ATSHA204 ATMEL [ATMEL Corporation], ATSHA204 Datasheet - Page 12
ATSHA204
Manufacturer Part Number
ATSHA204
Description
Atmel CryptoAuthentication
Manufacturer
ATMEL [ATMEL Corporation]
Datasheet
1.ATSHA204.pdf
(65 pages)
Available stocks
Company
Part Number
Manufacturer
Quantity
Price
Company:
Part Number:
ATSHA204-MAH-DA-T
Manufacturer:
NVIDIA
Quantity:
340
Part Number:
ATSHA204-SH-DA-B
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204-SH-DA-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Company:
Part Number:
ATSHA204-TSU-T
Manufacturer:
EPSON
Quantity:
418
Part Number:
ATSHA204-TSU-T
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A
Manufacturer:
ATMEL/爱特梅尔
Quantity:
20 000
Part Number:
ATSHA204A-MAHDA-T
Manufacturer:
AT
Quantity:
20 000
Company:
Part Number:
ATSHA204A-SSHDA-B
Manufacturer:
ATMEL
Quantity:
3 450
Company:
Part Number:
ATSHA204A-SSHDA-T
Manufacturer:
ATMEL
Quantity:
3 450
Company:
Part Number:
ATSHA204A-STUCZ-T
Manufacturer:
ATMEL
Quantity:
12 000
3.
3.1
3.2
3.3
Cryptographic Information
The ATSHA204 implements a challenge-response protocol using either SHA-256 or HMAC/SHA-256, details are below. The
response is always a 256-bit digest.
The Nonce command (see Section 8.9) accepts an input challenge from the system and optionally combines it with an
internally generated random number to generate a nonce (number used once) for the calculation. This seed is then combined
with a secret key as part of the authentication calculation for any of the crypto commands (MAC, HMAC, Read, Write, or
GenDig). For compatibility reasons, the input challenge may be passed directly to the MAC command; however, this operation
is deprecated.
The device can guarantee the uniqueness of the Nonce only if the device has included the output of its random number
generator in the calculation, because the system input may or may not be unique. Every random Nonce is guaranteed to be
unique when compared to all previous nonces, ensuring that each transaction is unique over all time.
SHA-256
The ATSHA204 MAC command calculates the digest of a secret key concatenated with the challenge or nonce. It optionally
includes various other pieces of information stored on the device within the digested message.
The ATSHA204 computes the SHA-256 digest based on the algorithm documented here:
http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
The complete SHA-256 message processed by the ATSHA204 is listed in Sections 8.5 and 8.9 for each of the particular
commands (GenDig and Nonce) that use the algorithm. Most standard software implementations of the algorithm
automatically add the appropriate number of pad and length bits to this message to match the operation the device performs
internally.
The SHA-256 algorithm is also used for encryption by taking the output digest of the hash algorithm and XORing it with the
plain text data to produce the ciphertext. Decryption is the reverse – the ciphertext is XORed with the digest, and the result is
the plain text.
HMAC/SHA-256
The response to the challenge can also be computed using the HMAC algorithm based on SHA-256 documented here:
http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf
Because of the increased computation complexity, the HMAC command is not as flexible as the MAC command and the
computation time for HMAC is extended. While the HMAC sequence is not necessary to ensure the security of the digest, it is
included for compatibility with various software packages.
Key Values
All keys within the CryptoAuthentication family are 256 bits long. The ATSHA204 uses these keys as part of the messages
hashed with the MAC, CheckMac, HMAC, and GenDig commands. Any slot in the data zone of the EEPROM can be used to
store a key, though the value will be secret only if the read and write permissions are properly set within SlotConfig (including
the IsSecret bit).
Except for the GenDig command, all but the least-significant four bits of the KeyID parameter are ignored in determining the
source of key data. Only the least-significant four bits are used to select one of the slots of the data zone. See Section 3.3.7,
below, for information on how GenDig uses other KeyID values.
In all cases for which a SHA-256 calculation is performed using Param2, the entire 16-bit KeyID as input is included in the
message.
Atmel ATSHA204 [DATASHEET]
8740D−CRYPTO−3/12
12
Related parts for ATSHA204
Image
Part Number
Description
Manufacturer
Datasheet
Request
R
Part Number:
Description:
Atmel CryptoMemory
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
Atmel CryptoMemory
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
Atmel CryptoMemory, 16Kbit
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
8-bit Atmel Microcontrollers
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
8-bit Atmel Microcontroller with 64K/128K/256K Bytes In-System Programmable Flash
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
8-bit Atmel Microcontroller with 16/32/64/128K Bytes In-System Programmable Flash
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
8-bit Atmel Microcontroller with 16/32/64K Bytes In-System Programmable Programmable
Manufacturer:
ATMEL [ATMEL Corporation]
Datasheet:
Part Number:
Description:
INTERVAL AND WIPE/WASH WIPER CONTROL IC WITH DELAY
Manufacturer:
ATMEL Corporation
Datasheet:
Part Number:
Description:
Low-Voltage Voice-Switched IC for Hands-Free Operation
Manufacturer:
ATMEL Corporation
Datasheet:
Part Number:
Description:
MONOLITHIC INTEGRATED FEATUREPHONE CIRCUIT
Manufacturer:
ATMEL Corporation
Datasheet:
Part Number:
Description:
AM-FM Receiver IC U4255BM-M
Manufacturer:
ATMEL Corporation
Datasheet:
Part Number:
Description:
Monolithic Integrated Feature Phone Circuit
Manufacturer:
ATMEL Corporation
Datasheet:
Part Number:
Description:
Multistandard Video-IF and Quasi Parallel Sound Processing
Manufacturer:
ATMEL Corporation
Datasheet: