AT88SA10HS-TSU-T Atmel, AT88SA10HS-TSU-T Datasheet - Page 3

AT88SA10HS-TSU-T

Manufacturer Part Number

AT88SA10HS-TSU-T

Description

IC HOST AUTHENTICATION SOT23-3

Manufacturer

Atmel

Series

CryptoAuthentication™r

Type

Authentication Chipr

Datasheets

1.AT88SA102S-TSU-T.pdf (18 pages)

2.AT88SA10HS-TSU-T.pdf (23 pages)

3.AT88SA10HS-TSU-T.pdf (23 pages)

Specifications of AT88SA10HS-TSU-T

Applications

Networking & Communications

Mounting Type

Surface Mount

Package / Case

SOT-23-3

Operating Supply Voltage

2.5 V to 5.5 V

Maximum Operating Temperature

+ 85 C

Mounting Style

SMD/SMT

Interface Type

1 Wire

Minimum Operating Temperature

- 40 C

Number Of Timers

Program Memory Size

72 bit

Program Memory Type

ROM

Lead Free Status / RoHS Status

Lead free / RoHS Compliant

Current page: 3 of 23
Download datasheet (584Kb)

1.3.

1.4.

1.5.

8595B–SMEM–09/09

BurnSecure Enable

Secret Fuses

Status Fuses

Fuse Enable

Chip Identification

The chip includes a total of 72 bits of information that can be used to distinguish between individual chips in a reliable

manner. The information is distributed between the ROM and fuse blocks in the following manner.

Serial Number

Manufacturing ID This 24 bit value is composed of ROM MfrID (16 bits) and Fuse MfrID (8 bits). Typically this value

Key Values

The values stored in the AT88SA10HS internal key array are hardwired into the masking layers of the chip during wafer

manufacture. All chips have the same keys stored internally, though the value of a particular key cannot be determined

externally from the chip. For this reason, customers should ensure that they program a unique (and secret) number into

the 64 secret fuses and they should store the Atmel provided key values securely.

Individual key values are made available to qualified customers upon request to Atmel and are always transmitted in a

secure manner.

When the serial number is included in the MAC calculation, the response is considered to be diversified and the host

needs to know the base secret in order to be able to verify the authenticity of the client. A diversified response can also

be obtained by including the serial number in the computation of the value written to the secret fuses. The Atmel

AT88SA10HS provides a secure hardware mechanism to validate responses to determine if they are authentic.

SHA-256 Computation

The AT88SA10HS performs only one cryptographic calculation – a keyed digest of an input challenge. It optionally

includes various other information stored on the chip within the digested message.

The AT88SA10HS computes the SHA-256 digest based on the algorithm documented here:

http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

As a security measure, the 24 bit MfrID code (both ROM and Fuse bits) is automatically included in every message

digested by the AT88SA10HS. The secret fuses are conditionally appended, depending on the parameters to the

HOST command.

For complete sample calculations, refer to”AT88SA100S” and/or “AT88SA102S” Datasheets.

AT88SA10HS Host Authentication Chip [Preliminary]

This 48 bit value is composed of ROM SN (16 bits) and Fuse SN (32 bits). Together they form a

serial number that is guaranteed to be unique for all devices ever manufactured within the

CryptoAuthentication family. This value is optionally included in the MAC calculation.

is the same for all chips of a given type. It is always included in the cryptographic computations.

This fuse is used to prevent repetitive operation of the two personalization commands:

GenPersonalizationKey and BurnSecure. This fuse is always burned by the BurnSecure

command.

These 64 fuses are used to augment the mask programmed keys stored in the chip by

Atmel. Knowledge of both the mask keys and the values of the Secret Fuses is required to

calculate the response value expected by HOST2. The BurnSecure command can be used

to burn an arbitrary selection of these 64 bits.

These 23 fuses should be used to store information which is not secret, as their value can

always be determined using the Read command. Typical usage would be model or

configuration information. They cannot be automatically included in the messages to be

hashed by the HOST commands, but the system may read them and pass them back to

HOST1 in the input stream if desired.

This fuse is used to prevent access to fuses on chips in which a partial set of fuses has

been burned. This fuse must be burned using the BurnSecure command.

AT88SA10HS-TSU-T Atmel, AT88SA10HS-TSU-T Datasheet - Page 3

AT88SA10HS-TSU-T

Specifications of AT88SA10HS-TSU-T

Related parts for AT88SA10HS-TSU-T