at88sc016 ATMEL Corporation, at88sc016 Datasheet - Page 2

at88sc016

Manufacturer Part Number

at88sc016

Description

Cryptocompanion Chip At88sc016 Summary

Manufacturer

ATMEL Corporation

Datasheet

1.AT88SC016.pdf (8 pages)

Current page: 2 of 8
Download datasheet (356Kb)

1. Product Overview

1.1.

1.2.

The CryptoCompanion™ Chip is designed to complement Atmel’s CryptoRF® and CryptoMemory® chips, collectively

referred to in the remainder of this document as CRF.

CryptoCompanion

http://www.itl.nist.gov/fipspubs/fip180-1.htm and elsewhere. In this document, the nomenclature SHA-1(a, b, c) means

to concatenate a, b & c in that order and then pad them to a block size of 64 bytes before computing the digest.

CryptoCompanion generates SHA-1 digests of single round datasets at a time.

The CRF chip contains secrets that must be known or derived by an outside entity in order to establish a trusted link

between the two and permit communications to happen. CryptoCompanion stores these secrets in an obscured way in

nonvolatile memory and contains all the circuitry necessary to compute the authentication, password and

encryption/decryption actions specified in the CRF datasheet. In this manner, the secrets do not ever need to be

revealed.

The general cryptographic strategy is as follows:

The following is a partial list of the benefits of using this chip versus storing the algorithms and secrets in standard

FLASH system memory.

CryptoCompanion™ Chip

General Operation

CryptoCompanion Benefits

─ Each CRF chip has a serial or identification number (ID) and authentication secret Gi stored in EEPROM. ID

─ CryptoCompanion contains an EEPROM that holds a set of common secrets (Fn). CryptoCompanion

─ G is further diversified by the inclusion of a number (KID) generated by the system in a manner of its

─ CryptoCompanion includes a general purpose cryptographic quality random number generator which is

─ Keep confidential those core secrets that are used to authenticate with and communicate to/from CRF.

─ Flexible system implementation – multiple secrets and policies for different CRF locations within the system.

─ Hardware encryption engines, avoids algorithm disclosure from reverse-compilation of system operating

─ Full hardware security implementation makes it harder for an attacker (even with lab equipment) to get

─ Global secrets are protected using strong security, standard algorithm (SHA-1).

─ Robust random number generation avoids accidental replay for all cryptographic operations using the

─ Secure EEPROM storage for configuration information, etc. May permit reduction in the total BOM for the

─ Easy to use – little programming required, no knowledge of security algorithms or protocols, fast time to

is freely readable while Gi can never be read and is unique for all tags.

combines Fn with ID and KID to compute a value of G that is expected to match that in the CRF chip.

Specifically, G = SHA-1(Fn, ID, KID)

choosing. Typically, it will be the result of a cryptographic operation on the CRF ID value calculated using

other data, secrets and/or algorithms external to CryptoCompanion. This permits scenarios that offer varying

degrees of additional security.

used to seed a mutual authentication process between CryptoCompanion and CRF. If the CRF confirms the

CryptoCompanion challenge, and the CryptoCompanion confirms the CRF response, then the host system

proceeds with CRF operations. In this way the host system may use the CRF without knowing the CRF's

secrets directly.

(Store them in EEPROM, use them on-chip)

Multiple manufacturer setup options.

code.

secrets stored on CryptoCompanion.

system, not just with respect to CRF.

system.

market.

makes

extensive

use

the

SHA-1

hash

algorithm

5277AS− CryptoCompanion −02/08

specified

at88sc016 ATMEL Corporation, at88sc016 Datasheet - Page 2

at88sc016

Related parts for at88sc016