AT88SC0204C-MC [ETC]
EEPROM ; EEPROM\n型号: | AT88SC0204C-MC |
厂家: | ETC |
描述: | EEPROM
|
文件: | 总13页 (文件大小:141K) |
中文: | 中文翻译 | 下载: | 下载PDF数据表文档文件 |
Features
• One of a Family of Devices with User Memories from 1 Kbit to 1 Mbit
• 2-Kbit EEPROM User Memory
– Four 64 x 8 (512-bit) Zones
– Self-timed Write Cycle (5 ms)
– Single Byte or 16-byte Page Write Mode
– Programmable Access Rights for Each Zone
• 2-Kbit Configuration Zone
– 37-byte OTP Area for User-defined Codes
– 160-byte Area for User-defined Keys and Passwords
• Low Voltage Operation: 2.7V to 5.5V
• Dual Protocol
– ISO 7816-3 Asynchronous T = 0 Protocol
– Synchronous Two-wire Protocol
• High Security Features
8 x 64 x 4
CryptoMemory®
– 64-bit Patented Dynamic Symetric Mutual Authentication Protocol (Under
Exclusive Patent License from ELVA)
– Encrypted Checksum
AT88SC0204C
Summary
– Stream Encryption
– Four Key Sets for Authentication and Encryption
– Eight Sets of Two 24-bit Passwords
– Anti-tearing Function
– Voltage and Frequency Monitor
• High Reliability
– Endurance: 100,000 Cycles
– Data Retention: 10 years
– ESD Protection: 4,000V min
• ISO-compliant Bond Pad Locations and Package Options
Table 1. Pin Configuration
Pad
Description
ISO Module Contact
Standard Package Pin
VCC
Supply Voltage
Ground
C1
C5
C3
C7
C2
8
4
GND
SCL/CLK
SDA/IO
RST
Serial Clock Input
Serial Data Input/Output
Reset Input
6
5
NC
Card Module Contact
8-lead SOIC, PDIP or LAP
VCC = C1
RST = C2
C5 = GND
C6 = NC
NC
NC
1
8
VCC
NC
2
7
NC
3
4
6
5
SCL
SDA
SCL/CLK = C3
NC = C4
C7 = SDA/IO
C8 = NC
GND
Rev. 2022CS–SMEM–11/02
Note: This is a summary document. A complete document is
available under NDA. For more information, please contact your
local Atmel sales office.
Description
The AT88SC0204C member of the CryptoMemory family is a high-performance secure
memory providing 2 Kbits of user memory with advanced security and cryptographic
features built in. The user memory is divided into 4 zones, each of which may be individ-
ually set with different security access rights or combined together to provide space for 1
to 4 data files. The AT88SC0204C provides high security, low cost and ease of imple-
mentation for smart card applications without the need for a microprocessor operating
system. The embedded cryptographic engine provides for a dynamic, symmetric-mutual
authentication between the device and host, as well as performing stream encryption for
all data and passwords exchanged between the device and host. Up to four unique key
sets may be used for these operations. The AT88SC0204C offers the ability to commu-
nicate with virtually any smart card reader using the asynchronous T = 0 protocol
defined in ISO 7816-3. For closed systems or applications using the device on a circuit
board, the AT88SC0204C will also communicate using a synchronous two-wire protocol
at clock speeds up to 1.5 MHz. In this communication mode, up to 15 devices may be
connected and individually addressed on the same serial data bus. The two-wire proto-
col may also be used for high-speed personalization of the device in card form.
Figure 1. Block Diagram
Authentication,
Encryption and
Certification Unit
VCC
GND
Random
Generator
Power
Management
Synchronous
Interface
Data Transfer
SCL/CLK
SDA/IO
Password
Verification
Asynchronous
ISO Interface
EEPROM
RST
Reset Block
Answer to Reset
Pin Descriptions
Supply Voltage (VCC
Clock (SCL/CLK)
)
The VCC input is a 2.7V to 5.5V positive voltage supplied by the host.
In the asynchronous T = 0 protocol, the SCL/CLK input is used to provide the device
with a carrier frequency f. The nominal length of one bit emitted on I/O is defined as an
“elementary time unit” (ETU) and is equal to 372/f.
When the synchronous protocol is used, the SCL/CLK input is used to positive edge
clock data into the device and negative edge clock data out of the device.
Serial Data (SDA/IO)
The SDA pin is bidirectional for serial data transfer. This pin is open-drain driven and
may be wired with any number of other open drain or open collector devices. An exter-
nal pull-up resistor should be connected between SDA and VCC. The value of this
resistor and the system capacitance loading the SDA bus will determine the rise time of
SDA. This rise time will determine the maximum frequency during read operations. Low
value pull-up resistors will allow higher frequency operations while drawing higher aver-
age power supply current.
Reset (RST)
2
The AT88SC0204C provides an ISO 7816-3 compliant asynchronous answer to reset
sequence. When the reset sequence is activated, the device will output the data pro-
AT88SC0204C
2022CS–SMEM–11/02
AT88SC0204C
grammed into the 64-bit answer-to-reset register. An internal pull-up on the RST input
pad allows the device to be used in synchronous mode without bonding RST. The
AT88SC0204C does not support the synchronous answer-to-reset sequence.
Device Architecture
User Zones
The EEPROM user memory is divided into 4 zones of 512 bits each. Multiple zones
allow for different types of data or files to be stored in different zones. Access to the user
zones is allowed only after security requirements have been met. These security
requirements are defined by the user during the personalization of the device in the con-
figuration zone. If the same security requirements are selected for multiple zones, then
these zones may effectively be accessed as one larger zone.
Table 2. User Zones
ZONE
$0
$1
$2
$3
$4
$5
$6
$7
$000
–
64 bytes
User 0
–
$038
$000
–
64 bytes
64 bytes
64 bytes
User 1
User 2
User 3
–
$038
$000
–
–
$038
$000
–
–
$038
Control Logic
Access to the user zones occurs only through the control logic built into the device. This
logic is configurable through access registers, key registers and keys programmed into
the configuration zone during device personalization. Also implemented in the control
logic is a cryptographic engine for performing the various higher-level security functions
of the device.
3
2022CS–SMEM–11/02
Configuration Zone
The configuration zone consists of 2048 bits of EEPROM memory used for storing pass-
words, keys and codes and defining security levels to be used for each user zone.
Access rights to the configuration zone are defined in the control logic and may not be
altered by the user.
Table 3. Configuration Zone
Component
Answer to Reset
Address
$00
Fab Code
Memory Test Zone
Card Manufacturers Code
Lot History Code
Device Configuration Register
Identification Number
Access Registers
$18
Password/Key Registers
Issuer Code
Authentication Attempts Counters
Cryptograms
$50
$B0
Session Encryption Keys
Secret Seeds
Password Attempts Counters
Write Passwords
Read Passwords
Reserved
Security Fuses
There are three fuses on the device that must be blown during the device personaliza-
tion process. Each fuse locks certain portions of the configuration zone as OTP
memory. Fuses are designed for the module manufacturer, card manufacturer and card
issuer and should be blown in sequence, although all programming of the device and
blowing of the fuses may be performed at one final step.
4
AT88SC0204C
2022CS–SMEM–11/02
AT88SC0204C
Protocol Selection
The AT88SC0204C is compatible with two different communication protocols: asynchro-
nous T = 0 as defined by ISO 7816-3 or synchronous two-wire protocol. The power-up
sequence determines which of the two protocols will be used.
Asynchronous
T = 0 Protocol
The power-up sequence complies with ISO 7816-3 for a cold reset.
•
•
•
•
VCC goes high; RST, I/O-SDA and CLK-SCL are low.
Set I/O-SDA in receive mode.
Provide a clock signal to CLK-SCL.
RST goes high after 400 clock cycles.
The device will respond with a 64-bit ATR code, including historical bytes to indicate the
memory density within the CryptoMemory family. Once the asynchronous mode has
been selected, it is not possible to switch to the synchronous mode without powering off
the device.
Figure 2. Asynchronous T = 0 Protocol
V
cc
ATR
I/O-SDA
RST
CLK-SCL
Synchronous
Two-wire Protocol
The synchronous mode is the default after powering up VCC due to the internal pull-up
on RST.
•
•
Power-up VCC, RST goes high also.
After stable VCC, CLK-SCL and I/O-SDA may be driven.
Figure 3. Synchronous Two-wire Protocol
V
cc
I/O-SDA
RST
1
2
3
4
CLK-SCL
Note:
Four clock pulses must be sent before the first command is issued.
5
2022CS–SMEM–11/02
Communication
Security Modes
Communications between the device and host operate in three basic modes. Standard
mode is the default mode for the device after power-up. Authentication mode is acti-
vated by a successful authentication sequence. Encryption mode is activated by a
successful encryption activation following a successful authentication.
Table 4. Communication Security Modes(1)
Mode
Configuration Data
User Data
Clear
Passwords
Clear
Data Integrity Check
MDC(1)
Standard
Authentication
Encryption
Clear
Clear
Clear
Clear
Encrypted
Encrypted
MAC(1)
Encrypted
MAC(1)
Note:
1. Configuration data include viewable areas of the Configuration Zone except the passwords:
MDC: Modification Detection Code.
MAC: Message Authentication Code.
Security Options
Anti-tearing
In the event of a power loss during a write cycle, the integrity of the device’s stored data
may be recovered. This function is optional: the host may choose to activate the anti-
tearing function, depending on application requirements. When anti-tearing is active,
write commands take longer to execute, since more write cycles are required to com-
plete them, and data are limited to eight bytes.
Data are written first to a buffer zone in EEPROM instead of the intended destination
address, but with the same access conditions. The data are then written in the required
location. If this second write cycle is interrupted due to a power loss, the device will
automatically recover the data from the system buffer zone at the next power-up.
In two-wire mode, the host is required to perform ACK polling for up to 20 ms after write
commands when anti-tearing is active. At power-up, the host is required to perform ACK
polling, in some cases for up to 10 ms, in the event that the device needs to carry out the
data recovery process.
Write Lock
If a user zone is configured in the write lock mode, the lowest address byte of an 8-byte
page constitutes a write access byte for the bytes of that page.
Example: The write lock byte at $080 controls the bytes from $080 to $087.
$080
$081
$082
$083
$084
$085
$086
$087
@
xxxx xxxx
locked
xxxx xxxx
locked
xxxx xxxx
locked
11011001
xxxx xxxx
xxxx xxxx
xxxx xxxx
xxxx xxxx
$80
The write lock byte may also be locked by writing its least significant (rightmost) bit to
“0”. Moreover, when write lock mode is activated, the write lock byte can only be pro-
grammed – that is, bits written to “0” cannot return to “1”.
In the write lock configuration, only one byte can be written at a time. Even if several
bytes are received, only the first byte will be taken into account by the device.
6
AT88SC0204C
2022CS–SMEM–11/02
AT88SC0204C
Password Verification
Authentication Protocol
Passwords may be used to protect read and/or write access of any user zone. When a
valid password is presented, it is memorized and active until power is turned off, unless
a new password is presented or RST becomes active. There are eight password sets
that may be used to protect any user zone. Only one password is active at a time, but
write passwords give read access also.
The access to a user zone may be protected by an authentication protocol. Any one of
four keys may be selected to use with a user zone.
The authentication success is memorized and active as long as the chip is powered,
unless a new authentication is initialized or RST becomes active. If the new authentica-
tion request is not validated, the card loses its previous authentication and it should be
presented again. Only the last request is memorized.
Note:
Password and authentication may be presented at any time and in any order. If the trials
limit has been reached (after four consecutive incorrect attempts), the password verifica-
tion or authentication process will not be taken into account.
Figure 4. Password and Authentication Operations
VERIFY RPW
DATA
Checksum (CS)
VERIFY CS
CS
VERIFY CS
Write DATA
Checksum
The AT88SC0204C implements a data validity check function in the form of a check-
sum, which may function in standard, authentication or encryption modes.
In the standard mode, the checksum is implemented as a Modification Detection Code
(MDC), in which the host may read an MDC from the device in order to verify that the
data sent was received correctly.
In the authentication and encryption modes, the checksum becomes more powerful
since it provides a bidirectional data integrity check and data origin authentication capa-
bility in the form of a Message Authentication Code (MAC). Only the host/device that
carried out a valid authentication is capable of computing a valid MAC. While operating
in the authentication or encryption modes, the use of a MAC is required. For an ingoing
command, if the device calculates a MAC different from the MAC transmitted by the
host, not only is the command abandoned but the mode is also reset. A new authentica-
tion and/or encryption activation will be required to reactivate the MAC.
7
2022CS–SMEM–11/02
Encryption
The data exchanged between the device and the host during read, write and verify
password commands may be encrypted to ensure data confidentiality.
The issuer may choose to require encryption for a user zone by settings made in the
configuration zone. Any one of four keys may be selected for use with a user zone. In
this case, activation of the encryption mode is required in order to read/write data in the
zone and only encrypted data will be transmitted. Even if not required, the host may
elect to activate encryption provided the proper keys are known.
Supervisor Mode
Modify Forbidden
Enabling this feature allows the holder of one specific password to gain full access to all
eight password sets, including the ability to change passwords.
No write access is allowed in a user zone protected with this feature at any time. The
user zone must be written during device personalization prior to blowing the security
fuses.
Program Only
For a user zone protected by this feature, data within the zone may be changed from a
“1” to a “0”, but never from a “0” to a “1”.
8
AT88SC0204C
2022CS–SMEM–11/02
AT88SC0204C
Packaging Information
Ordering Code: ME
Ordering Code: MC
Module Size: M2
Module Size: M4
Dimension*: 12.6 x 11.4 [mm]
Dimension*: 12.6 x 12.6 [mm]
Glob Top: Square - 9.0 x 9.0 [mm]
Thickness: 0.58 [mm]
Glob Top: Round - ∅ 8.0 [mm]
Thickness: 0.58 [mm]
Pitch: 14.25 mm
Pitch: 14.25 mm
Ordering Code: MD
Ordering Code: MN
Module Size: M4
Module Size: M2
Dimension*: 12.6 x 12.6 [mm]
Glob Top: Square - 9.0 x 9.0 [mm]
Thickness: 0.58 [mm]
Dimension*: 12.6 x 11.4 [mm]
Glob Top: Square - 8.8 x 8.8 [mm]
Thickness: 0.58 [mm]
Pitch: 14.25 mm
Pitch: 14.25 mm
Ordering Code: MP
Module Size: M2
Dimension*: 12.6 x 11.4 [mm]
Glob Top: Square - 8.8 x 8.8 [mm]
Thickness: 0.58 [mm]
Pitch: 14.25 mm
*Note: The module dimensions listed refer to the dimensions of the exposed metal contact area. The actual dimensions
of the module after excise or punching from the carrier tape are generally 0.4 mm greater in both directions
(i.e., a punched M2 module will yield 13.0 x 11.8 mm).
9
2022CS–SMEM–11/02
Ordering Code: SC
8-lead SOIC
1
3
2
H
N
Top View
e
B
A
D
COMMON DIMENSIONS
(Unit of Measure = mm)
Side View
MIN
–
MAX
1.75
0.51
0.25
5.00
4.00
NOM
NOTE
SYMBOL
A
B
C
D
E
e
–
A2
L
–
–
–
–
–
–
–
–
1.27 BSC
E
H
L
–
–
–
–
6.20
1.27
End View
Note:
These drawings are for general information only. Refer to JEDEC Drawing MS-012 for proper dimensions, tolerances, datums, etc.
10/10/01
TITLE
DRAWING NO.
REV.
2325 Orchard Parkway
San Jose, CA 95131
8S1, 8-lead (0.150" Wide Body), Plastic Gull Wing
8S1
A
Small Outline (JEDEC SOIC)
R
10
AT88SC0204C
2022CS–SMEM–11/02
AT88SC0204C
Ordering Code: PC
8-lead PDIP
E
1
E1
N
Top View
c
eA
End View
COMMON DIMENSIONS
(Unit of Measure = inches)
D
e
MIN
MAX
NOM
NOTE
SYMBOL
D1
A2 A
A
0.210
0.195
0.022
0.070
0.045
0.014
0.400
2
A2
b
0.115
0.014
0.045
0.030
0.008
0.355
0.005
0.300
0.240
0.130
0.018
0.060
0.039
0.010
0.365
5
6
6
b2
b3
c
D
3
3
4
3
b2
L
D1
E
b3
4 PLCS
0.310
0.250
0.325
0.280
b
E1
e
0.100 BSC
0.300 BSC
0.130
Side View
eA
L
4
2
0.115
0.150
Notes: 1. This drawing is for general information only; refer to JEDEC Drawing MS-001, Variation BA for additional information.
2. Dimensions A and L are measured with the package seated in JEDEC seating plane Gauge GS-3.
3. D, D1 and E1 dimensions do not include mold Flash or protrusions. Mold Flash or protrusions shall not exceed 0.010 inch.
4. E and eA measured with the leads constrained to be perpendicular to datum.
5. Pointed or rounded lead tips are preferred to ease insertion.
6. b2 and b3 maximum dimensions do not include Dambar protrusions. Dambar protrusions shall not exceed 0.010 (0.25 mm).
01/09/02
TITLE
DRAWING NO.
REV.
2325 Orchard Parkway
San Jose, CA 95131
8P3, 8-lead, 0.300" Wide Body, Plastic Dual
In-line Package (PDIP)
8P3
B
R
11
2022CS–SMEM–11/02
Ordering Code: CC
8-lead LAP
Marked Pin1 Indentifier
E
A
D
A1
Top View
Side View
Pin1 Corner
L1
0.10 mm
TYP
8
1
e
COMMON DIMENSIONS
(Unit of Measure = mm)
7
2
3
MIN
0.94
0.30
0.36
7.90
4.90
MAX
1.14
0.38
0.46
8.10
5.10
NOM
1.04
NOTE
SYMBOL
A
6
5
A1
b
0.34
b
0.41
1
4
D
8.00
E
5.00
e1
L
e
1.27 BSC
0.60 REF
.0.67
e1
L
Bottom View
0.62
0.92
0.72
1.02
1
1
L1
0.97
Note: 1. Metal Pad Dimensions.
11/13/01
DRAWING NO.
REV.
TITLE
2325 Orchard Parkway
San Jose, CA 95131
8CN1, 8-lead (8 x 5 x 1.04 mm Body), Lead Pitch 1.27 mm,
Leadless Array Package (LAP)
8CN1
A
R
12
AT88SC0204C
2022CS–SMEM–11/02
Atmel Headquarters
Atmel Operations
Corporate Headquarters
2325 Orchard Parkway
San Jose, CA 95131
TEL 1(408) 441-0311
FAX 1(408) 487-2600
Memory
RF/Automotive
Theresienstrasse 2
Postfach 3535
74025 Heilbronn, Germany
TEL (49) 71-31-67-0
FAX (49) 71-31-67-2340
2325 Orchard Parkway
San Jose, CA 95131
TEL 1(408) 441-0311
FAX 1(408) 436-4314
Europe
Microcontrollers
Atmel Sarl
2325 Orchard Parkway
San Jose, CA 95131
TEL 1(408) 441-0311
FAX 1(408) 436-4314
1150 East Cheyenne Mtn. Blvd.
Colorado Springs, CO 80906
TEL 1(719) 576-3300
Route des Arsenaux 41
Case Postale 80
CH-1705 Fribourg
Switzerland
FAX 1(719) 540-1759
Biometrics/Imaging/Hi-Rel MPU/
High Speed Converters/RF Datacom
Avenue de Rochepleine
TEL (41) 26-426-5555
FAX (41) 26-426-5500
La Chantrerie
BP 70602
44306 Nantes Cedex 3, France
TEL (33) 2-40-18-18-18
FAX (33) 2-40-18-19-60
Asia
Room 1219
Chinachem Golden Plaza
77 Mody Road Tsimhatsui
East Kowloon
BP 123
38521 Saint-Egreve Cedex, France
TEL (33) 4-76-58-30-00
FAX (33) 4-76-58-34-80
ASIC/ASSP/Smart Cards
Zone Industrielle
Hong Kong
TEL (852) 2721-9778
FAX (852) 2722-1369
13106 Rousset Cedex, France
TEL (33) 4-42-53-60-00
FAX (33) 4-42-53-60-01
Japan
1150 East Cheyenne Mtn. Blvd.
Colorado Springs, CO 80906
TEL 1(719) 576-3300
9F, Tonetsu Shinkawa Bldg.
1-24-8 Shinkawa
Chuo-ku, Tokyo 104-0033
Japan
FAX 1(719) 540-1759
TEL (81) 3-3523-3551
FAX (81) 3-3523-7581
Scottish Enterprise Technology Park
Maxwell Building
East Kilbride G75 0QR, Scotland
TEL (44) 1355-803-000
FAX (44) 1355-242-743
e-mail
literature@atmel.com
Web Site
http://www.atmel.com
© Atmel Corporation 2002.
Atmel Corporation makes no warranty for the use of its products, other than those expressly contained in the Company’s standard warranty
which is detailed in Atmel’s Terms and Conditions located on the Company’s web site. The Company assumes no responsibility for any errors
which may appear in this document, reserves the right to change devices or specifications detailed herein at any time without notice, and does
not make any commitment to update the information contained herein. No licenses to patents or other intellectual property of Atmel are granted
by the Company in connection with the sale of Atmel products, expressly or by implication. Atmel’s products are not authorized for use as critical
components in life support devices or systems.
ATMEL® and CryptoMemory® are registered trademarks of Atmel.
Other terms and product names may be the trademarks of others.
Printed on recycled paper.
2022CS–SMEM–11/02
相关型号:
©2020 ICPDF网 联系我们和版权申明