ATSHA204-RBH-T Ver la hoja de datos (PDF) - Atmel Corporation
Número de pieza
componentes Descripción
Fabricante
ATSHA204-RBH-T Datasheet PDF : 81 Pages
| |||
1. Introduction
The following sections introduce the features and functions of the Atmel® ATSHA204 authentication device.
1.1 Applications
The ATSHA204 is a member of the Atmel CryptoAuthentication™ family of high-security hardware authentication
devices. It has a flexible command set that allows use for many applications, including the following:
Anti-counterfeiting
Validate that a removable, replaceable, or consumable Client is authentic. Example Clients could be printer ink
tanks, electronic daughter cards, or other spare parts. It can also be used to validate a software/firmware module
or memory storage element.
Protection for Firmware or Media
Validate code stored in flash memory at boot to prevent unauthorized modifications (also known as secure boot),
encrypt downloaded media files, and uniquely encrypt code images to be usable on a single system only.
Session Key Exchange
Securely and easily exchange stream encryption keys for use by an encryption/decryption engine in the system
microprocessor to manage such things as a confidential communications channel or an encrypted download.
Secure Data Storage
Store secret keys for use by crypto accelerators in standard microprocessors. It can also be used to store small
quantities of data necessary for configuration, calibration, ePurse value, consumption data, or other secrets.
Programmable protection up through encrypted/authenticated reads and writes.
User Password Checking
Validate user entered passwords without letting the expected value become known, map simple passwords to
complex ones, and securely exchange password values with remote system.
1.2 Device Features
The ATSHA204 device includes an Electrically Erasable Programmable Read-Only Memory (EEPROM) array that can
be used for storage of keys, miscellaneous read/write, read-only or secret data, consumption logging, and security
configuration. Access to the various sections of memory can be restricted in a variety of ways and the configuration then
locked to prevent changes. See Section 2.1, “EEPROM Organization” for more details.
The ATSHA204 features a wide array of defensive mechanisms specifically designed to prevent physical attacks on the
device itself or logical attacks on the data transmitted between the device and the system see Section 3., “Security
Features” for more details. Hardware restrictions on the ways in which keys are used or generated provide further
defense against certain styles of attack.
Access to the device is through a standard I2C interface at speeds up to 1Mb/s. see Section 6., “I2C Interface” for more
details. It is compatible with the I2C interface specifications. The device also supports a Single-Wire Interface that can
reduce the number of GPIOs required on the system processor and/or reduce the number of pins on connectors. See
Section 5., “Single-Wire Interface” for more details.
Using the Single-Wire Interface, multiple ATSHA204 devices can share the same bus, which saves processor GPIO
usage in systems with multiple Clients such as different color ink tanks or multiple spare parts. See Section 5.4, “Sharing
the Interface” and Section 8.6.13, “Pause Command” for more details on the way in which this is implemented.
Each ATSHA204 ships with a guaranteed unique 9-byte (72-bit) serial number. Using the cryptographic protocols
supported by the device, a Host system or remote server can prove that the serial number is both authentic and is not a
copy. Serial numbers are often stored in a standard Serial EEPROM, but these can be easily copied, and there is no way
for the Host to know if the serial number is authentic or a clone. The entire serial number must be utilized to guarantee
uniqueness.
The ATSHA204 can generate high-quality random numbers and employ them for any purpose, including as part of the
crypto protocols of this device. Because each 32-byte (256-bit) random number is not dependent on passed numbers
generated on this or any other device, their inclusion in the protocol calculation ensures that replay attacks
6
ATSHA204 [DATASHEET]
Atmel-8740H-CryptoAuth-ATSHA204-Datasheet_072014
Share Link: 