AT88SA102S_10 ATMEL [ATMEL Corporation], AT88SA102S_10 Datasheet - Page 4

AT88SA102S_10

Manufacturer Part Number

AT88SA102S_10

Description

Atmel CryptoAuthentication

Manufacturer

ATMEL [ATMEL Corporation]

Datasheet

1.AT88SA102S_10.pdf (24 pages)

Current page: 4 of 24
Download datasheet (263Kb)

1.4.

1.5.

1.6.

Fuse Disable

Chip Identification

The chip includes a total of 72-bits of information that can be used to distinguish between individual chips in a

reliable manner. The information is distributed between the ROM and fuse blocks in the following manner.

Serial Number

Manufacturing ID This 24-bit value is composed of ROM MfrID (16-bits) and Fuse MfrID (8-bits). Typically this

Key Values

The values stored in the Atmel AT88SA102S internal key array are hardwired into the masking layers of the chip

during wafer manufacture. All chips have the same keys stored internally, though the value of a particular key

cannot be determined externally from the chip. For this reason, customers should ensure that they program a

unique (and secret) number into the 64-secret fuses and they should store the Atmel provided key values

securely.

Individual key values are made available to qualified customers upon request to Atmel and are always transmitted

in a secure manner.

When the serial number is included in the MAC calculation then the response is considered to be diversified and

the host needs to know the base secret in order to be able to verify the authenticity of the client. A diversified

response can also be obtained by including the serial number in the computation of the value written to the secret

fuses. A CryptoAuthentication host chip provides a secure hardware mechanism to validate responses to

determine if they are authentic.

SHA-256 Computation

AT88SA102S performs only one cryptographic calculation – a keyed digest of an input challenge. It includes

optionally various other information stored on the chip within the digested message.

AT88SA102S computes the SHA-256 digest based on the algorithm documented here:

http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

Throughout this document, the complete message processed by the AT88SA102S chip is documented. According

to the above specification, this always includes a single bit of ‘1’ pad after the message, followed by a 64-bit value

representing the total number of bits being hashed (less pad and length). If the length is less than 447 (512-64-1),

then the necessary number of ‘0’ bits are included between the ‘1’ pad and ‘length’ to stretch the last message

block out to 512-bits.

When using standard libraries to calculate the SHA-256 digest, these pad and length bits should probably not be

passed to the library as most standard software implementations of the algorithm add them in automatically.

Atmel AT88SA102S

This fuse is used to disable/enable the ability of the MAC command to read the fuse values

until the BurnSecure command has completed properly. When it has a value of one

(unburned), the bit values in the message that would normally have been filled in with Fuse

values are all set to a one. When FuseDisable is burned, the MAC command fills in the

message with the requested fuse values. Additionally, this bit, when burned, disables the

BurnSecure command to prevent modification of the secret fuses and BurnFuse enable bit in

the end customer application.

This 48-bit value is composed of ROM SN (16-bits) and Fuse SN (32-bits). Together they

form a serial number that is guaranteed to be unique for all devices ever manufactured within

the Atmel

calculation.

value is the same for all chips of a given type. It is always included in the cryptographic

computations.

CryptoAuthentication family. This value is optionally included in the MAC

8584F–SMEM–8/10

AT88SA102S_10 ATMEL [ATMEL Corporation], AT88SA102S_10 Datasheet - Page 4

AT88SA102S_10

Related parts for AT88SA102S_10