at88sc018 ATMEL Corporation, at88sc018 Datasheet
at88sc018
Available stocks
Related parts for at88sc018
at88sc018 Summary of contents
Page 1
... Standard 8-lead SOIC Plastic Package, Green compliant (exceeds RoHS) • High Reliability ⎯ Endurance : 100,000 Cycles ⎯ Data Retention : 10 years ⎯ ESD Protection : 3,000 V min. HBM ® and CryptoMemory CryptoCompanion ™ Chip for CryptoMemory and CryptoRF AT88SC018 5277C–CryptoCompanion–9/09 ...
Page 2
... The CRF chip contains secrets that must be known or derived by a host system in order to establish a trusted link between the two and permit communications to happen. The AT88SC018 stores these secrets in an obscured way in nonvolatile memory and contains all the circuitry necessary to perform the authentication, password and encryption/decryption functions specified in the CRF datasheet ...
Page 3
... The capacitors should be manufactured using X5R or X7R dielectric material. These capacitors should be connected to the AT88SC018 using a total of no more than 1cm PC board traces. Atmel recommends the use of a ground plane and a trace length of less than 0 ...
Page 4
... The system board must include an external pull-up resistor. 1.4.1.4. Reset (RST) This active low input will reset all states within the AT88SC018 honored regardless of the state of PowerDown. 1.4.1.5. PowerDown(PDN) When held low, the part operates normally. When held high the part will go to sleep and ignore all transitions on SDA and SCL, power consumption will drop to less than 10 μ ...
Page 5
... N+1 If the upper 6 bits of the device address byte sent over the TWI match the upper 6 bits of the Dev field in the EEPROM, then the AT88SC018 may respond to this transmission, otherwise it will NACK this byte. Dev is set to a value of 0xC0 on shipment from Atmel. In general, the AT88SC018 will fail to ACK (NACK) the device address byte if bit 1 of the device address is 0 (command/data transfer) and the AT88SC018 is busy ...
Page 6
... To Slave Data If the command ordinal is legal, the AT88SC018 will ACK the command input and start processing. It takes a variable amount of time to process the command 20ms depending on the number of EEPROM pages to be written illegal command ordinal (≥0x15) is sent to the chip it will lock up for a “security delay”, then resume normal operation. ...
Page 7
... To Master Command output bytes can be repeatedly read from the AT88SC018 as they remain valid until a new command is sent to the AT88SC018. Until <size> bytes of the new command have been sent, DataAvailable will remain set and that number of bytes can be read from the SRAM output buffer, though the new input bytes will overwrite the old output bytes. Some commands do not have any data output, for instance ‘ ...
Page 8
... The table below describes the encoding of the least significant two bits of the Lock byte. On shipment from Atmel, Lock[1:0] will have a value of either 10 or 00, depending on the part number ordered. An AT88SC018 in either of these two states is considered ‘unlocked’ not possible to change from one of these unlocked states to the other. ...
Page 9
... ManufacturingID with a 16 byte secret provided to Atmel by the system manufacturer. The upper 6 bits of the Lock byte will contain a secret tag assigned by Atmel to differentiate between various secrets that may have been used to generate EncKey. This tag will be erased when the AT88SC018 is locked, leaving the Lock byte with the value 0xFF. 1.5.3. ManufacturingID (MfrID) These 15 bytes contain unique wafer manufacturing information ...
Page 10
... WriteMemory (WriteMemoryEncrypted). They should be initialized to a count of 0 before the AT88SC018 is locked, by writing the following values into all four of the 16 byte counter areas: “0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0x00 0x00 0x00 0x00 0xFF 0x00 0x00 0x00” ...
Page 11
... This location within the EEPROM is initialized during Atmel manufacturing with a 16 byte random number obtained from an external high quality hardware random number generator used internally within the AT88SC018. It may be read and/or written when the part is unlocked. Atmel does not recommend that it be written to a fixed value. ...
Page 12
... P14 Counter0 Counter1 Counter2 Counter3 SystemSecret CmcSecret RNGSeed FlashDigest CF1 CF2 CF3 CF9 CF10 CF11 PwrDelay spare spare Restricted Restricted Restricted Restricted Read Only Memory Read / Write Memory F10 F11 F12 F13 F14 F15 ...
Page 13
... TWI bus address, shipped as 0xC0. See CF0 – CF15 Random values for each AT88SC018. See Certain values within the AT88SC018 memory array MUST be properly programmed prior to locking of the memory. Failure to properly initialize these locations will result in unpredictable and/or unsecure operation of the part. Table 12. ...
Page 14
... After this write, the reset protection circuit goes idle until the next reset the time of reset or power-up the protection register already has a value of 0, then the AT88SC018 goes into a “Power Delay” state for the same amount of time during which it will neither accept nor acknowledge any command. At the end of the time interval, it will reset the register to a value of 1 and resume normal operation. A power-up or pin reset during the “ ...
Page 15
... An illegal command ordinal is sent to the AT88SC018. The first time one of these conditions is detected after a power cycle or reset event, the AT88SC018 will delay ~260ms. After each subsequent failure condition is detected, the AT88SC018 will delay for an interval twice the length of the previous delay. ...
Page 16
... CMC CRF Authentication The AT88SC018 supports the mutual authentication sequence of the CRF chip in a manner such that the shared secrets are not ever exposed on the AT88SC018 or CRF busses. This section describes that mutual authentication sequence consistent with the parameter names in the command descriptions, the AT88SC018 is referred to by its alternate name of CMC ...
Page 17
... System sends information to the AT88SC018 which would typically be based on the state of an external nonvolatile (e.g. FLASH) program store. If the input digest indicates a problem, the AT88SC018 will set up the status register to indicate a RstLocked error code but will accept no commands until the next reset or power cycle. This command can be run once only per reset ...
Page 18
... CRF chip to perform its authentication sequence. This step computes the values and S . These values are retained in volatile registers within the AT88SC018 (named C & S) for use during Auth_2 and Encrypt_1. See Section 2.2 Execution of this command automatically resets any previous state including C & S registers, and causes a reset of the crypto engine state ...
Page 19
... After execution of Auth_1, the next command must be Auth_2 not, the AT88SC018 locks up for some time. See Section 1.6.3. Table 21. Inputs Name Size Selector 1 Table 22. Outputs Name Size 3.5. Auth_2 Receives the output of the CRF authentication command and verifies that the CRF chip has knowledge of G. See Section 2 ...
Page 20
... Passes a variable number of bytes through the crypto engine on the AT88SC018 and sends the output of the crypto engine back to the system. This command is used to keep the AT88SC018 in sync with the crypto engine on the CRF chip, to decrypt encrypted data read from CRF, to encrypt data to be written to CRF and to generate or verify a checksum ...
Page 21
... CRF operations. When the AT88SC018 is unlocked, the random numbers generated will follow a predictable pattern based on the state of the RNGSeed EEPROM value and the number of power cycles since this seed has been written. This mechanism facilitates testing ...
Page 22
... Writes the contents of the specified address and those following the end of the read/write memory space. Prior to locking, any byte after the lock byte can be written with this command. After the AT88SC018 has been locked, only the read/write space can be written with this command. ...
Page 23
... Specifying an address of 0 requires that the verifier know the value of EncKey. Note: This command cannot be run after the AT88SC018 has been locked or if the unlocked state is Lock[1:0] == 00. When it can be run it can access all locations within the EEPROM. Table 45. ...
Page 24
... Passes a random number of 8 bytes through the crunch engine on the AT88SC018 and sends the output of the crunch engine back to the system. This command is used to ensure the AT88SC018 is talking with an actual CRF chip, which should respond with the same answer in the given timeframe. ...
Page 25
... Some of the commands take a variable amount of time based on the input parameters and/or the current state of the AT88SC018. In general, the table below shows the worst case operational flow, subject to the list of assumptions following the table. Actual execution time will vary from the nominal by ±25% due to variations of the internal oscillator. ...
Page 26
AC & DC Characteristics Table 52. DC Characteristics Applicable over recommended operating range from - (unless otherwise noted) AC Symbol Parameter V Supply Voltage CC I Supply Current CC I ...
Page 27
Table 53. AC Characteristics Applicable over recommended operating range from - 30pF (unless otherwise noted) AC Symbol f Clock Frequency CLK Clock Duty cycle t Rise Time - SDA, ...
Page 28
Transport Key Certain operational modes of CryptoCompanion chip require knowledge of a key for proper custom configuration. When applicable, Atmel shall program customer provided key values at the factory for production orders. For generic and sample orders, this key, ...
Page 29
... Ordering Codes Table 54. Ordering Codes Ordering Code AT88SC018-SU-CM AT88SC018-SU-CM-T AT88SC018-SU-CN AT88SC018-SU-CN-T Table 55. Package Type Package Type 8S1 5277C–CryptoCompanion–9/09 Memory Locking Voltage Package Range Section 1.5.1 for Lock Definitions) 8S1 2.7V – 3.6V 00 (Unlocked) 8S1 2.7V – 3.6V 00 (Unlocked) 8S1 2.7V – 3.6V 10 (Unlocked/Confidential) 8S1 2.7V – 3.6V 10 (Unlocked/Confidential) 8-lead, 0.150” ...
Page 30
Package Drawing Figure 4. 8S1 – JEDEC SOIC Top View e Side View Note: These drawings are for general information only. Refer to JEDEC Drawing MS-012, Variation AA for proper dimensions, tolerances, datums, etc. 1150 E. Cheyenne Mtn. Blvd. ...
Page 31
Command Flow Diagrams Figure 5. Command Input Host Device Device Address Command Number of bytes N Data N data … bytes Data Figure 6. Command Output Host Device Device Address Figure 7. Command Status Host Device Device Address 5277C–CryptoCompanion–9/09 ...
Page 32
... Appendix A. Revision History Doc. Rev. Date 5277C 9/2009 5277B 2/2009 5277A 2/2008 CryptoCompanion Chip 32 Comments Finalized AC & DC Characteristics. Updated Counter information. Document updated. Changed to AT88SC018 part number. Initial document release. 5277C–CryptoCompanion–9/09 ...
Page 33
... Atmel Corporation. All rights reserved. Atmel®, Atmel logo and combinations thereof, CryptoMemory®, CryptoRF®, and others are registered trademarks, CryptoCompanion™, and others are trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others. ...