ATAES132-TH-EQ Atmel, ATAES132-TH-EQ Datasheet - Page 39

ATAES132-TH-EQ

Manufacturer Part Number

ATAES132-TH-EQ

Description

EEPROM AES 32Kbit EE SPI

Manufacturer

Atmel

Datasheet

1.ATAES132-SH-EQ.pdf (166 pages)

Specifications of ATAES132-TH-EQ

Rohs

yes

Maximum Clock Frequency

10 MHz

Operating Supply Voltage

6 V

Maximum Operating Temperature

- 40 C to + 85 C

Mounting Style

SMD/SMT

Package / Case

TSSOP-8

Interface Type

SPI

Factory Pack Quantity

2300

Current page: 39 of 166
Download datasheet (2Mb)

7.9.

7.9.1.

7.9.2.

EncRead Command

EncRead reads 1 to 32 bytes of encrypted data from user memory, along with an integrity MAC. The EncRead command only

performs encrypted reads; the BlockRead command is used for unencrypted reads (see Section 7.4).

The ZoneConfig[UZ].EncRead bit determines if a user zone can be accessed with the EncRead command. If the

ZoneConfig[UZ].EncRead bit is 1b, then the EncRead command can read the user zone if the access requirements have been

satisfied. A single EncRead command reads data from a single user zone – the requested data can not span multiple user

zones. A single EncRead command reads data from a single EEPROM page – the requested data can not cross page

boundaries (see Section B.2).

If ZoneConfig[UZ].Auth is 1b, then prior authentication is required with the following restrictions:

The DecRead command can be used to validate the OutMac and decrypt up to 16 bytes of data (see Section 7.7).

Configuration Memory Signature

The EncRead command cannot be used to read the configuration memory – the BlockRead command can be used to read the

configuration memory. Any attempt to read any address in the configuration memory with the EncRead command will activate

the configuration memory signature generation mode.

The configuration memory signature is an AES-CCM MAC generated over the entire configuration memory as described in

Section I.17. A valid nonce is required to run the EncRead command in configuration memory signature generation mode. If

KeyConfig[00].RandomNonce is 1b, then the nonce must be random. KeyID 00 is always used to generate the configuration

memory signature.

The configuration memory signature generation mode is intended to be used during secure personalization of the ATAES132.

The signature can be used to validate the contents of the configuration memory prior to programming secret data into other

portions of the EEPROM.

Key Memory Signature

The EncRead command cannot be used to read the key memory. The key memory can never be read. Any attempt to read

any address in the key memory with the EncRead command will activate the key memory signature generation mode;

however, this signature can only be generated once per unit.

The key memory signature is an AES-CCM MAC generated over all 16 key registers as described in Section I.18. A valid

nonce is required to run the EncRead command in key memory signature Generation mode. If KeyConfig[00].RandomNonce

is 1b, then the nonce must be random. KeyID 00 is always used to generate the key memory signature.

The key memory signature generation mode is intended to be used during secure personalization of the ATAES132. The

signature can be used to validate the contents of the key memory before locking the key memory.

•

The Auth command Usage.ReadOK bit must be 1b

The authentication key AKeyID must match ZoneConfig[UZ].AuthID

The Auth command must be run in Inbound Only Authentication or Mutual Authentication mode

A valid Nonce is required to run the EncRead command. If KeyConfig[KeyID].RandomNonce for the Read key is 1b,

then the Nonce must be random.

Atmel ATAES132 Preliminary Datasheet

8760A−CRYPTO−5/11

ATAES132-TH-EQ Atmel, ATAES132-TH-EQ Datasheet - Page 39

ATAES132-TH-EQ

Specifications of ATAES132-TH-EQ

Related parts for ATAES132-TH-EQ