ATSHA204 ATMEL [ATMEL Corporation], ATSHA204 Datasheet - Page 55

no-image

ATSHA204

Manufacturer Part Number
ATSHA204
Description
Atmel CryptoAuthentication
Manufacturer
ATMEL [ATMEL Corporation]
Datasheet

Available stocks

Company
Part Number
Manufacturer
Quantity
Price
Part Number:
ATSHA204-MAH-DA-T
Manufacturer:
NVIDIA
Quantity:
340
Part Number:
ATSHA204-SH-DA-B
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204-SH-DA-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204-TSU-T
Manufacturer:
EPSON
Quantity:
418
Part Number:
ATSHA204-TSU-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A-MAHDA-T
Manufacturer:
AT
Quantity:
20 000
Company:
Part Number:
ATSHA204A-MAHFD-T
Quantity:
14 270
Company:
Part Number:
ATSHA204A-MAHMF-S
Quantity:
2 973
Part Number:
ATSHA204A-SSHDA-B
Manufacturer:
ATMEL
Quantity:
3 450
Part Number:
ATSHA204A-SSHDA-B
Manufacturer:
AT
Quantity:
21 810
Company:
Part Number:
ATSHA204A-SSHDA-B
Quantity:
50 000
Part Number:
ATSHA204A-SSHDA-T
Manufacturer:
ATMEL
Quantity:
3 450
Part Number:
ATSHA204A-STUCZ-T
Manufacturer:
ATMEL
Quantity:
12 000
Company:
Part Number:
ATSHA204A-TSU-T
Quantity:
569
Company:
Part Number:
ATSHA204A-XHDA-T
Quantity:
3 360
8.14
8.14.1 Input Data Encryption
Write Command
Writes either a one 4-byte word or an 8-word block of 32 bytes to one of the EEPROM zones on the device. Depending on the
value of the WriteConfig byte for this slot the data may be required to be encrypted by the system prior to being sent to the
device.
The following restrictions apply to writes within zones using this command:
Four byte writes are only permitted in the data and OTP zones if all four of the following conditions are met:
Four byte writes will return an error under all other circumstances.
The least significant three bits of Param2, Address[0:2], indicate the word within the block, or are ignored if an entire 32 byte
block is being written. Address[3:6] contains the slot number for writes to the data zone, or the block number for the Config
and OTP zones. Address values beyond the size of the specified zone result in the command returning an error.
Any attempt to write the OTP and/or data zones prior to the configuration section being locked results in the device returning
an error code.
The input data may be encrypted to prevent snooping on the bus during personalization or system operation. The system
should encrypt the data by XOR’ing the plain text with the current value in TempKey. Upon receipt the device will XOR the
input data with TempKey to restore the plain text prior to writing to the EEPROM.
Whenever the input data is encrypted an authorizing input MAC is always required when writing the data zone. This MAC is
computed as:
Prior to locking of the OTP/Data zones, Zone:6 is used to indicate to the device whether or not the input data is encrypted.
After locking of the OTP/Data zones, Zone:6 is ignored and only bit 14 of the slotConfig corresponding to the slot being written
is used to determine whether or not the input data is encrypted.
If data encryption is indicated, TempKey must be valid prior to this command being called, it must be the result of GenDig.
Specifically, this means that TempKey.Valid and TempKey.GenDig must both be set to one. Prior to data locking, any key can
be used to generate TempKey. After locking, the last slot used by GenDig for TempKey creation and stored in
TempKey.KeyID must match that in SlotConfig.WriteKey and the random number generator must have been used to originally
generate TempKey prior to GenDig.
Config
OTP
Data
SHA-256(TempKey, Opcode, Param1, Param2, SN[8], SN[0:1], <25 bytes of 0’s>, PlainTextData )
SlotConfig.IsSecret must be zero.
SlotConfig.WriteConfig must be “always.”
The input data must not encrypted.
The data/OTP zones must be locked.
If the Config zone is locked or Zone:6 is set, this command returns an error. Otherwise the bytes are written
as requested. Any attempt to write any byte for which Writes are permanently prohibited (per Section 2.1.1)
results in a command error with no modifications to the EEPROM.
If the OTP zone is unlocked, all bytes can be written with this command. If the OTP zone is locked and the
OTPmode byte is read-only or legacy, then this command returns an error. Otherwise, OTP mode should be
consumption and this command sets to zero those bits in the OTP zone that correspond to the zero bits in
the input parameter value. When the OTP zone is locked, encrypted writes to it are never permitted
regardless of OTPmode.
If the data zone is unlocked, all bytes in all zones can be written with either plain text or encrypted data.
After the data zone is locked, the values within the WriteConfig bytes control access to the data slots. If the
WriteConfig bits for this slot are set to “always”, the input data should be passed to the device in the clear. If
Bit:14 of SlotConfig is set to one, the input data should be encrypted and an input MAC calculated.
Atmel ATSHA204 [DATASHEET]
8740D−CRYPTO−3/12
55

Related parts for ATSHA204