ATSHA204 ATMEL [ATMEL Corporation], ATSHA204 Datasheet - Page 14

no-image

ATSHA204

Manufacturer Part Number
ATSHA204
Description
Atmel CryptoAuthentication
Manufacturer
ATMEL [ATMEL Corporation]
Datasheet

Available stocks

Company
Part Number
Manufacturer
Quantity
Price
Part Number:
ATSHA204-MAH-DA-T
Manufacturer:
NVIDIA
Quantity:
340
Part Number:
ATSHA204-SH-DA-B
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204-SH-DA-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204-TSU-T
Manufacturer:
EPSON
Quantity:
418
Part Number:
ATSHA204-TSU-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A-MAHDA-T
Manufacturer:
AT
Quantity:
20 000
Company:
Part Number:
ATSHA204A-MAHFD-T
Quantity:
14 270
Company:
Part Number:
ATSHA204A-MAHMF-S
Quantity:
2 973
Part Number:
ATSHA204A-SSHDA-B
Manufacturer:
ATMEL
Quantity:
3 450
Part Number:
ATSHA204A-SSHDA-B
Manufacturer:
AT
Quantity:
21 810
Company:
Part Number:
ATSHA204A-SSHDA-B
Quantity:
50 000
Part Number:
ATSHA204A-SSHDA-T
Manufacturer:
ATMEL
Quantity:
3 450
Part Number:
ATSHA204A-STUCZ-T
Manufacturer:
ATMEL
Quantity:
12 000
Company:
Part Number:
ATSHA204A-TSU-T
Quantity:
569
Company:
Part Number:
ATSHA204A-XHDA-T
Quantity:
3 360
3.3.5
In practice, this procedure permits SingleUse keys to be used eight times between “refreshes” using the DeriveKey command.
If power is lost during the execution of any command referencing a key that has this feature enabled, one of the use bits in
UseFlag may still be cleared even though the command did not complete. For this reason, Atmel recommends that the key be
used a single time only, with the other bits providing a safety margin for errors.
Under normal circumstances, all eight UseFlag bytes should be initialized to 0xFF. If it is the intention to permit fewer than
eight uses of a particular key, these bytes should be initialized to 0x7F (seven uses), 0x3F (six uses), 0x1F (five uses), 0x0F
(four uses), 0x07 (three uses), 0x03 (two uses), or 0x01 (one use). Initialization to any other value besides these values or
0xFF is prohibited.
The Read, Write, and DeriveKey commands operate slightly differently:
Limited-use Key
If Slot[15].SingleUse is set, usage of key number 15 is limited through a different mechanism than the single-use limitation
described above, which applies only to slots 0-7.
Prior to any use of key 15 by a cryptographic command, the following takes place:
There is no reset mechanism for this limitation – after 128 uses (or the number of one bits set in LastKeyUse on
personalization), key 15 is permanently disabled. This capability is not susceptible to power interruptions – even if the power is
interrupted during execution of the command, only a single bit in LastKeyUse will be unknown; all other bits in LastKeyUse will
be unchanged and the key will remain unchanged.
If fewer than 128 uses are desired for key 15, then some of the bytes within this array should not be initialized to 0xFF. As with
UseFlag, the only legal values for bytes within this field (besides 0xFF) are 0x7F, 0x3F, 0x1F, 0x0F, 0x07, 0x03, 0x01, or
0x00. The total number of bits set to one indicates the number of uses. One example of how to set 16 uses is as follows: 0xFF,
0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00.
The SingleUse bit is ignored by the Read and Write commands, and lastKeyUse does not change as a result of their
execution. The SingleUse bit is ignored by the copy function of the CheckMac command. The SingleUse bit is honored for the
parent key in the DeriveKey command, but is ignored for the target key.
Read and Write
DeriveKey
If all bytes in LastKeyUse are 0x00, return error.
Starting at bit seven of the first byte of LastKeyUse (byte 68 in config zone), clear to zero the first bit that is currently
These commands ignore the state of the SingleUse bit and the UseFlag byte does not change as a result of their
execution. SingleUse slots in which the UseFlag is exhausted (value of 0x00) can still be read or written (subject to
the appropriate SlotConfig limitations) although the value in the slot cannot ever be used as a key for cryptographic
commands.
never succeed because the prior GenDig command will have returned an error due to the usage limitation. A similar
situation occurs with reads and ReadKey. Slots used as keys should never have IsSecret set to zero or WriteConfig
set to Always.
If the parent key is used for either authentication or as the source, then if SingleUse (for the parent) is set and
UseFlag (also for the parent) is 0x00, the DeriveKey command returns an error. The SingleUse and UseFlag bits are
ignored for the target key. When successfully executed, DeriveKey always resets the UseFlag to 0xFF for the target
key – this is the only mechanism to reset the UseFlag bits.
Use of the DeriveKey command is optional – it is legal to be run only if WriteConfig: 13 is set for this slot. In some
situations, it may be advantageous to simply have a key that can be used eight times, in which case the other crypto
commands will clear the bits in UseFlag one at a time until all are cleared, and at which time the key is disabled.
a zero. If byte 68 is 0x00, check bit seven of byte 69, and so on up through byte 83. Only a single bit is cleared each
time prior to using key 15.
If SlotConfig.WriteKey for slot X points back to X, but UseFlag[X] is exhausted, encrypted writes to the slot will
Atmel ATSHA204 [DATASHEET]
8740D−CRYPTO−3/12
14

Related parts for ATSHA204