SLE66CX182PEC [INFINEON]
Security & Chip Card ICs; 安全和芯片卡IC型号: | SLE66CX182PEC |
厂家: | Infineon |
描述: | Security & Chip Card ICs |
文件: | 总9页 (文件大小:71K) |
中文: | 中文翻译 | 下载: | 下载PDF数据表文档文件 |
Security & Chip Card ICs
SLE 66CX182PE
8/16-Bit Security Controller
with enhanced instruction set for large memories
in 0.22 µm CMOS Technology
136-Kbytes ROM, 5052 Bytes RAM, 18-Kbytes EEPROM
1100-Bit Advanced Crypto Engine
certified RSA 2048-bit library available
Dual Key Triple DES
Preliminary
Short Product Information 02.04
SLE 66CX182PE Short Product Information
Ref.: SPI_SLE 66CX182PE_0204
This document contains preliminary information on a new product under development.
Details are subject to change without notice.
Revision History: Current Version 02.04
Previous Releases:
Page
Important: Further information is confidential and on request. Please contact:
Infineon Technologies AG in Munich, Germany,
Security & Chip Card ICs,
Tel +49 - (0)89 234-80000
Fax +49 - (0)89 234-81000
E-Mail: security.chipcard.ics@infineon.com
Edition 2004
Published by Infineon Technologies AG, CC Applications Group
St.-Martin-Strasse 53, D-81541 München
© Infineon Technologies AG 2002
All Rights Reserved.
Attention please!
The information herein is given to describe certain components and shall not be considered as warranted
characteristics.
Terms of delivery and rights to technical change reserved.
We hereby disclaim any and all warranties, including but not limited to warranties of non-infringement, regarding
circuits, descriptions and charts stated herein.
Infineon Technologies is an approved CECC manufacturer.
Information
For further information on technology, delivery terms and conditions and prices please contact your nearest Infineon
Technologies Office in Germany or our Infineon Technologies Representatives world-wide (see address list).
Warnings
Due to technical requirements components may contain dangerous substances. For information on the types in
question please contact your nearest Infineon Technologies Office.
Infineon Technologies Components may only be used in life-support devices or systems with the express written
approval of Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure of
that life-support device or system, or to affect the safety or effectiveness of that device or system. Life support devices
or systems are intended to be implanted in the human body, or to support and/or maintain and sustain and/or protect
human life. If they fail, it is reasonable to assume that the health of the user or other persons may be endangered.
SLE 66CX182PE
16-Bit Security Controller with enhanced instruction set for large
memories in 0.22µm CMOS Technology
136-Kbyte ROM, 5052 Bytes RAM, 18-Kbyte EEPROM
1100-Bit ACE and Dual Key Triple DES Accelerator
Features
·
·
Internal Clock with up to 33 MHz:
Programmable internal frequency (PLL x1, x2, x3, x4
and free running mode(s)).
New
New
·
·
8/16-bit microcomputer in 0.22 µm CMOS technology
Instruction set opcode compatible with standard
SAB 8051 processor
Adjustable internal frequency according to
available power or required performance
·
Downward compatibility to existing SLE 66CxxxP
products for existing masks without using the
new features
·
·
Increased internal clock frequency for maximum
performance
Internal frequency ist automatically adjusted to
guarantee a given limited power consumption
·
·
Addressable memory up to 16 Mbyte
New
New
Additional enhanced instructions for direct
physical memory access of >64kByte
·
·
·
Two 16-bit Autoreload Timer
Power saving sleep mode
·
Typically saves up to 90 % code space and
increases execution speed up to 80 %
Ext. Clock freq. 1 up to 7.5 MHz for int. Clock up to
33 MHz
·
Dedicated, non-standard architecture with execution
time 6 times faster than standard SAB 8051
processor at same external clock. (Up to 18 times
faster using internal frequency PLL x 3 compared to
external clock).
·
UART for handling serial interface in accordance
with ISO/IEC 7816 part 3 supporting transmission
protocols T=1 and T=0
·
·
Supply voltage range:1.8 V, 3.0 V, 5.0 V
·
·
136 Kbytes User ROM for application programs
New
New
Support of current current consumption limits by GSM
/ UICC applications
< 10 mA @ 5.5 V
18 Kbytes MicroSlim-EEPROM for increased
memory requirements in mobile applications
<
<
6 mA @ 3.3 V
4 mA @ 1.98 V
·
·
4 Kbytes XRAM, 256 bytes internal RAM, 700 bytes
Crypto RAM.
New
·
·
·
Operating Temperature range: -25 to +85°C
Storing temperature range: –40° to +125°C
ESD protection larger than 6 kV (HBM)
Enhanced Memory Management and Protection
Unit (MMU) with application and user defined
segments
·
·
Dual Key Triple DES (DDES)
Advanced Crypto Engine:
MicroSlim-EEPROM
·
·
·
·
Typical Erase + Write time £ 2.9 ms
Enhanced ECC module controlled by OS
Reading and programming byte by byte
·
·
Up to 1100 bit RSA calculation in Hardware
Up to 2048 bit RSA calculation in software
New
New
New
with RSA 2048 crypto library
(CC EAL 5+
certified within SLE66CX322P, refer to product
brief)
Platform prepared for flash-like erasing of E²-segments
up to 2 kB
·
Supports Elliptic Curves over GF[p]
·
Flexible page mode for 1 to 64 bytes write/erase
operation
·
·
CC EAL5+ certification according to BSI-PP-0002
planned
·
·
·
32 bytes security area (OTP)
True Random Number Generator with Firmware test
function
Fast personalization mode £ 1.0 ms
Minimum of 500.000 write/erase cycles @ 25°C per
page. Maximum of 16.500.000 write/erase cycles per
sector
·
·
CRC Module 16-bit Interrupt Module
Code executions during E²-programming for faster
personalization
·
Typical data retention of 10 years @ 25°C
·
EEPROM programming voltage generated on chip
Preliminary - Short Product Information
3 / 9
02.04
SLE 66CX182PE
Memory Management and Protection Unit
New
·
·
Addressable memory of up to 16 Mbyte
Anti Snooping
Separates OS (system mode) and application (user
mode)
·
·
Automatic randomization smoothing of power profile
Effective HW-countermeasures against SEMA/DEMA,
SPA/DPA, DFA and Timing-Attacks
·
·
System routines called by interrupts
OS can restrict access to peripherals in application
mode
·
·
Non standard dedicated Smart Card CPU – Core
Active Shield with automatic and user controlled attack
detection
·
Variable application orientated segments defined
and controlled by OS
·
Hardware countermeasures controlled by True
Random Number Generator
·
·
Code execution from XRAM possible
New
Enhanced multi-application support by 16
descriptors for system application mode.
Targeted Certifications
·
·
·
CC EAL5+
VISA level 3
CAST
Security Features
·
Enhanced sensor concept:
·
·
·
·
·
·
Low and high voltage sensors
Frequency sensors and filters
Light Sensor
Support
·
·
HW-& SW-Tools (Emulator, ROM Monitor, Card
Emulator, Simulator, Softmasking)
Glitch Sensors
Application notes
Temperature Sensor
Supported Standards
Life Test Function for Sensors (UMSLC)
·
·
·
·
ISO/IEC 7816
·
·
·
Bus confusion
EMV 2000
Security reset detection
Current control oscillator
GSM 11.11, 11.12, 11.18
ETSI TS 102 221
Memory Security
Document References
·
·
Sparkling SFR encryption for DDES and ACE, CRC
module and RNG
New
·
·
·
Confidential Data Book SLE 66CxxxPE
Qualification report
32 bytes security PROM, hardware protected for
batch-, wafer-, die- individual security data. Unique
chip identification number for each chip
Chip delivery specification for wafer with chip-layout
(die size, orientation,...)
·
·
Additional memory for customer-defined security
FabKey on request
·
·
Module specification containing description of
package, etc.
MED – memory encryption/decryption device for
XRAM, ROM and EEPROM
Qualification report module
·
·
·
Security optimized layout and layout scrambling
Fast IRAM erase
Development Tools Overview
·
Short Product Information Software Development Kit
SDK CC
Enhanced Error correction unit (ECU)
·
·
·
Short Product Information Card Emulator CE66P
Short Product Information ROM Monitor RM66P
Testmode
·
Irreversible Lock - Out of test-mode
Short Product Information Emulator ET66P Hitex or
ET66P KSC
·
Short Product Information Smart Mask Package
Preliminary - Short Product Information
4 / 9
02.04
SLE 66CX182PE
Performance Advanced Crypto Engine (typical values, based on internal test results)
New
Calculation Time
Operation
Modulus
Exponent
5MHz
15 MHz
33 MHz*
Modular Exponentiation
RSA Encrypt / RSA Signature Verify 2048 bit
1024 bit
17 bit
17 bit
20 ms
630 ms
7 ms
210 ms
3 ms
96 ms
Modular Exponentiation
RSA Decrypt / RSA Signature
Generate
1024 bit
1024 bit
820 ms
273 ms
124 ms
Modular Exponentiation using CRT
RSA Decrypt / RSA Signature
Generate
eq.1024 bit eq.1024 bit 250 ms
eq.2048 bit eq.2048 bit 1840 ms 614 ms
83 ms
38 ms
279 ms
DSA Signature Generate
DSA Signature Verify
DSA Signature Generate
DSA Signature Verify
512 bit
512 bit
1024 bit
1024 bit
160 bit
160 bit
160 bit
160 bit
97ms
117 ms
438 ms
711 ms
32 ms
39 ms
15 ms
18 ms
146 ms
237 ms
66 ms
108 ms
* preliminary values
Performance DDES- Accelerator (typical values, based on internal test results)
Operation
Data Block Encryption Time for an
Length
8-Byte Block incl. Data
Transfer
New
5 MHz 15 MHz 33 MHz*
56-bit Single DES Encryption
112-bit Triple DES Encryption
64 bit
64 bit
23 µs
8 µs
3.5 µs
5.3 µs
35 µs 12 µs
* preliminary values
Preliminary - Short Product Information
5 / 9
02.04
SLE 66CX182PE
Ordering Information
Type
Package1
Voltage
Range
Temperature
Range
Frequency
Range
(int. clock
frequency
Frequency
Range
(ext. clock
frequency)
SLE 66CX182PE C
SLE 66CX182PE M5
Die (sawn,
unsawn)
1.8 V; 3.0 V; 5.0 V
or
– 25°C to + 70°C
or
Up to 33 MHz
1 MHz - 5 MHz
or
M5.1
3.0 V; 5.0 V
– 25°C to + 85°C
1 MHz - 7.5 MHz
For ordering information please refer to the databook and contact your sales representative.
Production sites for SLE 66CX182PE:
·
Dresden (Germany), UMC (Taiwan), Altis (France).
1 available as wire-bonded module (M5) for embedding in plastic cards or as die (C) for customer packaging
Preliminary - Short Product Information 6 / 9 02.04
SLE 66CX182PE
Pin Configuration
VCC GND
CLK
RST
I/O
SLE
66CX182PE
Figure 1: Pin Configuration
Pin Definitions and Functions
Symbol
VCC
RST
Function
Operating voltage
Reset input
CLK
Processor clock input
Ground
GND
I/O
Bi-directional data port
Preliminary - Short Product Information
7 / 9
02.04
SLE 66CX182PE
General Description
The SLE66CX182PE is a member of the improved 66PE-series of Infineon Technologies. This high performance security
crypto controller is manufactured in advanced 0.22 µm CMOS technology. It is downward compatible to existing 66P
controller derivatives. The well known ECO2000 8/16 bit CPU provides the high efficiency of the SAB 8051 instruction
set extended by additional powerful instructions together with enhanced performance, memory sizes and security
features compared to existing 66P derivatives.
Performance: The internal clock frequency can be adjusted to a level up to 33 MHz either as a multiple of 1,2,3,4 to the
external frequency or independent of the clock rate of the terminal with the help of the internal clock. It is adjustable
according to either available power requirements or required performance:
·
Increased internal clock frequency for maximum performance, e.g. for high performance with max. frequency in
payment applications or crypto operations.
·
Automatically adjusted frequency for a max. given power consumption, e.g. by GSM or UMTS requirements.
Memory: The SLE66CX182PE offers 136 Kbytes of User-ROM, 256 byte internal RAM, 4096 byte XRAM and 18 Kbytes
MicroSlim-EEPROM, to fulfill the requirements mainly for DDA payment and ID applications. The large ROM size allows
to place applications in the ROM-mask and to keep the E²PROM free for customer data. In addition it saves mask
development costs, as one mask may be used for different customer projects.
New
The enhanced Memory Management and Protection Unit allows a secure separation of the operating system and
different applications. It allows to separate the memories in application orientated segments, which can be controlled by
the OS. Furthermore, the MMU makes a secure downloading of applications possible even after personalization of a
card. These new features suit the requirements of the next generation of multi application operating systems.
ROM
136 Kbyte
Voltage
Clock
Reset
XRAM
4 Kbyte
EEPROM
18 Kbyte
DES
Accelerator
Advanced
Crypto Engine
16-Bit CPU with
MMU
&
Address-/Data Bus
Random
ECO 2000
Instruction Set
Sleep Mode Logic
Sensors/Filters
two
Clock
generated
Interrupt
16-bit
Timer
CRC
Number
Generator
UART
Voltage Regulator
Figure 2: Block Diagram SLE 66CX182PE
The new platform is designed to address up to 16Mbyte. However this feature is only available upon request and will
clearly require a change in the existing tool environment.
In addition, new instructions have been implemented in the design for an efficient direct access of physical memory
>64KByte up to 16 MByte.
Preliminary - Short Product Information
8 / 9
02.04
SLE 66CX182PE
Security features:
Since the very beginning, security is an integrated part of Infineons product development, as proved by various
certificates (ITSEC, CC, Proton, VISA, ZKA, Mondex). The so called “integral security concept” for the 66P series
ensures:
·
·
·
A secret storage of any confidential code, data and keys
Protection against side channel attacks such as: Simple Power Analysis (SPA) , Differential Power Analysis (DPA),
Protection against Differential Fault Analysis (DFA), Electromagnetic Emanation Attack (EMA) and other possible
HW or SW attacks
Peripherals: The CRC module allows the easy generation of checksums according to ISO/IEC 3309 (16-Bit-CRC). To
minimize the overall power consumption, the chip card controller IC offers a sleep mode. The UART supports the half-
duplex transmission protocols T=0 and T=1 according to ISO/IEC 7816-3. All relevant transmission parameters can be
adjusted by software, as e.g. the clock division factor, direct/inverse convention and the number of stop bits. Additionally,
the I/O port can be driven by communication routines realized in software.
The Advanced Crypto Engine (ACE) is equipped with its own RAM of 700 bytes and supports all of today known public-
key algorithms based on large integer modular arithmetic. It allows fast and efficient calculation either in HW or
supported by software of e.g. RSA operations and EC (Elliptic Curves) algorithms for key lengths up to 2048-bit.
For all of it’s crypto controller using the ACE, Infineon offers a tailor made RSA 2048-bit library. This library is a powerful
multifunctional crypto library for the SLE 66CXxxP family. It provides arithmetic functions for easy programming the
Advanced Crypto Engine (ACE). In addition it provides a full implementation of RSA Sign, Verify and Key generation
including powerful SPA/DPA and DFA counter measures. It supports RSA up to 2048 bit key length. These RSA
functionality has already been certified according to Common Criteria EAL5+ on an existing crypto controller, the
SLE66CX322P.
The HW-DES module supports symmetric crypto algorithms according to the Data Encryption Standard in the Electronic
Code Book Mode.
The random number generator (RNG) is able to supply the CPU with true random numbers on all conditions.
The advanced sensor concept includes various sensors for any kind of attack scenarios and even more important a “Life
Test ” for sensors.
As an important feature, the chip provides an on-chip security, which fulfills the strong security requirements of a
Common Criteria evaluation at an EAL5+ level.
In conclusion, the SLE 66CX182PE fulfills all the requirements of today's chip card applications, and is especially
designed for DDA payment and ID-applications incl. digital signatures.
The SLE66CX182PE integrates outstanding memory sizes, additional peripherals in combination with enhanced
performance and optimized power consumption on a minimized die size.
Preliminary - Short Product Information
9 / 9
02.04
相关型号:
©2020 ICPDF网 联系我们和版权申明