ATAES132-SH-ER Atmel, ATAES132-SH-ER Datasheet - Page 48

ATAES132-SH-ER

Manufacturer Part Number

ATAES132-SH-ER

Description

EEPROM AES 32Kbit EE I2C

Manufacturer

Atmel

Datasheet

1.ATAES132-SH-EQ.pdf (166 pages)

Specifications of ATAES132-SH-ER

Rohs

yes

Maximum Clock Frequency

1 MHz

Operating Supply Voltage

6 V

Maximum Operating Temperature

- 40 C to + 85 C

Mounting Style

SMD/SMT

Package / Case

SOIC-8

Interface Type

I2C

Factory Pack Quantity

2300

Current page: 48 of 166
Download datasheet (2Mb)

7.14.

KeyExport Command

The KeyExport command is used to encrypt a key for export to a second ATAES132 device. The source of the key can be the

internal random number generator, the VolatileKey register, or external data. The resulting encrypted key is used as the input

to the KeyImport command or KeyLoad command. This command does not modify the stored keys.

If mode bits 2 and 3 are 00b, then a new key is generated for export:

If Mode bit 1 is 0b, then the EEPROM seed register will be updated prior to key generation.

If Mode bits 2 and 3 are 01b, then the key in the input packet will be exported:

If Mode bits 2 and 3 are 10b or 11b, then the VolatileKey will be exported:

If KeyConfig[EKeyID].AuthKey bit is 1b or KeyConfig[EKeyID].ExportAuth bit is 1b, then prior authentication is required using

the KeyID stored in KeyConfig[EKeyID].LinkPointer.

To use this command the nonce must be identical on both devices (see Section 7.21.1) and the MacCount must have the

same value. Both devices must also contain identical key values, but it is not necessary for the encrypt KeyID on the origin

device to match the decrypt KeyID on the destination device. In this section, the device which encrypts the key is referred to as

the origin device – the device receiving the key is referred to as the destination device.

If mode bit 0 is 1b and mode bit 5, 6, or 7 is 1b, then the associated usage counter, SerialNum register value, or the first four

bytes of the SmallZone register must be identical on both devices. If mode bit 0 is 0b and mode bit 5, 6, or 7 is 1b, then the

value of SecondBlock must match the associated values on the destination device – the value of mode bits 5, 6, and 7 of the

KeyExport command must also match the value in the FirstBlock field. The ManufacturingID register must be identical on both

devices, since it is always included in the MAC calculation.

A valid nonce is required to run the KeyExport command. If the KeyConfig[EKeyID].RandomNonce bit is 1b, then the nonce

must be random.

Warning:

•

The internal random number generator is used to generate the key

The KeyExport command InData field contains the key value

Mode bit 1 is ignored

There is one random number generator (RNG) seed register in the EEPROM memory which is used by the

KeyCompute, KeyExport, nonce, and random commands. The RNG seed register is subject to the same

write endurance limitations as the other bytes in the EEPROM (see Section 9.2 for the EEPROM

specifications) – the application developer must not exceed the write endurance limit.

Atmel ATAES132 Preliminary Datasheet

8760A−CRYPTO−5/11

ATAES132-SH-ER Atmel, ATAES132-SH-ER Datasheet - Page 48

ATAES132-SH-ER

Specifications of ATAES132-SH-ER

Related parts for ATAES132-SH-ER