ATSHA204 ATMEL [ATMEL Corporation], ATSHA204 Datasheet - Page 15

ATSHA204

Manufacturer Part Number

ATSHA204

Description

Atmel CryptoAuthentication

Manufacturer

ATMEL [ATMEL Corporation]

Datasheet

1.ATSHA204.pdf (65 pages)

Available stocks

Company

Part Number

Manufacturer

Quantity

Price

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

ATSHA204-MAH-DA-T

Manufacturer:

NVIDIA

Quantity:

340

Company:

Meier Automation Equipment Co., Limited

Part Number:

ATSHA204-SH-DA-B

Manufacturer:

ATMEL/爱特梅尔

Quantity:

20 000

Company:

Meier Automation Equipment Co., Limited

Part Number:

ATSHA204-SH-DA-T

Manufacturer:

ATMEL/爱特梅尔

Quantity:

20 000

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

ATSHA204-TSU-T

Manufacturer:

EPSON

Quantity:

418

Company:

Meier Automation Equipment Co., Limited

Part Number:

ATSHA204-TSU-T

Manufacturer:

ATMEL/爱特梅尔

Quantity:

20 000

Company:

Meier Automation Equipment Co., Limited

Part Number:

ATSHA204A

Manufacturer:

ATMEL/爱特梅尔

Quantity:

20 000

Company:

Meier Automation Equipment Co., Limited

Part Number:

ATSHA204A-MAHDA-T

Manufacturer:

Quantity:

20 000

Company:

H&T Electronics

Part Number:

ATSHA204A-MAHFD-T

Quantity:

14 270

Company:

H&T Electronics

Part Number:

ATSHA204A-MAHMF-S

Quantity:

2 973

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

ATSHA204A-SSHDA-B

Manufacturer:

ATMEL

Quantity:

3 450

Company:

BOSTOCK HK LIMITED

Part Number:

ATSHA204A-SSHDA-B

Manufacturer:

Quantity:

21 810

Company:

H&T Electronics

Part Number:

ATSHA204A-SSHDA-B

Quantity:

50 000

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

ATSHA204A-SSHDA-T

Manufacturer:

ATMEL

Quantity:

3 450

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

ATSHA204A-STUCZ-T

Manufacturer:

ATMEL

Quantity:

12 000

Company:

H&T Electronics

Part Number:

ATSHA204A-TSU-T

Quantity:

569

Company:

H&T Electronics

Part Number:

ATSHA204A-XHDA-T

Quantity:

3 360

Current page: 15 of 65
Download datasheet (2Mb)

3.3.6

3.3.7

Password Checking

Many applications require a user to enter a password to enable features, decrypt stored data, or some other purpose.

Typically, the expected password has to be stored somewhere in memory and is, therefore, subject to discovery. The

ATSHA204 can securely store the expected password and perform a number of useful operations on it. The password is never

passed in the clear to the device, nor can it be read from the device. It is hashed with a random number in the system software

before being passed to the device.

The copy capability of the CheckMac command enables the following types of password checking options:

Passwords should be stored in even-numbered slots. If the password is to be mapped to a secondary value (use #3 above),

then the target slot containing this value is located in the next higher slot number (the password slot number plus one).

Otherwise, the target slot is the same as the password slot.

ReadKey for the target slot must be set to zero to enable this capability. In order to prevent fraudulent or unintended usage of

this capability, do not set ReadKey for any slot to zero unless this CheckMac/copy capability is specifically required. In

particular, do not assume that other bits in the configuration word for a particular slot override the enablement of this capability

specified by ReadKey = 0.

This capability is enabled only if the mode parameter to CheckMac has a value of 0x01, indicating:

If the above conditions are met and the input response matches the internally generated digest, then the contents of the target

key are copied to TempKey. The other TempKey register bits are set as follows:

Transport Keys

The ATSHA204 device includes an internal hardware array of keys (transport keys) that are intended for secure

personalization prior to locking of the data section. The values of the hardware keys are kept secret, and are made available to

qualified customers upon request to Atmel. These keys can be used with the GenDig command only, and are indicated by a

KeyID value ≥ 0x8000.

This is the intended personalization command flow:

•

CheckMac does an internal comparison with the expected password and returns a Boolean to the system to indicate

If the device determines that the correct password has been entered, then the value of the password can optionally

If the device determines that the correct password has been entered, the device can use this fact to optionally

If the password has been lost, an entity with knowledge of a parent key value can optionally write a new password

The first 32 bytes of the SHA-256 message are stored in a data slot in the EEPROM (the password).

The second 32 bytes of the SHA-256 message must be a randomly generated nonce in the TempKey register.

SourceFlag is set to one (not random)

GenData is set to zero (not generate by the GenData command)

CheckFlag is set to zero (TempKey is not restricted to the CheckMac command)

Valid is set to one

Write intended values to the configuration zone, and then lock the configuration zone.

Write non-secret slots and OTP zone, data should be passed to the device in the clear.

Generate a random personalization key in any one of the secret slots with the following sequence:

whether the password was correctly entered or not.

be combined with a stored or ephemeral value to create a key that can be used by the system for data protection

purposes.

release a secondary, high entropy secret, which can be used for data protection without risk of any exhaustive

dictionary attack.

into the slot. Also optionally, the current value can be encrypted with a parent key and read from the device.

Nonce command to generate a random nonce in TempKey

Gendig specifying a transport key ≥ 0x8000

Gendig using the compliance (default) value stored in the slot to be used for personalization

Encrypted Write to that same slot (overwrites the compliance value)

Atmel ATSHA204 [DATASHEET]

8740D−CRYPTO−3/12

ATSHA204 ATMEL [ATMEL Corporation], ATSHA204 Datasheet - Page 15

ATSHA204

Available stocks

Related parts for ATSHA204