ATAES132-SH-EQ-T Atmel, ATAES132-SH-EQ-T Datasheet - Page 27

ATAES132-SH-EQ-T

Manufacturer Part Number

ATAES132-SH-EQ-T

Description

EEPROM AES 32Kbit EE SPI

Manufacturer

Atmel

Datasheet

1.ATAES132-SH-EQ.pdf (166 pages)

Specifications of ATAES132-SH-EQ-T

Rohs

yes

Maximum Clock Frequency

10 MHz

Operating Supply Voltage

6 V

Maximum Operating Temperature

- 40 C to + 85 C

Mounting Style

SMD/SMT

Package / Case

SOIC-8

Interface Type

SPI

Factory Pack Quantity

4000

Current page: 27 of 166
Download datasheet (2Mb)

7.1.

7.1.2.

7.1.3.

Command Definitions

The ATAES132 extended command definitions are described in this section. The commands are listed in alphabetical order

by command name. The standard Serial EEPROM read and write commands are in Section 5 which are not included in this

section. The cryptographic operations performed by the ATAES132 commands are described in Appendix I.

Auth Command

The Auth command performs a one-way or mutual authentication using AES-CCM. The Auth command options are shown in

Table 7-1. The nonce register value is used as the CCM nonce for all Auth command MAC calculations.

Table 7-17. Auth command options

If a MAC is required or will be generated by the Auth command, then a valid nonce is required. If the

KeyConfig[AKeyID].RandomNonce bit is 1b, then the nonce must be random.

The AuthCompute command can be used to generate the InMac required for inbound only authentication, or mutual

authentication (see Section 7.3). The AuthCheck command can be used to validate the OutMac (see Section 7.2).

In the I

specifications.

Authentication Status Register

The authentication status register contains the AKeyID, the AuthComplete status flag, and the usage bits. Prior to executing

the Auth command, the AuthComplete status flag is set to NoAuth. If the InMAC is successfully verified in the inbound only or

mutual authentication mode, then the AuthComplete status flag is set to YesAuth.

The ATAES132 authentication status register only stores the result of the most recent authentication attempt. If there is a

parsing or execution error then the prior authentication, status will be lost.

Authentication Usage

The usage field (Param2) controls which operations are permitted with a successful inbound only or mutual authentication (see

Table 7-2). If Param2 is 0x0000 the AuthComplete flag is set to NoAuth but the authentication outputs are generated. Param2

is ignored if the outbound only authentication is performed.

Mode bit 1

•

Mutual authentication

Outbound only authentication

Inbound only authentication

Authentication reset

The InMAC is verified, and upon success, an OutMAC is calculated and returned to the host. The AuthComplete

status flag is set to YesAuth if the InMAC is verified.

The OutMAC is calculated and output to the host. The AuthComplete status flag is set to NoAuth. The Outbound

only authentication is also known as challenge-response authentication.

The InMAC value is verified, and the success or failure is reported to the host. The AuthComplete status flag is set

to YesAuth if the InMAC is verified.

The AuthComplete status flag is set to NoAuth.

C interface mode, the Auth command can also used for Auth signaling. See Section J.5 for the Auth signaling

Mode bit 0

Description

Mutual authentication

Outbound only authentication

Inbound only authentication

Authentication reset

Atmel ATAES132 Preliminary Datasheet

InMAC

Required

Prohibited

Required

Prohibited

8760A−CRYPTO−5/11

OutMAC

Generated

ATAES132-SH-EQ-T Atmel, ATAES132-SH-EQ-T Datasheet - Page 27

ATAES132-SH-EQ-T

Specifications of ATAES132-SH-EQ-T

Related parts for ATAES132-SH-EQ-T