - wire mode) or twi (2 - wire mode only)
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 64 appendix a. errata a.1 send checksum c ommand in twi m ode "when a write user zone command is sent in authentication mode or encryption m ode the data is saved in a buffer until a cryptographic checksum is received. the host must send the checksum it has computed immediately after the write user zone comman d. if the checksum is valid, cryptomemory writes the data; if the checksum is incorrect the data is discarded and the cryptographic engine is reset. if there is any activity on the twi bus between the write user zone c ommand and the s end checksum command the eeprom write may be aborted and the data in the user zone will be unchanged."
atmel AT88SC0104CA/0204ca/0404ca/0808ca [ datasheet ] 8664e ? crypto ? 12 /11 65 appendix b. revision history doc. rev. date comments 8664e 1 2 /2011 update template add ordering information 8664d 06/2011 table 8 -1 , atmel cryptomemory synchronous command set correct value in ?verify password, addr 1, from $0x to $1x 8664c 01/2010 convert to ms word 8664b 08/2009 update document 8664a 05/2009 initial document release
atmel corporation 2325 orchard parkway san jose, ca 95131 usa tel: (+1)(408) 441 - 0311 fax: (+1)(408) 487 - 2600 www.atmel.com atmel asia limited unit 01 - 5 & 16, 19f bea tower, millennium city 5 418 kwun tong road kwun tong, kowloon hong kong tel: (+852) 2245 - 6100 fax: (+852) 2722 - 1369 atmel munich gmbh business campus parkring 4 d - 85748 garching b. munich germany tel: (+49) 89 - 31970 - 0 fax: (+49) 89 - 3194621 atmel japan g.k. 16f shin - osaki k angyo building 1 - 6 - 4 osaki shinagawa - ku, tokyo 141 - 0032 japan tel: (+81)(3) 6417 - 0300 fax: (+81)(3) 6417 - 03 70 ? 2011 atmel corporation. all rights reserved. / rev.: 8664e ? crypto ? 12 /11 atmel ? , logo and combin ations thereof, and others are registered trademarks or trademarks of atmel corporation or its subsidiaries. other terms and product names may be trademarks of others. disclaimer: the information in this document is provided in connection with atmel produ cts. no license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of atmel products. except as set forth in the atmel terms and conditions of sales loc ated on the at mel website, atmel assumes no liability whatsoever and disclaims any express, implied or statutory warranty relating to its products including, but not limited to, the implied warranty of merchantability, fitness for a particular purpose , or non - infringeme nt. in no event shall atmel be liable for any direct, indirect, consequential, punitive, special or incidental damages (including, without limitation, damages for loss and profits, business interruption, or loss of information) arising out of the use or in ability to use this document, even if atmel has been advised of the possibility of such damages. atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make chang es to specifications and products descriptions at any time without notice. atmel does not make any commitment to update the information contained herein. unless specifically provided o therwise, atmel products are not suitable for, and shall not be used in, automotive applications. atmel products are not intended, authorized, or warranted for use as components in applications inte nded to support or sustain life.

▲Up To Search▲

Price & Availability of AT88SC0104CA

	To Download AT88SC0104CA Datasheet File
If you can't view the Datasheet, Please click here to try to view without PDF Reader .