AT88SC12816C-SU-T [MICROCHIP]
Memory Circuit, 128KX1, CMOS, PDSO8, 0.150 INCH, GREEN, PLASTIC, SOIC-8;型号: | AT88SC12816C-SU-T |
厂家: | MICROCHIP |
描述: | Memory Circuit, 128KX1, CMOS, PDSO8, 0.150 INCH, GREEN, PLASTIC, SOIC-8 ATM 异步传输模式 光电二极管 内存集成电路 |
文件: | 总79页 (文件大小:1832K) |
中文: | 中文翻译 | 下载: | 下载PDF数据表文档文件 |
AT88SC0104C, AT88SC0204C, AT88SC0404C,
AT88SC0808C, AT88SC1616C, AT88SC3216C,
AT88SC6416C, AT88SC12816C, AT88SC25616C
Atmel CryptoMemory Full Specification
DATASHEET
Features
A Family of Nine Devices with User Memories from 1-Kbit to 256-Kbit
EEPROM User Memory
4, 8, or 16 Zones
Self-timed Write Cycles
Single-byte or Multiple-byte Page Write Modes
Programmable Access Rights for Each Zone
2-Kbit Configuration Memory
37-byte OTP Area for User-Defined Codes
160-byte Area for User-Defined Keys and Passwords
High Security Features
64-bit Mutual Authentication Protocol (Under License of ELVA)
Encrypted Checksum
Stream Encryption
Four Key Sets for Authentication and Encryption
Eight Sets of Two 24-bit Passwords
Anti-tearing Function
Voltage and Frequency Monitor
Embedded Application Features
Low Voltage Operation: 2.7V to 5.5V
Secure Nonvolatile Storage for Sensitive System or User Information
2-Wire Serial Interface
1MHz Compatibility for Fast Operation
Standard 8-lead Plastic Packages
Same Pinout as 2-Wire Serial EEPROMs
Smart Card Features
ISO 7816 Class A (5V) or Class B (3V) Operation
Synchronous 2-Wire Serial Interface for Faster Device Initialization*
ISO 7816-3 Asynchronous T = 0 Protocol (Gemplus® Patent)*
Multiple Zones, Key Sets, and Passwords for Multi-application Use
Programmable 8-byte Answer-To-Reset (ATR) Register
ISO 7816-2 Compliant Modules
High Reliability
Endurance: 100,000 Cycles
Data Retention: 10 Years
ESD Protection: 4,000V
* Note: Modules available with either 2-wire or T = 0 modes.
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table of Contents
1. Pin Configuration and Package Information.................................................... 5
1.1 Pin Configuration ................................................................................................ 5
1.2 Package Information........................................................................................... 5
2. Description....................................................................................................... 5
2.1 Embedded Applications ...................................................................................... 5
2.2 Smart Card Applications ..................................................................................... 6
2.3 Scope and Purpose of This Document ............................................................... 6
3. Pin Description ................................................................................................ 7
3.1 Supply Voltage (VCC) .......................................................................................... 7
3.2 Clock (SCL/CLK)................................................................................................. 7
3.3 Serial Data (SDA/IO)........................................................................................... 7
3.4 Reset (RST)........................................................................................................ 7
4. Detailed Description ........................................................................................ 8
4.1 User Memory ...................................................................................................... 8
4.2 Control Logic..................................................................................................... 13
4.3 Configuration Memory....................................................................................... 13
5. Communication Security Modes.................................................................... 17
5.1 Security Operations .......................................................................................... 17
5.1.1 Password Verification............................................................................. 17
5.1.2 Mutual Authentication............................................................................. 18
5.1.3 Data Encryption...................................................................................... 19
5.1.4 Encrypted Checksum............................................................................. 19
5.2 Data Protection Features.................................................................................. 20
5.2.1 Modify Forbidden ................................................................................... 20
5.2.2 Program Only......................................................................................... 20
5.2.3 Write Lock .............................................................................................. 20
5.2.4 Anti-tearing (Power Loss Protection)...................................................... 20
5.3 Configuration Memory Values........................................................................... 21
5.3.1 Default Values........................................................................................ 21
5.3.2 Answer To Reset (ATR) ......................................................................... 21
5.3.3 Fab Code ............................................................................................... 21
5.3.4 Memory Test Zone (MTZ) ...................................................................... 21
5.3.5 Card Manufacturer Code........................................................................ 21
5.3.6 Lot History Code .................................................................................... 21
5.3.7 Issuer Code............................................................................................ 21
5.3.8 Device Configuration Register (DCR) .................................................... 22
5.3.9 Access Registers ................................................................................... 22
5.3.10 Password/Key Registers........................................................................ 24
5.3.11 Identification Number ............................................................................. 24
5.3.12 Cryptograms (C0 – C3) ........................................................................... 24
5.3.13 Session Keys (S0 – S3)........................................................................... 24
5.3.14 Secret Seeds (G0-G3)............................................................................. 25
5.3.15 Password Sets ....................................................................................... 25
5.3.16 Secure Code .......................................................................................... 25
5.3.17 Password Attempts Counters (PAC)...................................................... 25
5.3.18 Authentication Attempts Counters (AAC)............................................... 25
5.4 Security Fuses.................................................................................................. 25
6. Protocol Selection.......................................................................................... 27
6.1 Synchronous Mode for Embedded Applications ............................................... 27
6.2 Asynchronous Mode for Smart Card Applications ............................................ 27
ꢀ
2
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7. Synchronous Protocol ................................................................................... 29
7.1 Start-up Sequence............................................................................................ 29
7.2 Command Set................................................................................................... 30
7.3 Command Format............................................................................................. 31
7.4 Acknowledge Polling......................................................................................... 32
7.5 Device Addressing............................................................................................ 33
7.6 Command Descriptions..................................................................................... 33
7.6.1 Write User Zone: $B0............................................................................. 33
7.6.2 Read User Zone: $B2 ............................................................................ 34
7.6.3 System WRITE: $B4 .............................................................................. 35
7.6.4 System Read: $B6 ................................................................................. 37
7.6.5 Verify Crypto: $B8.................................................................................. 39
Verify Password: $BA ....................................................................................... 41
8. Initialization Example..................................................................................... 42
8.1 Write Data to User Zones ................................................................................. 42
8.2 Unlock the Configuration Memory..................................................................... 42
8.3 Write Data to the Configuration Memory........................................................... 42
8.4 Set Security Fuses............................................................................................ 42
9. Asynchronous T=0 Protocol .......................................................................... 45
9.1 Character Format.............................................................................................. 45
9.2 Command format .............................................................................................. 45
9.3 PPS Support..................................................................................................... 46
9.4 Command Set................................................................................................... 48
9.4.1 Status Words.......................................................................................... 49
9.4.2 Example: Write EEPROM Command..................................................... 50
9.4.3 Write User Zone: $B0............................................................................. 51
9.4.4 Read User Zone: $B2 ............................................................................ 52
9.4.5 System Write: $B4 ................................................................................. 53
9.4.6 Send Checksum..................................................................................... 54
9.4.7 System READ: $B6................................................................................ 55
9.4.8 Verify Crypto: $B8.................................................................................. 57
9.4.9 Verify Password: $BA ............................................................................ 59
10. Initialization Example..................................................................................... 60
10.1 Write Data to User Zones ................................................................................. 60
10.2 Unlock the Configuration Memory..................................................................... 60
10.3 Write Data to the Configuration Memory........................................................... 60
10.4 Set Security Fuses............................................................................................ 60
11. Absolute Maximum Ratings* ......................................................................... 63
11.1 DC and AC Characteristics............................................................................... 63
11.2 Timing Diagrams for Synchronous Communications ........................................ 65
12. DC Tamper Detection Limits ......................................................................... 67
12.1 High Voltage and Low Voltage Limit ................................................................. 67
12.2 Minimum Clock Pulse ....................................................................................... 67
12.3 Maximum Clock Frequency .............................................................................. 67
12.4 Power On Reset (POR) Delay .......................................................................... 67
12.5 Noise Suppression............................................................................................ 67
13. Ordering Information...................................................................................... 68
3
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14. Package Marking Information........................................................................ 69
14.1 AT88SC0104C.................................................................................................. 69
14.2 AT88SC0204C.................................................................................................. 70
14.3 AT88SC0404C.................................................................................................. 71
14.4 AT88SC0808C.................................................................................................. 72
14.5 AT88SC1616C.................................................................................................. 73
14.6 AT88SC3216C.................................................................................................. 74
14.7 AT88SC6416C.................................................................................................. 75
14.8 AT88SC12816C................................................................................................ 76
14.9 AT88SC25616C................................................................................................ 77
15. Revision History............................................................................................. 78
ꢀ
4
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
1.
Pin Configuration and Package Information
1.1
Pin Configuration
Table 1-1. Package Pin Assignments
Pad
Description
ISO Module
TWI Module
SOIC, PDIP
VCC
Supply Voltage
Ground
C1
C5
C3
C7
C2
C1
C5
C3
C7
NC
8
4
GND
SCL/CLK
SDA/IO
RST
Serial Clock Input
Serial Data Input/Output
Reset Input
6
5
NC
1.2
Package Information
Figure 1-1. Package Configuration
ISO Smart Card Module
8-lead SOIC, PDIP
r
TWI Smart Card Module
VCC=C1
C5=GND
C6=NC
VCC=C1
NC=C2
C5=GND
C6=NC
NC
VCC
NC
1
2
3
4
8
7
6
5
RST=C2
SCL/CLK=C3
NC=C4
NC
NC
C7=SDA/IO
C8=NC
SCL/CLK=C3
NC=C4
C7=SDA/IO
C8=NC
SCL
SDA
GND
2.
Description
Atmel® AT88SCxxxxC is a family of nine high-performance secure memory devices providing 1-Kbit to 256-Kbit of user
memory with advanced built-in security and cryptographic features. The memory is divided into 4, 8, or 16 user zones each of
which may be individually set with different security access rights or used together to effectively provide space for one or
multiple data files. Atmel CryptoMemory® has a configuration memory which contains registers to define the security rights for
each user zone and space for passwords and secret keys used by the security logic of CryptoMemory.
Through dynamic, symmetric mutual authentication, data encryption, and the use of encrypted checksums, CryptoMemory
provides a secure place for storage of sensitive information within a system. With its tamper protection circuits, this information
remains safe even under attack.
CryptoMemory also provides high security, low cost, and ease of implementation of host-client type systems without the need
for a microprocessor operating system. The embedded cryptographic engine provides for a dynamic, symmetric mutual
authentication between the device and host, as well as, performs stream encryption for all data and passwords exchanged
between the device and host. Up to four unique key sets are available for these operations.
2.1
Embedded Applications
A 2-Wire serial interface running at 1MHz is used for fast and efficient communications with up to 15 devices which can be
individually addressed. CryptoMemory is available in industry standard 8-lead packages with the same familiar pinout as
2-Wire Serial EEPROMs supporting only the synchronous communications protocol.
5
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
2.2
2.3
Smart Card Applications
CryptoMemory offers the ability to communicate with virtually any smart card reader using the asynchronous T=0 protocol
defined in ISO 7816-3. For devices with 32-Kbit of user memory and larger, communication speeds up to 153,600baud are
supported by utilizing ISO 7816-3 protocol and parameter selection. All CryptoMemory devices in smart card module form will
also communicate using a synchronous 2-Wire serial interface.
Scope and Purpose of This Document
This document covers all three major operational modes of CryptoMemory
Standard Mode
Authentication Mode
Encryption Mode
This document provides all information necessary to take full advantage of the security capabilities of CryptoMemory. It is
designed for use in conjunction with functional cryptographic libraries or companion hardware from Atmel; therefore, requires
cryptographic library and or companion hardware documentation to complement its use. Contact your regional Atmel sales
office for information on the most current version of functional libraries and/or available cryptographic companion hardware.
Figure 2-1. Block Diagram
Authentication,
Encryption and
Certification Unit
VCC
GND
Power
Management
Synchronous
Interface
Data Transfer
EEPROM
SCL/CLK
SDA/IO
Password
Verification
Asynchronous
ISO Interface
Reset Block
RST
Answer to Reset
ꢀ
6
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
3.
Pin Description
3.1
Supply Voltage (VCC)
The VCC input is a 2.7V to 5.5V positive voltage supplied by the host.
3.2
3.3
Clock (SCL/CLK)
In the asynchronous T=0 protocol, the SCL/CLK input is used to provide the device with a carrier frequency f. The nominal
length of one bit emitted on I/O is defined as an “elementary time unit” (etu) and is equal to 372/f. When the synchronous
protocol is used, the SCL/CLK input is used to clock data in on the positive clock edge and clock data out on the negative
clock edge.
Serial Data (SDA/IO)
The SDA pin is bi-directional for serial data transfer. This pin is open-drain driven and may be wired with any number of other
open drain or open collector devices. An external pull-up resistor should be connected between SDA and VCC, a nominal value
of 4.7KΩ may be used. The value of this resistor and the system capacitance loading the SDA bus will determine the rise time
of SDA. This rise time will determine the maximum frequency during read operations. Low value pull-up resistors will allow
higher frequency operations while drawing higher average power supply current.
3.4
Reset (RST)
CryptoMemory provides an ISO 7816-3 compliant asynchronous Answer-To-Reset (ATR) sequence. When the reset
sequence is activated, the device will output the data programmed into the 64-bit ATR register. When RST is low, all internal
logic, access-rights, and write cycles are in reset except the asynchronous mode activation flag. A weak internal pull-up on the
RST input pad allows the device to be used in synchronous mode without bonding RST. For synchronous only smart card
applications, an external pull-up on RST is recommended to ensure synchronous operation under any system timings or
conditions. CryptoMemory does not support a synchronous answer to reset sequence. The RST input is not available in the
plastic package options for CryptoMemory.
7
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
4.
Detailed Description
To enable the security features of CryptoMemory, personalize the device by setting up registers and loading appropriate
passwords and keys. Do these by programming the configuration memory using simple write and read commands. Gain
access to the configuration memory by successfully presenting the secure code (Write 7 Password). After writing and verifying
data in the configuration memory, blow the security fuses to lock this information in the device. For additional information on
personalizing CryptoMemory, please see the examples in the protocol sections of this specification, Section 10, Initialization
Example.
4.1
User Memory
The EEPROM user memory is divided into 4, 8, or 16 user zones. Multiple zones allow for the storage of different data types
or files in different zones. Access to user zones is possible only after meeting security requirements. The customer defines
these security requirements in the configuration memory during device personalization. When the same security requirements
define access to multiple zones, the zones effectively serve as one large storage area albeit with the requirement to select
each zone prior to access. The below nine tables present the memory map of the user zones for the different device densities.
Table 4-1. AT88SC0104C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
32 bytes
32 bytes
32 bytes
32 bytes
User 0
─
$18
$00
─
User 1
User 2
User 3
─
$00
─
─
$18
$00
─
─
$18
Note:
Page size = 16-bytes
ꢀ
8
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-2. AT88SC0204C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
64 bytes
64 bytes
64 bytes
64 bytes
User 0
─
$38
$00
─
User 1
User 2
User 3
─
$38
$00
─
─
$38
$00
─
─
$38
Note:
Page size = 16-bytes
Table 4-3. AT88SC0404C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
128 bytes
128 bytes
128 bytes
128 bytes
User 0
─
$78
$00
─
User 1
User 2
User 3
─
$78
$00
─
─
$78
$00
─
─
$78
Note:
Page size = 16-bytes
9
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-4. AT88SC0808C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
128 bytes
User 0
─
$78
$00
─
User 1
─
─
─
─
$78
$00
─
User 6
128 bytes
User 7
─
$78
Note:
Page size = 16-bytes
Table 4-5. AT88SC1616C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
128 bytes
User 0
─
$78
$00
─
User 1
─
─
─
─
$78
$00
─
User 14
128 bytes
User 15
─
$78
Note:
Page size = 16-bytes
ꢀ
10
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-6. AT88SC3216C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$00
─
256 bytes
User 0
─
$F8
$00
─
User 1
─
─
─
─
$F8
$00
─
User 14
256 bytes
User 15
─
$F8
Note:
Page size = 64-bytes
Table 4-7. AT88SC6416C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$000
─
512 bytes
User 0
─
$1F8
$000
─
User 1
─
─
─
─
$1F8
$000
─
User 14
512 bytes
User 15
─
$1F8
Note:
Page size = 64-bytes
11
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-8. AT88SC12816C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$000
─
1024 bytes
User 0
─
$3F8
$000
─
User 1
─
─
─
─
$3F8
$000
─
User 14
1024 bytes
User 15
─
$3F8
Note:
Page size = 128-bytes
Table 4-9. AT88SC25616C User Memory
Zone
$0
$1
$2
$3
$4
$5
$6
$7
$000
─
2048 bytes
User 0
─
$7F8
$000
─
User 1
─
─
─
─
$7F8
$000
─
User 14
2048 bytes
User 15
─
$7F8
Note:
Page size = 128-bytes
ꢀ
12
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
4.2
4.3
Control Logic
Access to the user zones occurs only through the device’s control logic. This logic is configurable through proper programming
of access, passwords and keys registers of the configuration memory during device personalization. This logic also
implements the cryptographic engine for performing the various higher-level security functions of the device.
Configuration Memory
The configuration memory consists of 2048-bits of EEPROM memory used for storing passwords, keys, codes, and defining
security levels to be used for each user zone. The control logic defines access rights to the configuration memory as well as to
the user zones and the user may not alter these rights. The access rights include the ability to program certain portions of the
configuration memory and then lock the data written through the use of security fuses. The configuration memory for each
CryptoMemory device is identical with the exception of the number of access registers and password/key registers available.
Devices with four user zones have four sets of registers, those with eight user zones, eight sets of registers, and those with
16 user zones, 16 sets of registers. Unused memory space in the register region becomes reserved to ensure other
components of the configuration memory remain at the same address location regardless of the number of user zones in a
device.
13
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-10. AT88SC0104C/0204C/0404C Configuration Memory
$0
$1
$2
$3
$4
$5
$6
$7
$00
$08
$10
$18
$20
$28
$30
$38
$40
$48
$50
$58
$60
$68
$70
$78
$80
$88
$90
$98
$A0
$A8
$B0
$B8
$C0
$C8
$D0
$D8
$E0
$E8
$F0
$F8
Answer to Reset
Identification
Read Only
Fab Code
MTZ
Card Manufacturer Code
Lot History Code
DCR
AR0
Identification Number Nc
PR1 AR2 PR2
PR0
AR1
AR3
PR3
Reserved
Access Control
Issuer Code
Cryptogram C0
AAC0
AAC1
AAC2
AAC3
Session Encryption Key S0
Cryptogram C1
Session Encryption Key S1
Cryptogram C2
Session Encryption Key S2
Cryptogram C3
Session Encryption Key S3
Secret Seed G0
Secret Seed G1
Secret Seed G2
Secret Seed G3
PAC
Cryptography
Secret
PAC
PAC
PAC
PAC
PAC
PAC
PAC
PAC
Write 0
Write 1
Write 2
Write 3
Write 4
Write 5
Write 6
Write 7
Read 0
Read 1
Read 2
Read 3
Read 4
Read 5
Read 6
Read 7
PAC
PAC
PAC
Password
Forbidden
PAC
PAC
PAC
PAC
Reserved
ꢀ
14
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-11. AT88SC0808C Configuration Memory
$0
$1
$2
$3
$4
$5
$6
$7
$00
$08
$10
$18
$20
$28
$30
$38
$40
$48
$50
$58
$60
$68
$70
$78
$80
$88
$90
$98
$A0
$A8
$B0
$B8
$C0
$C8
$D0
$D8
$E0
$E8
$F0
$F8
Answer to Reset
Identification
Read-Only
Fab Code
MTZ
Card Manufacturer Code
Lot History Code
DCR
AR0
AR4
Identification Number Nc
PR0
PR4
AR1
AR5
PR1
PR5
AR2
AR6
PR2
PR6
AR3
AR7
PR3
PR7
Access Control
Reserved
Issuer Code
Cryptogram C0
AAC0
AAC1
AAC2
AAC3
Session Encryption Key S0
Cryptogram C1
Session Encryption Key S1
Cryptogram C2
Cryptography
Session Encryption Key S2
Cryptogram C3
Session Encryption Key S3
Secret Seed G0
Secret Seed G1
Secret
Secret Seed G2
Secret Seed G3
PAC
PAC
PAC
PAC
PAC
PAC
PAC
PAC
Write 0
Write 1
Write 2
Write 3
Write 4
Write 5
Write 6
Write 7
PAC
PAC
PAC
PAC
PAC
PAC
PAC
PAC
Read 0
Read 1
Read 2
Read 3
Read 4
Read 5
Read 6
Read 7
Password
Forbidden
Reserved
15
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 4-12. AT88SC1616C/3216C/6416C/12816C/25616C Configuration Memory
$0
$1
$2
$3
$4
$5
$6
$7
$00
$08
$10
$18
$20
$28
$30
$38
$40
$48
$50
$58
$60
$68
$70
$78
$80
$88
$90
$98
$A0
$A8
$B0
$B8
$C0
$C8
$D0
$D8
$E0
$E8
$F0
$F8
Answer to Reset
Identification
Read-Only
Fab Code
MTZ
Card Manufacturer Code
Lot History Code
DCR
AR0
AR4
AR8
AR12
Identification Number Nc
PR0
PR4
AR1
AR5
PR1
PR5
AR2
AR6
PR2
PR6
AR3
AR7
PR3
PR7
PR8
AR9
PR9
AR10
AR14
PR10
PR14
AR11
AR15
PR11
PR15
Access Control
PR12
AR13
PR13
Issuer Code
AAC0
AAC1
AAC2
AAC3
Cryptogram C0
Session Encryption Key S0
Cryptogram C1
Session Encryption Key S1
Cryptogram C2
Cryptography
Session Encryption Key S2
Cryptogram C3
Session Encryption Key S3
Secret Seed G0
Secret Seed G1
Secret
Secret Seed G2
Secret Seed G3
PAC
PAC
PAC
PAC
PAC
PAC
PAC
PAC
Write 0
Write 1
Write 2
Write 3
Write 4
Write 5
Write 6
Write 7
PAC
PAC
PAC
PAC
PAC
PAC
PAC
PAC
Read 0
Read 1
Read 2
Read 3
Read 4
Read 5
Read 6
Read 7
Password
Forbidden
Reserved
ꢀ
16
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.
Communication Security Modes
Communication between the device and host operates in three basic modes. Standard mode is the default mode for the
device after power-up. Authentication mode is activated by a successful authentication sequence. Encryption mode is
activated by a successful encryption activation following a successful authentication. Data transferred to and from the device is
handled per the following table.
Table 5-1. Communication Security Modes
Mode
Configuration Data
User Data
Passwords
Data Integrity Check
Standard/Password
Authentication
Encryption
Clear
Clear
Clear
Clear
Clear
Clear
N/A
MAC
MAC
Encrypted
Encrypted
Encrypted
Note:
Configuration data includes the entire configuration memory except the passwords
MAC: Message Authentication Code
5.1
Security Operations
5.1.1 Password Verification
The use of passwords protects read and write accesses to the user zones. Any one of eight password sets is available for
assignment to any user zone through configuration of access registers. CryptoMemory provides separate 24-bit passwords for
read and write operations. Read passwords grant only read accesses to zones under password protection, while write
passwords grant both read and write accesses. Successful presentation of any password renders the verify password
command active until the presentation of another password or device reset. Only one password may be active at a time.
Presenting incorrect passwords decrements the value of the corresponding Password Attempts Counter (PAC). Decrementing
the PAC to $00 permanently disables the corresponding password and permanently renders the corresponding user zone(s)
under protection inaccessible. Operation in authentication or encryption mode requires encryption of passwords for all
password transactions.
Figure 5-1. Password Verification
CryptoMemory Device
VERIFY Password
Allow Access
Command/Communications
Host Logic
Send Password
Verify Password
encrypted if performed after
Mutual Authentication
17
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.1.2 Mutual Authentication
The use of a mutual authentication protocol further protects access to user zones. Any one of four key sets is available for
assignment to any user zone through configuration of access registers. Each key set consists of a secret seed, a cryptogram,
and a session encryption key. A Verify Crypto command exists to allow the use of any one of the key sets to enter
authentication mode. Each successful entry into authentication mode renders the mode active until the next call to the Verify
Crypto command or device reset. Only one key set may be active at anytime. Unsuccessful calls of the Verify Crypto
command exits authentication mode and decrements the value of the Authentication Attempts Counter (AAC) register.
Decrementing AAC to $00 permanently disables the corresponding key set and permanently renders the corresponding user
zone(s) under protection inaccessible.
Entry into authentication mode is a process through which the host and CryptoMemory device mutually authenticate one
another. First, the host generates a 64-bit random number, reads a current cryptogram from the device, and uses this
information in conjunction with the corresponding secret seed to generate a 64-bit challenge for the device. The host also
generates a new cryptogram and session encryption key in the process. The host then sends the challenge and random
number to the device by calling the Verify Crypto command. The device utilizes the random number from the host to generate
its own challenge, new cryptogram, and session encryption key. It then compares its challenge to the one from the host. If the
challenges match, then the device declares the host authentic, overwrites its corresponding current cryptogram and session
encryption key with the new ones. To complete the mutual authentication, the host reads the new cryptogram from the device
and compares it with its newly calculated cryptogram. The new cryptogram from the device serves as a challenge to the host.
If the cryptograms match then the device is authentic. Only an authentic pair of host and device can generate the same
challenges and cryptograms. Mutual authentication requires the use of the verify authentication variant of the Verify Crypto
command (see Table 7-1, “Atmel CryptoMemory Synchronous Command Set,” or Table 9-2, “Atmel CryptoMemory
Asynchronous Command Set”).
Figure 5-2. The Mutual Authentication Process
CryptoMemory Device
Command/Communications
Host Logic
Read Config Zone
Device Info, Cryptogram
[Secret Seed]
Read Device Info, Cryptogram
Compute Secret Seed
Generate Random Number
Verify Authentication
Read Config Zone
Compute Challenge A
Verify Challenge A
Compute Challenge A
Compute Challenge B
Compute Session Key
Compute Challenge B
Compute Session Key
Allow Access
Read Challenge B
Verify Challenge B
Allow Access
ꢀ
18
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.1.3 Data Encryption
CryptoMemory allows the use of encryption between a host system and the CryptoMemory device to protect the confidentiality
of data during read-write accesses and verify password operations. To enable encryption, the host must call the Verify Crypto
command with a valid session encryption key when the device is already in active authentication mode. The session
encryption key must belong to the active authentication key set. The host may enable encryption at any time after which data
content of communication between host and device user zones becomes encrypted. If a user zone configuration in the access
register requires encryption; however, then the host must enter encryption mode and must encrypt all data content to and from
the zone in the remainder of the active encryption session in order to communicate with the zone. CryptoMemory does not
encrypt system zone data except for password and password attempt counters. Passwords and password attempt counters
require encryption during active authentication or encryption modes.
Each successful entry into encryption mode renders the mode active for the current key set until the next call to the Verify
Crypto command or device reset. Only one key set may be active at anytime. Unsuccessful calls of the Verify Crypto
command exits both encryption and authentication modes and decrements the value of the authentication attempts counter
(AAC) register. Decrementing AAC to $00 permanently disables the corresponding key set and permanently renders the
corresponding user zone(s) under protection inaccessible. Activating encryption is similar in process to activating
authentication with the exception that the session encryption key replaces the secret seed. The process uses the verify
encryption variant of the Verify Crypto command (see Table 7-1, “Atmel CryptoMemory Synchronous Command Set,” or Table
9-2, “Atmel CryptoMemory Asynchronous Command Set”).
Figure 5-3. Encryption Activation Process from Active Authentication Mode
CryptoMemory Device
Command/Communications
Host Logic
Session Key, Cryptogram
Session Key, Cryptogram
Generate Random Number
Verify Encryption
Compute Challenge A
Verify Challenge A
Compute Challenge B
Enable Encryption
Compute Challenge A
Compute Challenge B
Read Challenge B
Read Config Zone
Verify Challenge B
5.1.4 Encrypted Checksum
CryptoMemory implements a data validity check function in the form of an encrypted checksum. This checksum provides a
bi-directional data integrity check and data origin authentication capability in the form of a Message Authentication Code
(MAC): only the host/device that carried out a valid authentication is capable of computing a valid MAC. When writing data to
the CryptoMemory device in authentication or encryption communication modes, the host must send a valid checksum
immediately following the write command. If the checksum is invalid, the device rejects the write command and resets the
device security privileges. The host must reinitiate entry into authentication and, if applicable, encryption modes to continue.
The use of checksum is optional when reading data. Calls to the Read Checksum command resets device security so its use
is recommended only at the completion of all data read operations from the device.
19
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.2
Data Protection Features
Security operations control access to data stored in CryptoMemory. After gaining access, additional options exist to protect
data in the user memory.
5.2.1 Modify Forbidden
The Modify Forbidden option renders the user zone read-only by restricting all write operations to it. It is recommended to
program all required data in the user zone prior to enabling this option. Modify Forbidden is available for any user zone and is
selectable by configuring appropriate access registers.
5.2.2 Program Only
The Program Only option constrains data bit modification to programming from Logic 1 to Logic 0 only. Data bits may never
change from Logic 0 to Logic 1. Program Only is available for any user zone and is selectable by configuring appropriate
access registers.
5.2.3 Write Lock
The Write Lock option provides ability to render individual bytes within a user zone read-only by restricting all write operations
to it. It operates on 8-byte page level whereby the lowest addressed byte of the page serves as the Write Access Control byte
for that page. Table 5-2 shows the use of Write Lock for data at addresses $080 thru $087. The byte at $080 controls write
access to bytes from $080 to $087.
Table 5-2. Write Lock Example
Address
$0
$1
$2
$3
$4
$5
$6
$7
$080
11011001
xxxx xxxx
Locked
xxxx xxxx
Locked
xxxx xxxx
xxxx xxxx
xxxx xxxx
Locked
xxxx xxxx
xxxx xxxx
The Write Lock option also applies to the Access Control byte for each page by writing its least significant (rightmost) bit to
Logic 0. Moreover, only logic modifications from Logic 1 to Logic 0 of the access control byte are permissible.
Write Lock is available for any user zone and is selectable by configuring appropriate access registers; furthermore,
configuring a user zone with the Write Lock option restricts writing to that zone to a byte at a time. Attempts to write several
bytes within a command result in writing only the first byte.
5.2.4 Anti-tearing (Power Loss Protection)
In the event of a power loss during a write cycle, the integrity of the device's stored data may be recovered. This function is
optional, and the host may choose to activate the anti-tearing function for any write to a user zone or configuration memory by
use of the appropriate B4 system write command. When anti-tearing is active, write commands will take longer to execute
since more write cycles are required. Additionally, the data written is limited to 8-bytes.
Data is written first to a Buffer zone in EEPROM instead of the intended destination address in the User zone or Configuration
Memory, but with the same access conditions. If this write cycle is interrupted the original data remains intact in the User zone
or Configuration Memory. The data is then written in the required memory location. If this second write cycle is interrupted the
device will automatically recover the data from the system Buffer zone at the next power-up and write it to the intended
destination address.
In 2-Wire mode, the host is required to perform ACK polling for 18ms after each write command when anti-tearing is active. At
power-up, five clock cycles are required to check the anti-tearing flags. In the event the device needs to carry out the data
recovery process the host is required to perform ACK polling for 14ms.
ꢀ
20
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.3
Configuration Memory Values
This section describes each individual field in the Configuration Memory.
5.3.1 Default Values
Atmel programs certain fields of the Configuration Memory at the factory. The customer may elect to change the content of all
of these fields except for the lot history code field which is permanently locked. Atmel programs the remainder of the fields,
including all of the Configuration Memory and user zones to ones prior to releasing the device from the factory. Table 5-3
summarizes device fields Atmel programs at the factory. A brief description of each field follows.
Table 5-3. Factory Programmed Fields
Write 7 Password
Device
ATR
Fab Code
Lot History code
(Secure Code)
Atmel AT88SC0104C
Atmel AT88SC0204C
Atmel AT88SC0404C
Atmel AT88SC0808C
Atmel AT88SC1616C
Atmel AT88SC3216C
Atmel AT88SC6416C
3B B2 11 00 10 80 00 01
3B B2 11 00 10 80 00 02
3B B2 11 00 10 80 00 04
3B B2 11 00 10 80 00 08
3B B2 11 00 10 80 00 16
3B B3 11 00 00 00 00 32
3B B3 11 00 00 00 00 64
10 10
20 20
40 40
80 60
16 80
32 10
64 40
28 60
58 60
Variable, locked
Variable, locked
Variable, locked
Variable, locked
Variable, locked
Variable, locked
Variable, locked
Variable, locked
Variable, locked
DD 42 97
E5 47 47
60 57 34
22 E8 3F
20 0C E0
CB 28 50
F7 62 0B
22 EF 67
17 C3 3A
Atmel AT88SC12816C 3B B3 11 00 00 00 01 28
Atmel AT88SC25616C 3B B3 11 00 00 00 02 56
5.3.2 Answer To Reset (ATR)
This is an 8-byte wide register with content that Atmel defines. This register is read/write accessible prior to blowing the FAB
fuse, but becomes read-only after blowing the fuse.
5.3.3 FAB Code
This field is a 16-bit wide register with content that Atmel defines. This field is read/write accessible prior to blowing the FAB
fuse, but becomes read-only after blowing the fuse.
5.3.4 Memory Test Zone (MTZ)
This field is a 16-bit wide register with open read/write access privileges at all times for testing basic communication to the
device. This field is free of all security constraints at all times.
5.3.5 Card Manufacturer Code
This field is a 32-bit wide register with read/write access privileges for the customer to define its content. The content of this
field becomes read-only after blowing the PER fuse.
5.3.6 Lot History Code
This field is a 64-bit wide register with content that Atmel defines. This field is read-only.
5.3.7 Issuer Code
This field is a 128-bit wide register with read/write access privileges for customer to define its content. The content of this field
becomes read-only after blowing the PER fuse.
21
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.3.8 Device Configuration Register (DCR)
This 8-bit register allows selection of the following device configuration options (active low). The values programmed have an
immediate effect on the logic of the device. The default value is one for each bit.
Table 5-4. Device Configuration Register (DCR)
Bit 7
Bit 6
Bit 5
Bit 4
Bit 3
Bit 2
Bit 1
Bit 0
SME
UCR
UAT
ETA
CS3
CS2
CS1
CS0
5.3.8.1 SME – Supervisor Mode Enable
Asserting this bit (SME = 0) enables supervisor mode for Write 7 Password such that verifying Write 7 Password grants read
and write accesses to all password sets and PACs. Verifying Write 7 Password does not grant access to other passwords
when this bit is not asserted (SME = 1).
5.3.8.2 UCR – Unlimited Checksum Reads
Asserting this bit (UCR = 0) allows unlimited number of checksum reads without requiring a new authentication. Not asserting
this bit (UCR = 1) limits the read of checksum to one attempt after which the device resets the crypto algorithm after executing
the Read Checksum command.
5.3.8.3 UAT – Unlimited Authentication Trials
Asserting this bit (UAT = 0) disables the Authentication Attempts Counter (AAC) thus allowing unlimited authentication
attempts. The AAC decrements after each unsuccessful attempt but the internal logic ignores it value. Asserting this bit also
prevents reset of the crypto algorithm after reading the MAC in encryption mode. The UAT bit does not affect the password
attempts counter.
5.3.8.4 ETA – Eight Trials Allowed
Asserting this bit (ETA = 0) extends the trials limit to eight incorrect attempts to authenticate or verify a password. The counter
(AAC or PAC) will decrement ($FF, $FE, $FC, $F8, $F0, $E0, $C0, $80, $00) with each incorrect attempt. Disabling this bit
(ETA = 1) limits authentication and password verification trials to only four incorrect attempts ($FF, $EE, $CC, $88, $00).
5.3.8.5 CS0 – CS3: Programmable Chip Select (Only relevant in synchronous protocol)
The four most significant bits (b4 – b7) of every command comprise the Chip Select Address. All CryptoMemory devices will
respond to the default chip select address of $B (1011). Each device also responds to a second chip select address
programmed into CS0 – CS3 of the device configuration register. By programming each device to a unique chip select
address, it is possible to connect up to 15 devices on the same serial data bus and communicate individually to each. Global
communications to all devices sharing the bus is accomplished using the default Chip Select Address $B.
5.3.9 Access Registers
Four, eight, or sixteen 8-bit access registers allow personalization of the device. Each access register works in conjunction
with a password/key register to define the security settings for each individual zone of the user memory. Values in the access
registers take immediate effect after programming. The default value for each bit is one.
Table 5-5. Access Register
Bit 7
Bit 6
Bit 5
Bit 4
Bit 3
Bit 2
Bit 1
Bit 0
PM1
PM0
AM1
AM0
ER
WLM
MDF
PGO
ꢀ
22
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.3.9.2 PM(1:0) Password Mode
Table 5-6. Password Mode
PM0
PM1
Access
1
1
0
1
0
*
No Password Required
Write Password Required
Read and Write Passwords Required
When PM = 11, the user zone under protection requires no password. When PM = 10, the zone requires write password
verification for writing and reading is free. When PM = 01 or 00, reading requires the read password verification and writing
requires write password verification; however, proper verification of the write password also grants read access. The password
set required is specified by PW(3:0) in the corresponding passwords/keys register (see following section). Verification of the
write password also allows modification of the read and the write passwords, for each password set.
5.3.9.3 AM(1:0) – Authentication Mode
Table 5-7. Authentication Mode
AM1
AM0
Access
1
1
0
0
1
0
1
0
No Authentication Required
Authentication for Write
Normal Authentication Mode
Dual Access Mode
When AM = 11, the user zone under protection requires no authentication. When AM = 10, the zone requires authentication
only for write accesses and read accesses are free. When AM = 01, the zone requires authentication for both write and read
accesses. In both of these configurations, the Authentication Key (AK) in the corresponding passwords/keys register specifies
the required secret seed and corresponding cryptogram, and when applicable the session encryption key (see Section 6,
Protocol Selection).
Finally, when AM = 00, the dual access mode is active in which authentication using the Program Only Key (POK) gives a right
to read and program the zone (i.e. write zeros only), while authentication using the Authentication Key (AK) gives full read and
write access to the zone. In this way, a token application may be implemented, whereby regular hosts with knowledge of POK
may decrement the stored value, and only master hosts with knowledge of AK may reset the token to its full value. See the
following Section 6 on the passwords/keys register for further definition of POK and AK.
Notes: 1. When AM = 00, the POK bits in the corresponding password/key register are ignored
2. When AM = 00 and PGO = 0; bits in the zone may not be written to one even when using the AK
3. Requiring authentication automatically requires the use of secure checksums for write operations (See
“Encrypted Checksum”)
5.3.9.4 ER – Encryption Required
When ER = 0, the host is required to activate the encryption mode in order to read/write the corresponding user zone. No data
read from or written to the zone may be transmitted in the clear. If ER = 1, the host may activate the encryption mode, but isn't
specifically required to do so by the device.
5.3.9.5 WLM – Write Lock Mode
Asserting this bit (WLM = 0) divides the user zone into 8-byte pages. The first byte of each page becomes the Write Lock byte
and defines the locked/unlocked status for each byte in the page. Write access is forbidden to a byte if its associated bit in the
Write Lock byte is set to zero. Bit 7 controls byte 7; bit 6 controls byte 6, etc. By setting bit 0 to zero locks the Write Lock byte
itself. Enabling Write Lock mode limits write operations to one byte at a time.
23
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.3.9.6 MDF – Modify Forbidden
Asserting this bit (MDF = “0”) renders the user zone read-only at all times. The user zone must, therefore, be programmed
before setting this bit to “0”
5.3.9.7 PGO – Program Only
Asserting this bit (PGO = 0) allows changing of data within the user zone under protection from one to zero and never from
zero to one.
5.3.10 Password/Key Registers
Four, eight or sixteen 8-bit Password/Key registers receive definition during device personalization. Each Password/Key
register works in conjunction with a corresponding Access register to define the security settings of each zone. The values
programmed have an immediate effect on the logic of the device. The default value is one for each bit. Bit 3 is reserved and
should be left as value one.
Table 5-8. Password/Key Register Definition
Bit 7
Bit 6
Bit 5
Bit 4
Bit 3
Bit 2
Bit 1
Bit 0
AK1
AK0
POK1
POK0
Res
PW2
PW1
PW0
5.3.10.1 AK(1:0) – Authentication Key
These bits define which of the four secret seeds G0-G3 must be used in an authentication to allow access to the user zone if
authentication is selected in the corresponding access register. Each access register may point to a unique authentication
secret, or access registers for multiple zones may point to the same authentication secret. In this case authentication with a
single secret seed will open several zones.
5.3.10.2 POK(1:0) – Program Only Key
When the user zone has the dual access mode selected (AM = 00), these bits define which of the four secret seeds G0-G3
must be used in an authentication to allow read and program (i.e. write zeros only) access to the user zone.
5.3.10.3 PW(2:0) – Password Set
These bits define which of the eight password sets must be presented to allow access to the user zone when the password
mode is selected.
5.3.11 Identification Number
A 56-bit number the customer defines during personalization. It is recommended that a unique identification number be
assigned to each device.
5.3.12 Cryptograms (C0 – C3)
Each of these fields contains a 56-bit cryptogram for use during authentication. The internal logic modifies the cryptogram
each time it successfully verifies the authentication. The customer may program an initial value for the cryptogram during
personalization. It is recommended that the initial values be diversified or random.
5.3.13 Session Keys (S0 – S3)
Each of these fields contains a 64-bit session key for use during encryption. The internal logic modifies the session key each
time it successfully processes authentication or encryption verification. The session keys do not require initial values and thus
programming of initial values is not necessary.
ꢀ
24
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
5.3.14 Secret Seeds (G0-G3)
Each of these fields contains a 64-bit secret seed that is used in conjunction with the corresponding cryptogram and session
key during the authentication and encryption sequences. The customer programs the secret seeds during device
personalization.
5.3.15 Password Sets
The password fields contain eight sets of two 24-bit passwords for read and write operations. The customer defines the values
of these passwords during personalization. Successfully verifying the write password allows modification of the read and the
write passwords of the same set.
5.3.16 Secure Code
The secure code is the Write 7 Password. Properly presenting this password grants write access to the configuration memory
during personalization. Atmel defines the initial value of the secure code but the customer may change these values after
successful presentation during a verify Write 7 Password operation. Table 5-3 shows the secure codes for the various devices
as they leave the Atmel factory. After blowing the PER fuse, verifying Write 7 Password no longer grant write access to the
configuration memory, and the configuration memory becomes read-only thereafter.
5.3.17 Password Attempts Counters (PAC)
Each of the sixteen PAC fields contains an 8-bit attempts counter for the verify password process. Each PAC corresponds to a
password. The attempts counter limits the number of incorrect consecutive presentations of the corresponding password to
four, after which it locks the password from future use. The PAC will decrement ($FF, $EE, $CC, $88, $00) with each incorrect
attempt to present the password. The PAC permanently locks the corresponding password once its value reaches $00. Prior
to reaching $00, any correct presentation of the password resets the PAC value to $FF.
5.3.18 Authentication Attempts Counters (AAC)
Each of the four AAC fields contains an 8-bit attempt counter for the authentication process. Each AAC field corresponds to
each authentication key set. The attempts counter limits the number of incorrect consecutive attempts to authenticate to four,
after which it locks the authentication key set from future use. The AAC will decrement ($FF, $EE, $CC, $88, $00) with each
incorrect attempt to authenticate. The AAC permanently locks the corresponding key set once its value reaches $00. Prior to
reaching $00, any correct attempt to authenticate resets the AAC value to $FF.
5.4
Security Fuses
CryptoMemory uses four fuses. The status of these fuses is given in a ‘fuse byte.’ A value of zero indicates the fuse has been
blown. Bits 4 to 7 of this byte are not used as security fuses and are reserved for Atmel use.
Table 5-9. Device Fuses
F7
F6
F5
F4
F3
F2
F1
F0
Resv
Resv
Resv
Resv
SEC
PER
CMA
FAB
The bits SEC, PER, CMA, and FAB are non-volatile fuses blown at the end of various steps in the manufacturing and
personalization process. Once blown, these fuses can never be reset. Atmel blows the SEC fuse to lock the lot history code
before the device leaves the factory. Blowing the remainder of the fuses must follow the sequence:
FAB
CMA
PER
To lock the answer to reset and the FAB Code portions of the Configuration Memory.
To lock the card manufacturer code of the Configuration Memory.
To lock the remainder of the Configuration Memory.
Any attempt to blow a fuse out of sequence will be unsuccessful.
Table 5-10 provides a summary of access rights for all portions of the memory for each fuse condition.
25
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 5-10. Fuse Access Rights Summary
Fuse
Zone
Operation
SEC = 0
Free
FAB = 0
Free
CMA = 0
Free
PER = 0
Free
Read
Write
Read
Write
Read
Write
Read
Write
Read
Write
Read
Write
Read
Write
Read
Write
Read
Write
Read
Identification
(Except MTZ and CMC)
Secure Code
Forbidden
Forbidden
Forbidden
Memory Test Zone
Free
Free
Free
Free
(MTZ)
Free
Secure Code
Free
Free
Secure Code
Free
Free
Forbidden
Free
Free
Forbidden
Free
Card Manufacturer Code
(CMC)
Read Only
(Lot History Code)
Forbidden
Free
Forbidden
Free
Forbidden
Free
Forbidden
Free
Access Control
Secure Code
Free
Secure Code
Free
Secure Code
Free
Forbidden
Free
Cryptography
(Except Encryption Keys S)
Secure Code
Secure Code
Secure Code
Forbidden
Encryption Keys
Secure Code
Secure Code
Secure Code
Secure Code
Secure Code
Secure Code
Secure Code
Secure Code
Secure Code
Forbidden
Forbidden
Write PW
(S)
Secret
Passwords
Password Attempts
Counters
Free
Free
Free
Free
Write
Secure Code
Secure Code
Secure Code
Write PW
(PAC)
Read
Write
Read
Write
Forbidden
Forbidden
AR
Forbidden
AR
Forbidden
AR
Forbidden
AR
User Zones
Notes: 1. AR: Access rights are defined by the access registers.
2. PW: Password.
3. Secure Code: Write 7 Password is the secure code until the PER fuse is blown.
4. Forbidden: No access is permitted.
ꢀ
26
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
6.
Protocol Selection
CryptoMemory supports two application areas with different communication protocols:
2-Wire Serial Communication for Embedded Applications
ISO 7816 Asynchronous T=0 Smart Card Interface
The power-up sequence of CryptoMemory determines what mode it shall operate in. A brief description of each of these
modes follows.
6.1
Synchronous Mode for Embedded Applications
The 2-Wire serial interface is used for fast and efficient communication with logic and controllers. The synchronous mode is
the default after powering up VCC due to the internal and/or external pull-up on RST. For embedded applications using
CryptoMemory in standard plastic packages RST is not bonded out and this is the only communication protocol.
Power-up VCC, RST goes high,
After stable VCC, apply five pulses CLK-SCL,
CLK-SCL and I/O-SDA may then be driven.
Figure 6-1. Asynchronous Mode
V
cc
I/O-SDA
RST
1
2
4
5
3
CLK-SCL
The asynchronous mode is selected when RST is low on a rising edge of CLK. Once the Asynchronous mode has been
selected, it is not possible to return to the Synchronous mode other than by powering the device off and on again.
6.2
Asynchronous Mode for Smart Card Applications
The Asynchronous T=0 Protocol defined by ISO 7816-3 is used for compatibility with the industry standard smart card readers.
Selecting this mode requires the following power-up sequence which complies with ISO 7816-3 for a cold reset in smart card
applications.
Power up VCC; RST, IO-SDA and CLK-SCL are low,
Set I/O-SDA in Receive mode,
Provide a clock signal to CLK-SCL,
RST goes high after 400 clock cycles.
The device will respond with a 64-bit ATR code including historical bytes to indicate the memory density within the
CryptoMemory family.
The 64-bit ATR code comes from a register which contains the characters shown in Table 6-1 and Table 6-2. The historical
bytes (T1, T2, T3) show the density of the CryptoMemory device. This register may be modified during personalization but is
locked when the PER fuse is blown. Care must be taken to respect the applicable standards defining the ATR value if
operating in asynchronous mode. The CryptoMemory device will always output all 8-bytes in response to the Asynchronous
ATR command regardless of the contents of the register.
27
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 6-1. ATR Codes for Lower Density Atmel CryptoMemory
Device
TS
T0
TA(1)
TB(1)
TD(1)
TA(2)
T1
T2
AT88SC0104C
AT88SC0204C
AT88SC0404C
AT88SC0808C
AT88SC1616C
$3B
$3B
$3B
$3B
$3B
$B2
$B2
$B2
$B2
$B2
$11
$11
$11
$11
$11
$00
$00
$00
$00
$00
$10
$10
$10
$10
$10
$80
$80
$80
$80
$80
$00
$00
$00
$00
$00
$01
$02
$04
$08
$16
Table 6-2. ATR Codes for Higher Density Atmel CryptoMemory
Device
TS
T0
TA(1)
TB(1)
TD(1)
T1
T2
T3
AT88SC3216C
AT88SC6416C
AT88SC12816C
AT88SC25616C
$3B
$3B
$3B
$3B
$B3
$B3
$B3
$B3
$11
$11
$11
$11
$00
$00
$00
$00
$00
$00
$00
$00
$00
$00
$00
$00
$00
$00
$01
$02
$32
$64
$28
$56
Once the Asynchronous mode has been selected, it is not possible to switch to the synchronous mode without powering off
the device.
Figure 6-2. Power-Up Sequence for Smart Card Mode
V
cc
ATR
I/O-SDA
RST
CLK-SCL
After a successful ATR, the Protocol and Parameter Selection (PPS) protocol defined by ISO 7816-3 may be used to negotiate
the communications speed with CryptoMemory devices 32Kb and larger in user memory. CryptoMemory supports D values of
1, 2, 4, 8, 12, and 16 for an F value of 372. CryptoMemory also supports D values of 8 and 16 for F = 512. This allows
selection of eight communications speeds ranging from 9,600 baud to 153,600 baud.
Smart card applications that support the 2-Wire protocol can also use CryptoMemory in the Synchronous mode.
ꢀ
28
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.
Synchronous Protocol
Communication with the CryptoMemory using the synchronous protocol is very similar to communication with Atmel AT24Cxxx
Serial EEPROM devices using a 2-Wire protocol (TWI). Basic command structure and timing are the same; however, a
significant difference exists when reading the CryptoMemory device which is described below.
7.1
Start-up Sequence
When first powering up the device, five pulses are required on CLK-SCL for reading of internal registers. This can be
accomplished by sending one full command byte to the device. The device will not respond but will then be ready to respond
to the next correct command sequence.
Power-up VCC
,
External pull-up resistor pulls I/O-SDA high with VCC
,
After stable VCC, five pulses are applied to CLK-SCL,
CLK-SCL and I/O-SDA may be driven.
Figure 7-1. Start-up Sequence
V
cc
I/O-SDA
1
2
4
5
3
CLK-SCL
29
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.2
Command Set
The command set of CryptoMemory is expanded compared to a Serial EEPROM as the functionality of CryptoMemory
exceeds that of a simple memory device. Each instruction sent to the CryptoMemory must have four bytes:
Command
Address 1
Address 2
N
The last byte, N, defines the number of any additional data bytes to be sent or received from the CryptoMemory device.
Table 7-1. Atmel CryptoMemory Synchronous Command Set
Command Description
Command ADDR 1 ADDR 2
N
Data (N)
Normal
N-bytes
$B0
$B0
$B0
ADDR
ADDR
ADDR
ADDR
ADDR
ADDR
N $10
(AT88SC0104C-AT88SC1616C)
Normal
N-bytes
N-bytes
N-bytes
N $40
N $80
(AT88SC3216C, AT88SC6416C)
Normal
Write User Zone
Read User Zone
(AT88SC12816C, AT88SC25616C)
With Anti-Tearing (All Devices)
$B0
$B2
ADDR
ADDR
ADDR
ADDR
N $08
N
Write Config Zone
N-bytes
N-bytes
N-bytes
$B4
$B4
$B4
$00
$00
$00
ADDR
ADDR
ADDR
N $10
N $40
N $80
(AT88SC0104C-AT88SC1616C)
Write Config Zone
(AT88SC3216C, AT88SC6416C)
Write Config Zone
(AT88SC12816C, AT88SC25616C)
Write Fuses
System Write
$B4
$B4
$B4
$B4
$B4
$B6
$B6
$B6
$01
$02
$03
$08
$0B
$00
$01
$02
Fuse ID
$00
$00
$02
Send Checksum
2-bytes
N-bytes
Set User Zone
Zone
ADDR
Zone
ADDR
$00
$00
Write Config Zone with Anti-Tearing
Set User Zone with Anti-Tearing
Read Conifg Zone
N $08
$00
N
System Read
Verify Crypto
Read Fuse Byte
$01
Read Checksum
$00
$02
8-random bytes
+ 8 challenge bytes
Verify Authentication
Verify Encryption
$B8
$B8
$0X
$1X
$00
$00
$10
$10
X= key set (0-3)
8-random bytes
+ 8-challenge bytes
X= key set (0-3)
3-byte password
Write Password
Read Password
$BA
$BA
$0X
$1X
$00
$00
$03
$03
X=password set (0-7)
3-byte password
Verify Password
X=password set (0-7)
ꢀ
30
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.3
Command Format
Most CryptoMemory commands have the same format as a 2-Wire Interface (TWI) Write command. The TWI Write command
is characterized by a zero in the LSB of the first byte (device address). The numbers of word address bytes in a TWI Write
command will vary depending on the size of the memory being addressed. All bytes whether part of the command or data are
generated by the host and sent to the memory device that will acknowledge each byte.
Figure 7-2. TWI Write Command
S
T
A
R
T
S
T
O
P
Device
Address
Word
Address 1
Word
Address 2
N
Data
Data X N
xxxx xxx0
xxxx xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
All CryptoMemory commands will have a zero for the LSB of the first byte. All CryptoMemory commands will have
4-bytes used for defining the command and addressing the memory. All but the CryptoMemory read commands will send an
additional 0- to 128-bytes of data following the four command bytes. These commands comply with the format of a TWI Write
command.
The CryptoMemory Read commands (Read User Zone, System Read) do not comply with the format of a TWI Write or Read
command. The CryptoMemory Read command looks like a TWI Write command (LSB of the first byte = 0) but after the fourth
byte of the command the CryptoMemory device will begin to send data back on the bus. The number of bytes sent by
CryptoMemory will be equal to the value of N.
Figure 7-3. CryptoMemory Read Command
S
T
A
R
T
N S
A T
C O
K P
A
C
K
Command
Address 1
Address 2
N
xxxx 0x10
xxxx xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
Data
Data x N
The response of CryptoMemory will cause contention with the host on a standard TWI bus. Typically CryptoMemory cannot be
used on a standard TWI bus but requires a modified TWI protocol to account for the unique read command format.
31
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.4
Acknowledge Polling
Each command is ended with a stop condition. Certain commands are required to be followed by an acknowledge polling
sequence. Acknowledge polling consists of sending a start condition followed by the command byte and determining if the
device responded with an ACK. If the device is not ready for the command it will not acknowledge and the sequence must be
repeated (start condition, command byte, check for ACK). The ACK indicates the operation has completed but gives no
indication of the success or failure of the command.
Read Commands: No ACK polling required
Write Commands: ACK polling required except encrypted write commands. Any command may be used
Set commands: No ACK polling required
Verify commands:ACK polling required with B2 or B6 commands only
The following table lists the specific requirements for ACK polling and the maximum expected delay before the device will ACK
indicating readiness for the next command.
Table 7-2. Minimum Delay for ACK Polling for each Command
Addr
Command Description
Command Addr 1
N
ACK Polling CMD
Delay
2
Required, any CMD
Required, any CMD
No, Send Checksum
No, Send Checksum
Normal
$B0
$B0
$B0
$B0
addr
addr
addr
addr
addr
addr
addr
addr
N
N
N
N
5ms
20ms
0
Normal with Anti-Tearing
Encrypted
Write User
Zone
Encrypted with Anti-Tearing
0
Read User
Zone
Not Required
$B2
addr
addr
addr
N
N
0
Required, any CMD
Required, any CMD
Required, any CMD
Required, any CMD
Not Required
Write Config Zone
$B4
$B4
$B4
$B4
$B4
$B4
$B4
$B6
$B6
$B8
$B8
$BA
$BA
addr
$00
$01
$02
$03
$08
$0B
$00
$01
$0X
$1X
$0X
$1X
5ms
5ms
5ms
20ms
0
Write Fuses
fuse ID $00
Send Checksum
$00
$00
$02
$02
$00
N
System Write
Send Checksum with Anti-Tearing
Set User Zone
zone
addr
zone
addr
$00
Write Config Zone with Anti-Tearing
Required, any CMD
Not Required
20ms
0
Set User Zone with Anti-Tearing
$00
N
Not Required
Read Config Zone
Read Fuse Byte
Verify Authentication
Verify Encryption
Write Password
Read Password
0
System Read
Verify Crypto
Not Required
$01
$10
$10
$01
$03
0
Required; B2 or B6 only
Required; B2 or B6 only
Required; B2 or B6 only
Required; B2 or B6 only
$00
10ms
10ms
10ms
10ms
$00
$00
Verify
Password
$00
Note:
Delays are based on operation at 25° C.
ꢀ
32
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.5
7.6
Device Addressing
The first nibble of the command byte corresponds to the device address. All CryptoMemory devices will respond to the device
address $B. A specific device may be set to respond to another value ($0 to $F) in addition to $B by setting this value in the
second nibble of the Device Configuration Register (DCR) in the configuration memory. The DCR is set to $FF at the Atmel
factory and thus will respond to device address $B and $F unless the DCR is modified. For a device to respond only to $B the
DCR should be set to $B also.
Command Descriptions
In the following section operations are described in two parts: the instruction is described first from a functional point of view
(parameters and data exchanged), after which they are detailed for the synchronous 2-Wire protocol. In these diagrams,
values are shown in binary format with bits to the left transmitted first, i.e. bytes are transmitted most significant bit first.
7.6.1 Write User Zone: $B0
7.6.1.1 Functional
Figure 7-4. Write User Zone Command Functional Description
Host
Device
Command
Address 1
Address 2
Number of bytes N
Data
N data bytes
…
Data
The Write User Zone command $B0 allows writing of data in the device's currently selected user zone (the procedure for
selecting a user zone is described in Section 7.6.3, System WRITE: $B4).
The data byte address to be written is defined by Address 1 and Address 2 in the command. The value N defines how many
bytes to write. The maximum number of bytes that may be written is as follows;
$10 forAT88SC0104C through AT88SC1616C (EEPROM page size of 16-bytes)
$40 for AT88SC3216C and AT88SC6416C (EEPROM page size of 64-bytes)
$80 for AT88SC12816C and AT88SC25616C (EEPROM page size of 128-bytes)
In anti-tearing mode the maximum value for N is $08 for all devices. A write in anti-tearing mode is activated with the set user
zone with anti-tearing command; all subsequent writes to the user zone will be in anti-tearing mode. A write may be started in
the middle of an EEPROM page but should not extend past the end of the page.
If the host is not allowed to write in the zone, the device will not acknowledge the N-byte. After this command the host must
perform ACK polling unless operating in the encrypted mode, then this command must be followed by the send Checksum
command.
33
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Figure 7-5. Write User Zone
S
T
S
T
O
P
A
R
Data x N
Command
Address 1
Address 2
N
Data
T
1011 0000
xxxx xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
7.6.2 Read User Zone: $B2
7.6.2.1 Functional
Figure 7-6. Read User Zone Command Functional Description
Host
Device
Read Command
Address 1
Address 2
Number of bytes N
Data
…
N data bytes
Data
The Read User Zone command $B2 allows reading of data from the device's currently selected user zone (the procedure for
selecting a user zone is described below under Section 7.6.3, System WRITE: $B4).
The data byte address to be read is defined by Address 1 and Address 2 in the command and is internally incremented
following the transmission of each data byte. The value N defines how many bytes CryptoMemory will read, a value of zero will
result in 256-bytes read. The host may cease clocking the device and end the transmission with a NACK and stop at any time
prior to receiving all N-bytes. During a read operation the address will roll-over from the last byte of the current zone to the first
byte of the same zone.
If the host is not allowed to read the zone, the device will not acknowledge the N-byte.
Figure 7-7. Read User Zone
S
T
A
R
T
N S
A T
C O
K P
A
C
K
Command
Address 1
Address 2
N
1011 0010
xxxx xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
Data
Data x N
ꢀ
34
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.6.3 System WRITE: $B4
7.6.3.1 Functional
Figure 7-8. System Write Command Functional Description
Host
Device
Command
Address 1
Address 2
Number of bytes N
Data
N data bytes
…
Data
The System Write command allows writing of system data to the device. Depending on the value of the Address 1 parameter,
the host may write data in the Configuration Memory, program the fuses, or set the user zone.
Table 7-3. System Write Command Detail
Command Description
Command
Addr 1
Addr 2
N
Data (N)
Write Config Zone AT88SC0104C-AT88SC1616C)
Write Config Zone AT88SC3216C-AT88SC6416C)
Write Config Zone AT88SC12816C-AT88SC25616C)
$B4
$B4
$B4
$B4
$B4
$B4
$00
$00
$00
$01
$02
$03
ADDR
ADDR
ADDR
Fuse ID
$00
N-bytes
N-bytes
N-bytes
N $10
N $40
N $80
$00
Write Fuses
Send Checksum
Set User Zone
$02
2-bytes
Zone
$00
7.6.3.2 Write Config Zone
The maximum number of bytes that may be written is as follows:
$10 for AT88SC0104C through AT88SC1616C (EEPROM page size of 16-bytes).
$40 for AT88SC3216C and AT88SC6416C (EEPROM page size of 64-bytes).
$80 for AT88SC12816C and AT88SC25616C (EEPROM page size of 128-bytes).
In anti-tearing mode the maximum value for N is $08 for all devices. A write may be started in the middle of an EEPROM page
but should not extend past the end of the page. If the address provided is an unauthorized address, the device will not write
the requested data. Since access rights vary throughout the configuration memory, the host may provide an authorized
starting address, but a number of bytes that causes the device to reach unauthorized data. In this case, the device will prevent
the internal write cycle and no bytes will be written in the EEPROM. After this command the host must perform ACK polling.
35
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.6.3.3 Write Fuses
The fuses may only be programmed which is written from one to zero. The write fuses operation is allowed only after
successfully presenting the secure code (Write 7 Password). The fuses must be blown sequentially: FAB must be blown first,
CMA may be blown only if FAB is zero, and PER only if CMA is zero. After this command the host must perform ACK polling.
Table 7-4. Fuse Writing
Fuse
Fuse ID
FAB
CMA
PER
$06
$04
$00
7.6.3.4 Send Checksum
To write data to user zones that require authentication for write access (AM [1:0] = 00 or 10 in the access register), the host
should first carry out the write command $B0. At this point the memory is unchanged and the device is waiting for the host to
provide a valid checksum before initiating the write cycle. The host sends the checksum it has computed using the system
write command with Address 1 = $02. Only if the checksum is valid will the device initiate the write cycle; furthermore, if the
device receives an incorrect checksum, it will clear the authentication privilege. After this command the host must perform
ACK polling.
7.6.3.5 Set User Zone
Before reading and writing data in the user zones, the host must select a zone with this command. At this time the host
chooses whether anti-tearing should be active for this zone.
Table 7-5. Anti-Tearing
Command Description
Command
Addr 1
Addr 2
N
Data (N)
Write Config Zone with anti-tearing
Set User Zone with anti-tearing
$B4
$B4
$08
$0B
ADDR
Zone
N-bytes
N $08
$00
Data written to the Configuration Memory may be done with anti-tearing enabled by setting Address 1 to $08 of the write
Configuration Zone command.
To enable anti-tearing for writes to a user zone a set user zone command is executed with Address 1 set to $0B. All
subsequent write user zone commands will be executed with anti-tearing enabled until the next set user zone command.
Anti-tearing should be turned off if not required, as it would otherwise cause more write cycles than necessary.
Figure 7-9. System Write
S
T
A
R
T
S
T
O
P
Command
Address 1
Address 2
N
Data
Data x N
1011 0100
0000 xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
ꢀ
36
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.6.4 System Read: $B6
7.6.4.1 Functional
Figure 7-10. System Read Command Functional Description
Host
Device
Read Command
Address 1
Address 2
Number of bytes N
Data
…
N data bytes
Data
The system read command allows reading of system data from the device. Depending on the value of Address 1, the host may
read the data in the configuration memory, the fuses or a checksum.
Table 7-6. System Read Command Detail
Command Description
Command
ADDR 1
ADDR 2
N
Read Config Zone
Read Fuse Byte
Read Checksum
$B6
$B6
$B6
$00
$01
$02
addr
$00
$00
N
$01
$02
7.6.4.2 Read Config Zone
The data byte address to be read is defined by Address 2 in the command and is internally incremented following the
transmission of each data byte. The value N defines how many bytes CryptoMemory will read, a value of zero will result in
256-bytes read. If the address provided is an unauthorized address, the device will not ACK the N-byte and will not return any
data. Since access rights vary throughout the configuration memory, the host may provide an authorized starting address and
a number of bytes N that causes the device to reach unauthorized address. In this case the device will transmit the fuse byte
(see below) in place of unauthorized bytes.
7.6.4.3 Read Fuse Byte
Fuse data is returned in the form of a single byte. Bits zero to three represent the fuse state. A value of ‘0’ indicates the fuse
has been blown. Bits four to seven are not used as security fuses and are reserved by Atmel.
Table 7-7. Fuse Byte Definition
F7
F6
F5
F4
F3
F2
F1
F0
resv
resv
resv
resv
SEC
PER
CMA
FAB
37
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.6.4.4 Read Checksum
The checksum consists of 2-bytes, and the Read Checksum command must be sent with parameter N = 2.
Figure 7-11. System Read
S
T
N S
A T
C O
K P
A
R
A
C
K
Command
Address 1
Address 2
N
T
1011 0110
0000 xxxx
xxxx xxxx
xxxx xxxx
d7--- ---d0
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
Data
Data x N
ꢀ
38
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
7.6.5 Verify Crypto: $B8
7.6.5.1 Functional
Figure 7-12. Verify Crypto Command Functional Description
Host
Device
Command
Key Index
Q1
Q2
Q3
Q4
8-random bytes
Q5
Q6
Q7
Q8
CH1
CH2
CH3
CH4
CH5
CH6
CH7
CH8
8-challenge bytes
When the device receives the Verify Crypto command, it computes a challenge based on the received random number, Q, the
internally stored associated cryptogram, Ci, and secret seed, Gi (or session encryption key, Si). The device also decrements
the associated attempts counter. It then compares the computed challenge with the challenge sent by the host. If the
challenges match, the device computes and writes a new Ci and Si. The device utilizes the success or failure information of the
authentication process and updates the attempts counter accordingly.
Key index:
b0000_00nn : Secret Seed G0-G3
b0001_00nn : Session Encryption Key S0-S3
Data:
Q : Host random number, 8 bytes
CH : Host challenge, 8 bytes
39
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Figure 7-13. Verify Crypto
S
T
S
T
O
P
A
R
Command
Key Index
Parameter 2
N=16
T
Data x 16
1011 1000
000e 00nn
xxxx xxxx
0001 0000
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
Once the sequence has been carried out, the device requires the host to perform an ACK polling with either the read user
zone $B2 command or system read $B6 command. To verify whether the authentication succeeded, the host could either read
the associated attempts counter to confirm the value is $FF, or read the post authentication cryptogram from the device and
compare with the cryptogram generated when the host computed the challenge bytes.
ꢀ
40
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Verify Password: $BA
7.6.5.2 Functional
Figure 7-14. Verify Password Command Functional Description
Host
Device
Command
Password Index
PW1
8-password bytes
PW2
PW3
Read password indices: $10 to $17 for passwords 0 to 7.
Write password indices: $00 to $07 for passwords 0 to 7.
Secure code index: $07 (equivalent to Write 7 Password).
Four password index bits "r" and "ppp" indicate the password to compare:
r = 0 : Write password
r = 1 : Read password
p2p1p0: Password set number
Figure 7-15. Verify Password
S
T
S
T
O
P
A
R
Command
PW Index
Parameter 2
N=3
T
Data x 3
1011 1010
000r 0p2p1p0
xxxx xxxx
0000 0011
d7--- ---d0
A
C
K
A
C
K
A
C
K
A
C
K
A
C
K
Once the sequence has been carried out, the device requires the host to perform an ACK polling sequence with the system
read command $B6. In order to know whether the inserted password was correct, the host can read the corresponding
password attempts counter and verify the value is $FF.
41
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
8.
Initialization Example
The first step in initializing CryptoMemory is to determine what data is to be stored in the device and what the security settings
need to be to protect this data. Once defined the proper settings for CryptoMemory registers can be determined and values for
passwords and keys may be selected. To initialize the CryptoMemory device the following sequence is recommended to take
place in a secure location to protect sensitive data, passwords and keys that may be loaded into the device.
8.1
8.2
Write Data to User Zones
In the Atmel default configuration, all user zones have free access rights. Writing initial data into the user zones should be
done before setting security configurations. Use the Set User Zone command and Write User Zone command to write initial
data into the user zones. The Read User Zone command may be used to verify the data written.
Unlock the Configuration Memory
Before any data can be written to the Configuration Memory, it must be unlocked by presenting the correct security code
(Write 7 Password). Use the Verify Password command with the proper secure code supplied by Atmel to unlock the
Configuration Memory. Use the Read Config Zone command to read back the security code at address $E9 for verification that
the Configuration Memory has been unlocked.
8.3
8.4
Write Data to the Configuration Memory
Writing this data is accomplished by performing the Write Config Zone command at the appropriate address location. The
Read Config Zone command may be used to verify the data written. As soon as values are written to the registers, keys, and
passwords, they become effective in determining the security of the user zones.
Set Security Fuses
Once all data is written and verified into user zones and the Configuration Memory the security fuses should be set before the
device is released from the secure location used for device initialization. There are three fuses, FAB, CMA and PER that must
be set. These three fuses must be set in the order listed (FAB, then CMA, then PER). The Write Fuse command is used to set
each of the three fuses individually. The Read Fuse command may be used to check the status of all three fuses. Once all
fuses have been set the Read Fuse command should return a value of zero for the second nibble of the fuse byte.
The AT88SC0104C is used for this example. A small pattern is written into each of the four user zones. Security for each of
the four user zones and the associated register values are shown in the table below. Simple values for codes, keys, and
passwords are used.
Table 8-1. Example Zones Configuration
User Zone
Data
Security Requirements
Access Register
Password/Key Register
0
1
2
Zone 0
Zone 1
Zone 2
None
$FF
$7F
$DF
$FF
$F9
$BF
Read/Write Password (Set 1)
Read/Write Authentication (Set 2)
Read/Write Password (Set 1),
3
Zone 3
$57
$B9
Read/Write Authentication (Set 2)
with Encryption Required
ꢀ
42
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
The following shows the 2-Wire commands sent to the CryptoMemory device for the purpose of initializing the device. The flow
is consistent with the steps described above, comments have been added as indicated with an asterisk (*).
*Atmel AT88SC0104C Initialization Example
*WRITE DATA TO USER ZONES
*Set User Zone 0
B4 03 00 00
*Write data = Zone 0 Data
B0 00 00 0B 5A 6F 6E 65 20 30 20 44 61 74 61
*Set User Zone 1
B4 03 01 00
*Write data = Zone 1 Data
B0 00 00 0B 5A 6F 6E 65 20 31 20 44 61 74 61
*Set User Zone 2
B4 03 02 00
*Write data = Zone 2 Data
B0 00 00 0B 5A 6F 6E 65 20 32 20 44 61 74 61
*Set User Zone 3
B4 03 03 00
*Write data = Zone 3 Data
B0 00 00 0B 5A 6F 6E 65 20 33 20 44 61 74 61
*UNLOCK CONFIGURATION MEMORY
BA 07 00 03 DD 42 97
*WRITE CODES IN CONFIGURATION MEMORY
*Write Card Mfg Code = P001
B4 00 0B 04 50 30 30 31
*Write Identification Number = 00000000012345
B4 00 19 07 00 00 00 00 01 23 45
*Write Issuer Code = STATION 035
B4 00 40 10 53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00
*WRITE REGISTERS IN CONFIGURATION MEMORY
*Write Registers AR1/PR1 = 7F F9, AR2/PR2 = DF BF, AR3/PR3 = 57 B9
B4 00 22 06 7F F9 DF BF 57 B9
*WRITE KEYS IN CONFIGURATION MEMORY
*Write Ci for set 2 = 22222222222222
B4 00 71 07 22 22 22 22 22 22 22
*Write Gc for set 2 = 5B4F9AE4B5098BE7
B4 00 A0 08 5B 4F 9A E4 B5 09 8B E7
*WRITE PASSWORDS IN CONFIGURATION MEMORY
*Write Passwords, read 7 = 10 00 01, write 7 = 11 00 11
B4 00 B9 07 11 00 11 FF 10 00 01
*READ ENTIRE CONFIGURATION MEMORY TO VERIFY
B6 00 00 F0
43
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
*Device Response:
3B B2 11 00 10 80 00 01 10 10 FF 50 30 30 31 FF
8C AD A8 10 0A AB FF FF FB 00 00 00 00 01 23 45
FF FF 7F F9 DF BF 57 B9 FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF 22 22 22 22 22 22 22 FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
5B 4F 9A E4 B5 09 8B E7 D8 FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF 11 00 11 FF 10 00 01
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
*SET SECURITY FUSES
*Set FAB Fuse
B4 01 06 00
*Set CMA Fuse
B4 01 04 00
*Set PER Fuse
B4 01 00 00
*Read Fuse Byte = X0
B6 01 00 01
*Device Response:
00
ꢀ
44
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.
Asynchronous T=0 Protocol
9.1
Character Format
CryptoMemory complies with the asynchronous T=0 protocol defined in ISO 7816-3. The character format is shown in the
following figure.
Figure 9-1. Character Format
8 data bits
Start bit
Parity bit
Next Start bit
Z
I/O
A
d0 d1 d2 d3 d4 d5 d6 d7
p
Guard Time
0
t1
tn
t 10
(n ± 0,2) etu
Note:
The byte is transmitted with the least significant bit first
Even parity is used: the parity bit is such that the overall sum of bits in the data byte and the parity bit is an even number. If a
transmission error is detected, the receiving device indicates this by applying a low level on the I/O channel during the guard
time. This tells the transmitting device to retransmit the byte.
9.2
Command format
The command sequence is as follows:
1. In compliance with ISO 7816-3, the host must send the header consisting of five characters: CLA, INS, P1, P2, P3
CLA refers to a class of instructions. This byte isn't tested by the device.
INS is the instruction byte.
P1 and P2 are reference bytes, such as a data byte address or password index.
P3 is the number of data bytes transferred during the command. For outgoing transfers (e.g. read commands),
P3 = 0 means that 256-data bytes will be emitted by the card. For incoming commands, P3 = 0 means that no
data bytes will be transferred.
2. The device replies with a "procedure byte” normally equal to the INS code received. If a problem occurred, then the
device will respond with a status word pair SW1-SW2, indicating the end of the command.
3. Data transfer (P3-bytes).
4. A final SW1-SW2 sequence gives the status of the device after completion of the command. A normal completion is
indicated by SW1-SW2 = $90-$00.
Note:
For all bytes transmitted by the device or by the host, including header, procedure, status and data bytes, if a
parity error is detected, the receiver requests that byte to be sent again (see character format).
45
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.3
PPS Support
All CryptoMemory devices with user memory size 32Kb and larger support the Protocol and Parameter Selection (PPS)
protocol, Section 7 of ISO 7816-3. This section only applies to these larger devices; CryptoMemory devices with memory sizes
16-Kbit or smaller do not support PPS.
At the end of an ATR sequence, subsequent to either a cold or a warm reset initiated by the reader, the device will be
expecting either a ‘Class’ byte as part of a command header, or the initial character, PPSS, of a PPS request. If the device
receives a byte = $FF, it will process subsequent incoming bytes as a PPS request. In all other cases, it will proceed with
command processing. There are four bytes that comprise a PPS request or response:
Initial Character PPSS. Always equal to $FF.
Format Character PPS0. CryptoMemory supports two response values for PPS0, $00 and $01. See ISO 7816 for
further definition of PPS0.
Parameter Character PPS1. Encodes Fn and Dn in the same manner as TA(1) in the ATR.
Checksum PCK.
The following table shows the PPS1 values supported by CryptoMemory devices with memory sizes 32Kb and above.
Table 9-1. PPS1 Values Atmel CryptoMemory Supports
f Max
4MHz
5MHz
5MHz
Fl
Fl
0000b
372
0001b
372
1001b
372
Dl
Dl
PPS1
F/D
01
11
0001b
1
372
372
baud rate
PPS1
F/D
9600
02
9600
12
0010b
0011b
0100b
0101b
1000b
2
4
186
186
baud rate
PPS1
F/D
19200
03
19200
13
93
93
baud rate
PPS1
F/D
38400
04
38400
14
94
64
8
46.5
76800
05
46.5
76800
15
baud rate
PPS1
F/D
55800
95
16
12
23.25
153600
08
23.25
153600
18
32
baud rate
PPS1
F/D
111600
31
31
baud rate
115200
115200
ꢀ
46
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
After the ATR, the reader will have the choice of proceeding with commands using default values of F=372 and D=1
(9600-baud at 3.5712MHz), or negotiating values Fn and Dn through a PPS exchange. The following are four examples of
PPS requests and responses:
Example:
We assume CryptoMemory ATR contains the byte TA(1) = 15h, indicating that it is capable of using F=372 and
D=16, leading to a baud rate of 153,600-baud at 3.5712MHz. Assuming that this is the maximum speed
supported by the device, the reader immediately attempts to set the F and D parameters leading to these values.
PPS_request= $FF $10 $15 $FA
PPS_response = $FF $10 $15 $FA
The newly negotiated values are effective immediately following this exchange, so that the ETU, or duration
of one bit on I/O, will now be 23 clock cycles instead of 372.
Example:
The reader insists on negotiating Fn and Dn equal to the default values, even though these would be used by
default without the use of a PPS exchange. The two ways of doing this are by sending PPS1_request = $11 or
not sending PPS1_request at all.
PPS_request = $FF $10 $11 $FE
PPS_response = $FF $10 $11 $FE
or
PPS_request = $FF $00 $FF
PPS_response = $FF $00 $FF
Example:
Example:
The reader attempts to negotiate values that are not supported by the CryptoMemory device. In its response, the
CryptoMemory proposes to continue with F and D, by not sending PPS1_response. Even though new Fn and Dn
values aren’t negotiated, this scenario is still considered a “successful” exchange according to ISO 7816.
PPS_request = $FF $10 $45 $AA
PPS_response = $FF $00 $FF
If the reader attempts to change the protocol to any protocol other than T = 0, such as T = 1, the CryptoMemory
will indicate that it only supports T = 0.
PPS_request = $FF $01 $FE
PPS_response = $FF $00 $FF
CryptoMemory will only operate at baud rates above the default 9600 baud through a successful PPS
exchange. CryptoMemory cannot be set to higher baud rates through use of a TA(2)-byte in the ATR.
47
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4
Command Set
Table 9-2. Atmel CryptoMemory Asynchronous Command Set
Command Description
Normal (0104C-1616C)
CLA INS
P1
P2
P3
Data (N)
N-bytes
N-bytes
N-bytes
$00
$00
$00
$B0 ADDR
$B0 ADDR
$B0 ADDR
ADDR
ADDR
ADDR
N $10
N $40
N $80
Normal (3216C, 6416C)
Write User
Zone
Normal (12816C,
25616C)
B0
B2
with anti-tearing (all
devices)
$00
$00
$00
$00
$00
$B0 ADDR
$B2 ADDR
ADDR
ADDR
ADDR
ADDR
ADDR
N-bytes
N $08
Read User
Zone
N
Write Config Zone
$B4
$B4
$B4
$00
$00
$00
N-bytes
N-bytes
N-bytes
N $10
N $40
N $80
(Devices 0104C-1616C)
Write Config Zone
(Devices 3216C, 6416C)
Write Config Zone
(Devices 12816C,
25616C)
System
Write
B4
Write Fuses
$00
$00
$00
$00
$00
$00
$00
$00
$00
$B4
$B4
$B4
$B4
$B4
$B6
$B6
$B6
$B8
$01
$02
$03
$08
$0B
$00
$01
$02
$0X
Fuse ID
$00
$00
$02
Send Checksum
Set User Zone
2-bytes
N-bytes
Zone
ADDR
Zone
ADDR
$00
$00
Write Config Zone w/a-t
Set User Zone w/a-t
Read Config Zone
Read Fuse Byte
Read Checksum
Verify Authentication
N $08
$00
N
System
Read
B6
B8
$01
$00
$02
8-random bytes
$00
$10
+ 8-challenge bytes
X=key set (0-3)
Verify
Crypto
8-random bytes
+ 8-challenge bytes
X=key set (0-3)
Verify Encryption
$00
$B8
$1X
$00
$10
3-byte password
Write Password
Read Password
$00 $BA
$00 $BA
$0X
$1X
$00
$00
$03
$03
X=password set (0-7)
Verify
BA
Password
3-byte password
X=password set (0-7)
ꢀ
48
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.1 Status Words
Table 9-3. Atmel CryptoMemory Asynchronous Mode Status Words
SW1 SW2
Meaning
$62 $00
$67 $00
$69 $00
$6B $00
$6D $00
$90 $00
The memory is unchanged (waiting for checksum).
The length is incorrect.
The command is unauthorized.
The address is incorrect.
The instruction code is invalid.
The command was successfully executed.
These status words indicate the state of the device at the end of the command. In normal conditions, the device sends the INS
byte as the procedure byte, and $90 $00 as the final status word. In certain conditions described below, the device may
interrupt the command by returning a status word in place of INS as the procedure byte.
$62 $00 is returned as a status word after a write command when the device is waiting for the host to send a secure checksum
before initiating the write cycle. This will happen only in authentication mode and encryption mode.
$67 $00 is returned as a procedure byte when the number of data bytes to be transferred is incorrect.
$69 $00 is returned after read/write commands as procedure bytes if the host is not allowed to read/write at the address
provided. It is also returned after password and authentication commands if the maximum number of attempts has been
reached. The device will return $69 $00 as a final status word in place of $90 $00, if the password presentation, authentication
or encryption activation failed due to invalid data, or if any incoming command failed due to a bad checksum (MAC).
$6B $00 is returned as procedure bytes if the address is incorrect.
$6D $00 is returned as procedure bytes if the INS code received is not supported.
49
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.2 Example: Write EEPROM Command
The following illustrates the data exchanges that occur during a WRITE Operation of 4-bytes: $04, $09, $19, $97 to addresses
$02, $03, $04, $05 in the current user zone.
Host
Device
Val
Note
Start
CLA
INS
P1
**
Class (ignored by Atmel CryptoMemory)
Write Instruction
$B0
**
Address byte A1 (ignored by 0104C - 1616C)
Address byte A2 = $02
P2
$02
$04
$B0
$04
$09
$19
$97
P3
4-data bytes
INS
Device responds with INS code
Byte to be written at start address $02
Byte to be written at address $03
Byte to be written at address $04
Byte to be written at address $05
~5ms
Data
Data
Data
Data
Write Cycle
SW1
90
Write Operation Successful
Finish
SW2
$00
ꢀ
50
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.3 Write User Zone: $B0
9.4.3.1 Functional
Figure 9-2. Write User Zone Command Functional Description
Host
Device
Command
Address A1
Address A2
Number of bytes N
Data
N data bytes
…
Data
The write user zone command $B0 allows writing of data into the device's currently selected user zone (the procedure for
selecting a user zone is described in Section 9.4.5, System Write: $B4)
The maximum number of bytes that may be written is as follows;
$10 for AT88SC0104C through AT88SC1616C (EEPROM page size of 16-bytes)
$40 for AT88SC3216C and AT88SC6416C (EEPROM page size of 64-bytes)
$80 for AT88SC12816C and AT88SC25616C (EEPROM page size of-128 bytes)
Each data byte within a page must only be loaded once. In anti-tearing mode the maximum value for N is $08 for all devices. A
write in anti-tearing mode is activated with the set user zone with anti-tearing command (00 B4 0B zz 00); all subsequent
writes to the user zone will be in anti-tearing mode.
If the host is not allowed to write in the zone, the device will return the “Command Unauthorized” code ($69 $00) after it has
received the P3 byte.
Table 9-4. Write User Zone
Write User Zone Command
Data Sent
CLA
**
INS : Command
$B0
P1 : Address 1
0000 0000
P2 : Address 2
0a6-- ---a0
P3 : N
Data(1)
...
...
Data(N)
000n4 --- n0
d7--- ---d0
d7--- ---d0
51
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.4 Read User Zone: $B2
9.4.4.1 Functional
Figure 9-3. Read User Zone Command Functional Description
Host
Device
Read Command
Address A1
Address A2
Number of bytes N
Data
…
N data bytes
Data
The Read User Zone command $B2 allows reading of data from the device's currently selected user zone (the procedure for
selecting a user zone is described below under Section 9.4.5, System Write: $B4). The byte address is internally incremented
following the transmission of each data byte. During a read operation the address will roll-over from the last byte of the current
zone, to the first byte of the same zone.
If the host is not allowed to read the zone, the device will return the Command Unauthorized code ($69 $00) after it has
received the header.
Table 9-5. Read User Zone
User Read
Data Returned
CLA
**
INS : Command
$B2
P1 : Address 1
0000 0000
P2 : Address 2
0a6-- ---a0
P3 : N
Data(1)
d7--- ---d0
...
Data(N)
N7 --- n0
...
d7--- ---d0
ꢀ
52
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.5 System Write: $B4
9.4.5.1 Functional
Figure 9-4. System Write Command Functional Description
Host Device
Command
Address P1
Address P2
Number of bytes N
Data
N data bytes
…
Data
The system write command allows writing of system data to the device. Depending on the value of the P1 parameter, the host
may write data in the Configuration Memory, program the fuses, send a checksum, or set the user zone.
Table 9-6. System Write Command Detail
Command
CLA
INS
P1
P2
P3
Data(N)
Write Config Zone
$00
$B4
$00
ADDR
N-bytes
N $10
(Devices 0104C-1616C)
Write Config Zone
$00
$00
$B4
$B4
$00
$00
ADDR
ADDR
N-bytes
N-bytes
N $40
N $80
(Devices 3216C-6416C)
Write Config Zone
(Devices12816C-25616C)
Write Fuses
$00
$00
$00
$B4
$B4
$B4
$01
$02
$03
Fuse ID
$00
$00
$02
$00
Send Checksum
Set User Zone
2-bytes
Zone
The anti-tearing function is controlled by P1: the host may choose to write in the configuration memory with anti-tearing
enabled by setting P1 = $08 instead of $00. Similarly, the host may choose to activate anti-tearing for a user zone by carrying
out the set user zone command with P1 = $0B instead of $03. All subsequent write user zone commands are then carried out
with anti-tearing enabled until the next Set User Zone command. Anti-tearing should be turned off if not required, as it would
otherwise cause more write cycles than necessary.
Table 9-7. Anti-tearing
Command Description
CLA
INS
P1
P2
P3
Data(N)
Write Config Zone w/ a-t
Set User Zone w/ a-t
$00
$00
$B4
$B4
$08
$0B
ADDR
Zone
N-bytes
N $08
$00
53
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.5.2 Write Config Zone
The maximum number of bytes that may be written is as follows:
$10 for AT88SC0104C through AT88SC1616C (EEPROM page size of 16-bytes).
$40 for AT88SC3216C and AT88SC6416C (EEPROM page size of 64-bytes).
$80 for AT88SC12816C and AT88SC25616C (EEPROM page size of 128-bytes).
Each data byte within a page must only be loaded once. In anti-tearing mode the maximum value for N is $08 for all devices.
If the address provided at P2 is an unauthorized address, the device will return the Command Unauthorized code ($69 $00)
after it has received the header. Since access rights vary throughout the Configuration Memory, the host may provide an
authorized starting address, but a number of bytes that causes the device to reach unauthorized address. In this case, the
device will prevent the internal write cycle and no bytes will be written in the EEPROM. At the end of the command the
Command Unauthorized code ($69 $00) will be returned instead of $90 $00 to indicate that no write cycle occurred.
9.4.5.3 Write Fuses
The fuses may only be programmed, that is written from one to zero. The write fuses operation is only allowed after
successfully presenting the secure code (Write 7 Password). The fuses must be blown sequentially: FAB must be blown first,
CMA may be blown only if FAB is zero, and PER only if CMA is zero.
Table 9-8. Fuse Writing
Fuse
Fuse ID
FAB
CMA
PER
$06
$04
$00
9.4.6 Send Checksum
To write data to user zones that require authentication for write access (AM [1:0] = 01 or 00 in the access register), the host
should first carry out the write user zone command $B0, after which the device will return a special status word: $62 $00. This
indicates the memory is unchanged and the device is waiting for the host to provide a valid checksum before initiating the write
cycle. The host sends the checksum it has computed using the System Write command opcode $B4 with P1 = $02. Only if the
checksum is valid will the device initiate the write cycle; furthermore, if the device receives an incorrect checksum, it will clear
the authentication privilege.
9.4.6.1 Set User Zone
Before reading and writing data in the user zones, the host should select a zone with this command. At this time the host may
choose whether anti-tearing should be active for this zone.
Table 9-9. System Write
User Read
Data Returned
CLA
**
INS : Command
$B4
P1
P2
P3
Data(1)
d7--- ---d0
...
Data(N)
p7 --- p0
p7 --- p0
n7 --- n0
...
d7--- ---d0
ꢀ
54
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.7 System READ: $B6
9.4.7.1 Functional
Figure 9-5. System READ Command Functional Description
Host
Device
Read Command
Address P1
Address P2
Number of bytes N
Data
…
N data bytes
Data
The System Read command allows reading of the system data from the device. Depending on the value of the P1 parameter,
the host may read the data in the Configuration Memory, the fuses, or a checksum.
Table 9-10. System Read Command Detail
Command
CLA
INS
P1
P2
P3
Read Config Zone
Read Fuse Byte
Read Checksum
$00
$00
$00
$B6
$B6
$B6
$00
$01
$02
ADDR
$00
N
$01
$02
$00
9.4.7.2 Read Config Zone
To read 256-bytes, the host should set N = $00. This is true for any outgoing command, and is defined by ISO 7816-3. If the
address provided at P2 is an unauthorized address, the device will return the Command Unauthorized code ($69 $00) after it
has received the header. Since access rights vary throughout the Configuration Memory, the host may provide an authorized
starting address, but a number of bytes N that causes the device to reach unauthorized address. In this case, the device will
transmit the authorized bytes, but unauthorized bytes will be replaced by the fuse byte (see below). At the end of this
command, the Command Unauthorized code ($69 $00) will be returned instead of $90 $00 to indicate that some of the bytes
returned were not valid.
9.4.7.3 Read Fuse Byte
Fuse data is returned in the form of a single byte. Bits zero to three represent the fuse states; a value of zero indicates the
fuse has been blown. Bits four to seven are not used as security fuses and are reserved by Atmel.
Table 9-11. Fuse Byte Definition
F7
F6
F5
F4
F3
F2
F1
F0
resv
resv
resv
resv
SEC
PER
CMA
FAB
55
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.7.4 Read Checksum
The checksum consists of 2-bytes, and the Read Checksum command must be sent with parameter P3 = 2.
Table 9-12. System Read
System Read
Data Returned
CLA
**
INS : Command
$B6
P1
P2
P3
Data(1)
...
...
Data(N)
d7--- ---d0
p7 --- p0
p7 --- p0
n7 --- n0
d7--- ---d0
ꢀ
56
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.8 Verify Crypto: $B8
9.4.8.1 Functional
Figure 9-6. Verify Crypto Command Functional Description
Host
Device
Command
Key Index
Q1
Q2
Q3
Q4
8-random bytes
Q5
Q6
Q7
Q8
CH1
CH2
CH3
CH4
CH5
CH6
CH7
CH8
8-challenge bytes
When the device receives the Verify Crypto command, it computes a challenge based on the received random number, Q, the
internally stored associated cryptogram, Ci, and secret seed, Gi (or session encryption key, Si). The device also increments the
associated attempts counter. It then compares the computed challenge with the challenge sent by the host. If the challenges
match, the device computes and writes a new Ci and Si. The device utilizes the success or failure information of the
authentication process and updates the authentication attempts counter accordingly.
Key index:
b0000_00nn : Secret Seed G0-G3
b0001_00nn : Session Encryption Key S0-S3
Data :
Q : Host random number, 8-bytes
CH : Host challenge, 8-bytes
57
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 9-13. Verify Crypto
Verify Crypto
Data Sent
CLA
**
INS : Command
$B8
P1
P2
**
P3
Q1
Q8
d63--- ---d56
CH1
CH8
000e 00nn
$10
d7--- ---d0
d7--- ---d0
d63--- ---d56
The device increments the associated attempts counter each time prior to verifying the challenge, to prevent attacks. If the
authentication succeeds, the device memorizes this success, clears the attempts counter and returns $90 $00. If the
authentication fails, the device simply returns $69 $00. If the maximum number of trials has been exceeded, the device will
return $69 $00 instead of the INS code, after receiving the header, to indicate the command is unauthorized.
ꢀ
58
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
9.4.9 Verify Password: $BA
9.4.9.1 Functional
Figure 9-7. Verify Command Functional Description
Host Device
Command
Password Index
PW1
8-password bytes
PW2
PW3
Read password indices: $10 to $17 for passwords 0 to 7.
Write password indices: $00 to $07 for passwords 0 to 7.
Secure code index: $07 (equivalent to Write 7 Password).
Four password index bits “r” and “ppp” indicate the password to compare:
r = 0: Write password
r = 1: Read password
p2p1p0: Password set number
Table 9-14. Verify Password
Verify Password
Data Sent
CLA
**
INS : Command
$BA
P1
P2
**
P3
PW1
PW2
PW3
000r 0p2p1p0
$30
d7--- ---d0
d15--- ---d8
d23--- ---d16
If the maximum number of trials has been exceeded, the device will return $69 $00 instead of the INS code, after receiving the
header, to indicate the command is unauthorized. The device decrements the associated password attempts counter before
verifying the password, to prevent attacks. If the password is correct, the device memorizes this success, clears the attempts
counter and returns $90 $00. If the password is wrong, the device simply returns $69 $00 after decrementing the attempts
count. The Write 7 Password is also known as the Secure Code and must be properly presented before write access to the
configuration memory is granted when personalizing the device.
59
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
10. Initialization Example
The first step in initializing CryptoMemory is to determine what data is to be stored in the device and what the security settings
need to be to protect this data. Once defined, determine the proper settings for CryptoMemory registers and select values for
passwords. To initialize the CryptoMemory device, the following sequence is recommended to take place in a secure location
to protect sensitive data and passwords that may be loaded into the device.
10.1 Write Data to User Zones
In Atmel default configuration form, all user zones have free access rights. Writing initial data into the user zones should be
done before setting security configurations. Use the Set User Zone command and Write User Zone command to write initial
data into the user zones. The Read User Zone command may be used to verify the data written.
10.2 Unlock the Configuration Memory
Before any data can be written to the Configuration Memory, it must be unlocked by presenting the correct security code
(Write 7 Password). Use the Verify Password command with the proper secure code supplied by Atmel to unlock the
Configuration Memory. Use the Read Config Zone command to read back the security code at address $E9 for verification that
the Configuration Memory has been unlocked.
10.3 Write Data to the Configuration Memory
Writing this data is accomplished by performing the Write Config Zone command at the appropriate address location. The
Read Config Zone command may be used to verify the data written. As soon as values are written to the registers, keys, and
passwords, they become effective in determining the security of the user zones.
10.4 Set Security Fuses
Once all data is written and verified into user zones and the Configuration Memory, the security fuses should be set before the
device is released from the secure location used for device initialization. There are three fuses, FAB, CMA and PER which
must be set. These three fuses must be set in the order listed (FAB, then CMA, then PER). The write fuse command is used to
set each of the three fuses individually. The Read Fuse command may be used to check the status of all three fuses. Once all
fuses have been set, the Read Fuse command should return a value of zero for the second nibble of the fuse byte.
AT88SC0104C is used for this example. A small pattern is written into the first four user zones. Security for each of these four
user zones and the associated register values are shown in the table below. Simple values for passwords are used.
Table 10-1. Zone Configuration Example
User Zone
Data
Security Requirements
Access Register
Password/Key Register
0
1
2
Zone 0
Zone 1
Zone 2
None
$FF
$7F
$DF
$FF
$F9
$BF
Read/Write Password (Set 1)
Read/Write Authentication (Set 2)
Read/Write Password (Set 1),
Read/Write Authentication (Set 2)
with Encryption Required
3
Zone 3
$57
$B9
ꢀ
60
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
The following shows the TPDU commands sent to the CryptoMemory device for the purpose of initializing the device. The flow
is consistent with the steps described above; comments have been added as indicated with an asterisk (*).
*Atmel AT88SC0104C Initialization Example
*WRITE DATA TO USER ZONES
*Set User Zone 0
00 B4 03 00 00
*Write data = Zone 0 Data
00 B0 00 00 0B 5A 6F 6E 65 20 30 20 44 61 74 61
*Set User Zone 1
00 B4 03 01 00
*Write data = Zone 1 Data
00 B0 00 00 0B 5A 6F 6E 65 20 31 20 44 61 74 61
*Set User Zone 2
00 B4 03 02 00
*Write data = Zone 2 Data
00 B0 00 00 0B 5A 6F 6E 65 20 32 20 44 61 74 61
*Set User Zone 3
00 B4 03 03 00
*Write data = Zone 3 Data
00 B0 00 00 0B 5A 6F 6E 65 20 33 20 44 61 74 61
*UNLOCK CONFIGURATION MEMORY
00 BA 07 00 03 DD 42 97
*WRITE CODES IN CONFIGURATION MEMORY
*Write Card Mfg Code = P001
00 B4 00 0B 04 50 30 30 31
*Write Identification Number = 00000000012345
00 B4 00 19 07 00 00 00 00 01 23 45
*Write Issuer Code = STATION 035
00 B4 00 40 10 53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00
*WRITE REGISTERS IN CONFIGURATION MEMORY
*Write Registers AR1/PR1 = 7F F9, AR2/PR2 = DF BF, AR3/PR3 = 57 B9
00 B4 00 22 06 7F F9 DF BF 57 B9
*WRITE KEYS IN CONFIGURATION MEMORY
*Write Ci for set 2 = 22222222222222
00 B4 00 71 07 22 22 22 22 22 22 22
*Write Gc for set 2 = 5B4F9AE4B5098BE7
00 B4 00 A0 08 5B 4F 9A E4 B5 09 8B E7
*WRITE PASSWORDS IN CONFIGURATION MEMORY
*Write Passwords, read 7 = 10 00 01, write 7 = 11 00 11
00 B4 00 B9 07 11 00 11 FF 10 00 01
*READ ENTIRE CONFIGURATION MEMORY TO VERIFY
00 B6 00 00 F0
61
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
*Device Response:
3B B2 11 00 10 80 00 01 10 10 FF 50 30 30 31 FF
8C AD A8 10 0A AB FF FF FB 00 00 00 00 01 23 45
FF FF 7F F9 DF BF 57 B9 FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
53 54 41 54 49 4F 4E 20 30 33 35 00 00 00 00 00
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF 22 22 22 22 22 22 22 FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
5B 4F 9A E4 B5 09 8B E7 D8 FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF 11 00 11 FF 10 00 01
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
*SET SECURITY FUSES
*Set FAB Fuse
00 B4 01 06 00
*Set CMA Fuse
00 B4 01 04 00
*Set PER Fuse
00 B4 01 00 00
*Read Fuse Byte = X0
00 B6 01 00 01
*Device Response:
00
90 00
power_off
ꢀ
62
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
11. Absolute Maximum Ratings*
*NOTICE: Stresses beyond those listed under “Absolute
Maximum Ratings” may cause permanent damage to
the device. This is a stress rating only and functional
operation of the device at these or any other condition
beyond those indicated in the operational sections of
this specification is not implied. Exposure to absolute
maximum rating conditions for extended periods of
time may affect device reliability.
Operating temperature....................−40°C to +85°C
Storage temperature ...................−65°C to + 150°C
Voltage on any pin
with respect to ground ...............− 0.7 to VCC +0.7V
Maximum operating voltage................................ 6V
DC output current ............................................ 5mA
11.1 DC and AC Characteristics
Table 11-1. DC Characteristics
Applicable over recommended operating range from VCC = +2.7 to 5.5V, TAC = -40°C to +85°C (unless otherwise noted)
Symbol Parameter
Supply Voltage
Test Condition
Min
Typ
Max
Units
VCC
ICC
ICC
ICC
ICC
ISB
VIL
VIL
VIL
VIH
VIH
VIH
IIL
2.7
5.5
V
mA
mA
mA
mA
A
V
Supply Current (VCC = 5.5V)
Supply Current (VCC = 5.5V)
Supply Current (VCC = 5.5V)
Supply Current (VCC = 5.5V)
Standby Current (VCC = 5.5V)
SDA/IO Input Low Voltage(1)
Clock Input Low Voltage(1)
RST Input Low Voltage(1)
SDA/IO Input High Voltage(1)
SCL/CLK Input High Voltage(1)
RST Input High Voltage(1)
SDA/IO Input Low Current
SCL/CLK Input Low Current
RST Input Low Current
Async Read at 3.57MHz
Async Write at 3.57MHz
Synch Read at 1MHz
Synch Write at 1MHz
VIN = VCC or GND
5
5
5
5
100
VCC x 0.2
VCC x 0.2
VCC x 0.2
VCC
VCC
VCC
15
0
0
V
0
V
VCC x 0.7
VCC x 0.7
VCC x 0.7
V
V
V
0 < VIL < VCC x 0.15
0 < VIL < VCC x 0.15
0 < VIL < VCC x 0.15
VCC x 0.7 < VIH < VCC
VCC x 0.7 < VIH < VCC
VCC x 0.7 < VIH < VCC
20K ohm external pull-up
IOL = 1mA
A
A
A
A
A
A
V
IIL
15
IIL
50
IIH
SDA/IO Input High Current
SCL/CLK Input High Current
RST Input High Voltage
20
IIH
100
150
VCC
IIH
VOH
VOL
SDA/IO Output High Voltage
SDA/IO Output Low Voltage
VCC x 0.7
0
VCC
x
V
0.15
IOH
SDA/IO Output High Current
VOH
20
A
Note:
1. VIL min and VIH max are reference only and are not tested.
63
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Table 11-2. AC Characteristics
Applicable over recommended operating range from VCC = +2.7 to 5.5V, TAC = -40°C to +85°C (unless otherwise noted)
Symbol Parameter
Min
Max
Units
fCLK
fCLK
fCLK
Async Clock Frequency (VCC range: +4.5 - 5.5V)
1
1
5
MHz
MHz
MHz
%
Async Clock Frequency (VCC range: +2.7 - 3.3V)
Synch Clock Frequency
Clock Duty cycle
4
0
1
40
60
tR
Rise Time – SDA/IO, RST
Fall Time – SDA/IO, RST
Rise Time – SCL/CLK
Fall Time – SCL/CLK
Clock Low to Data Out Valid
Start Hold Time
1
s
tF
1
s
tR
9% x period
9% x period
35
s
tF
s
tAA
s
tHD.STA
tSU.STA
tHD.DAT
tSU.DAT
tSU.STO
tDH
200
200
10
ns
Start Set-up Time
ns
Data In Hold Time
ns
Data In Set-up Time
100
200
20
ns
Stop Set-up Time
ns
Data Out Hold Time
ns
tWR
Write Cycle Time (at 25° C)
Write Cycle Time
5
7
ms
ms
tWR
ꢀ
64
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
11.2 Timing Diagrams for Synchronous Communications
Figure 11-1. Bus Timing
tHIGH
tF
tLOW
tR
tLOW
SCL
tSU.STA
tHD.STA
tHD.DAT
tSU.DAT
tSU.STO
SDA IN
tAA
tDH
tBUF
SDA OUT
Figure 11-2. Write Cycle Timing
SCL
ACK
SDA
8th BIT
WORDn
(1)
t
WR
START
CONDITION
STOP
CONDITION
Note:
The write cycle time tWR is the time from a valid stop condition of a write sequence to the end of the internal
clear/write cycle
65
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Figure 11-3. Data Validity
Figure 11-4. Start and Stop Definition
Figure 11-5. Output Acknowledge
1
8
9
SCL
DATA IN
DATA OUT
START
ACKNOWLEDGE
ꢀ
66
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
12. DC Tamper Detection Limits
The CryptoMemory device family incorporates several tamper detection circuits to prohibit operation outside the limits of
reliable circuit operation.
12.1 High Voltage and Low Voltage Limit
If VCC is taken below or above these voltage limits the device will enter a reset sequence once VCC is returned to normal levels
and before the device operation can begin again.
12.2 Minimum Clock Pulse
In synchronous operation if the clock pulse width falls below the limit of this circuit the device will enter a reset sequence.
12.3 Maximum Clock Frequency
In asynchronous operation if the clock frequency exceeds the limit of this circuit the device will enter a reset sequence.
12.4 Power On Reset (POR) Delay
Anytime the device is reset either on initial power up or by a tamper detection circuit, there is a time delay from when normal
conditions are restored to when the device may be operated. During this reset sequence all security flags within the device are
reset to their initial values.
12.5 Noise Suppression
Pulses of short duration on SCL/CLK, SDA/IO, and RST are ignored if they fall below the threshold of this circuit. The pulses
are filtered out and the device does not enter the reset sequence.
Table 12-1. Tamper Detection
Applicable over recommended operating range from TAC = -40° to +85° C (unless otherwise noted).
Symbol
Parameter
Test Condition
Min
Typ
Max
Units
VCC
VCC
tCLK
fCLK
tPOR
tSUP
High Voltage Limit
6.0
2.0
200
12
6.5
2.4
280
14
V
V
Low Voltage Limit
Minimum CLK Pulse Width
Minimum CLK Frequency
POR Delay
Synchronous Operation
Asynchronous Operation
ns
MHz
s
10
70
Min. SCL, SDA, RST Pulse
50
200
ns
67
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
13. Ordering Information
Delivery Information
Form Quantity
Voltage
Range
Atmel Ordering Code
Package
Temperature Range
AT88SCxxxxC-MJ
M2 – J Module - ISO
M2 – P Module - ISO
M2 – J Module - TWI
M2 – P Module - TWI
8P3
Commercial
Temperature
(0°C to 70°C)
AT88SCxxxxC-MP
AT88SCxxxxC-MJTG
AT88SCxxxxC-MPTG
AT88SCxxxxC-PU
AT88SC3216C-SU
AT88SC3216C-SU-T
AT88SC6416C-SU
AT88SC6416C-SU-T
AT88SC12816C-SU
AT88SC12816C-SU-T
AT88SC25616C-SU
AT88SC25616C-SU-T
AT88SC0104C-SH
AT88SC0104C-SH-T
AT88SC0204C-SH
AT88SC0204C-SH-T
AT88SC0404C-SH
AT88SC0404C-SH-T
AT88SC0808C-SH
AT88SC0808C-SH-T
AT88SC1616C-SH
AT88SC1616C-SH-T
Tape and Reel
—
Bulk (Tubes)
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
Bulk (Tubes)
Tape and Reel
50 per Tube
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
100 per Tube
4,000 per Reel
2.7V to 5.5V
Green Compliant
(Exceeds RoHS)
Industrial Temperature
(-40°C to 85°C)
8S1
Industrial Temperature
(-40°C to 85°C)
AT88SCxxxxC-WI
7 mil wafer
—
—
Note:
Ordering Codes are valid for all devices covered by this datasheet. (See P.1 for a complete list)
Package Type(1) (2)
Description
M2 – J Module : ISO or TWI
M2 ISO 7816 Smart Card Module
M2 ISO 7816 Smart Card Module with Atmel® Logo
8-lead, 0.300” wide, Plastic Dual Inline (PDIP)
8-lead, 0.150” wide, Plastic Gull Wing Small Outline (JEDEC SOIC)
M2 – P Module : ISO or TWI
8P3
8S1
Notes: 1. Formal drawings may be obtained from an Atmel sales office.
2. Both the J and P module packages are used for either ISO (T=0 / 2-Wire mode) or TWI (2-Wire mode only).
ꢀ
68
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14. Package Marking Information
14.1 AT88SC0104C
AT88SC0104C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
0104C
U YYWW
AT88SC
0104C
H YMXX @
No Bottom side mark (this package)
designates pin 1
Note 1:
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
Y = Year
2: 2012
3: 2013
4: 2014
5: 2015
M = Month
U: Industrial/Matte Tin
H: Industrial/NiPdAu
02:Week 2
04:Week 4
...
A = January
B = February
...
52:Week 52
L = December
Country of Assembly
Lot Number
Marked on Bottom side for the PDI P only!
Atmel Truncation
@ = Country of Assembly
AT: Atmel
Marked on Bottom side unless in
Injector Mold for PDI P only!
Trace Code
XX = Trace Code (Atmel Lot Numbers to Correspond to Code)
Example: AA, AB.... YZ, ZZ
3/5/12
REV.
TITLE
DRAWING NO.
88SC0104CSM
88SC0104CSM, AT88SC0104C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
69
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.2 AT88SC0204C
AT88SC0204C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
0204C
U YYWW
AT88SC
0204C
H YMXX @
No Bottom side mark (this package)
designates pin 1
Note 1:
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
Y = Year
2: 2012
3: 2013
4: 2014
5: 2015
M = Month
U: Industrial/Matte Tin
H: Industrial/NiPdAu
02:Week 2
04:Week 4
...
A = January
B = February
...
52:Week 52
L = December
Country of Assembly
Lot Number
Marked on Bottom side for the PDI P only!
Atmel Truncation
@ = Country of Assembly
AT: Atmel
Marked on Bottom side unless in
Injector Mold for PDI P only!
Trace Code
XX = Trace Code (Atmel Lot Numbers to Correspond to Code)
Example: AA, AB.... YZ, ZZ
3/5/12
REV.
TITLE
DRAWING NO.
88SC0204CSM
88SC0204CSM, AT88SC0204C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
ꢀ
70
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.3 AT88SC0404C
AT88SC0404C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
0404C
U YYWW
AT88SC
0404C
H YMXX @
No Bottom side mark (this package)
designates pin 1
Note 1:
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
Y = Year
2: 2012
3: 2013
4: 2014
5: 2015
M = Month
U: Industrial/Matte Tin
H: Industrial/NiPdAu
02:Week 2
04:Week 4
...
A = January
B = February
...
52:Week 52
L = December
Country of Assembly
Lot Number
Marked on Bottom side for the PDI P only!
Atmel Truncation
@ = Country of Assembly
AT: Atmel
Marked on Bottom side unless in
Injector Mold for PDI P only!
Trace Code
XX = Trace Code (Atmel Lot Numbers to Correspond to Code)
Example: AA, AB.... YZ, ZZ
3/5/12
REV.
TITLE
DRAWING NO.
88SC0404CSM
88SC0404CSM, AT88SC0404C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
71
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.4 AT88SC0808C
AT88SC0808C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
0808C
U YYWW
AT88SC
0808C
H YMXX @
No Bottom side mark (this package)
designates pin 1
Note 1:
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
Y = Year
2: 2012
3: 2013
4: 2014
5: 2015
M = Month
U: Industrial/Matte Tin
H: Industrial/NiPdAu
02:Week 2
04:Week 4
...
A = January
B = February
...
52:Week 52
L = December
Country of Assembly
Lot Number
Marked on Bottom side for the PDI P only!
Atmel Truncation
@ = Country of Assembly
AT: Atmel
Marked on Bottom side unless in
Injector Mold for PDI P only!
Trace Code
XX = Trace Code (Atmel Lot Numbers to Correspond to Code)
Example: AA, AB.... YZ, ZZ
3/5/12
REV.
TITLE
DRAWING NO.
88SC0808CSM
88SC0808CSM, AT88SC0808C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
ꢀ
72
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.5 AT88SC1616C
AT88SC1616C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
1616C
U YYWW
AT88SC
1616C
H YMXX @
No Bottom side mark (this package)
designates pin 1
Note 1:
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
Y = Year
2: 2012
3: 2013
4: 2014
5: 2015
M = Month
U: Industrial/Matte Tin
H: Industrial/NiPdAu
02:Week 2
04:Week 4
...
A = January
B = February
...
52:Week 52
L = December
Country of Assembly
Lot Number
Marked on Bottom side for the PDI P only!
Atmel Truncation
@ = Country of Assembly
AT: Atmel
Marked on Bottom side unless in
Injector Mold for PDI P only!
Trace Code
XX = Trace Code (Atmel Lot Numbers to Correspond to Code)
Example: AA, AB.... YZ, ZZ
3/5/12
REV.
TITLE
DRAWING NO.
88SC1616CSM
88SC1616CSM, AT88SC1616C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
73
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.6 AT88SC3216C
AT88SC3216C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
3216C
U YYWW
AT88SC
3216C
U
YYWW
Note 1:
designates pin 1
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
02: Week 2
04: Week 4
...
U: Industrial/Matte Tin
16: 2016
17: 2017
18: 2018
19: 2019
52: Week 52
Country of Assembly
Lot Number
Marked on Bottom side
Atmel Truncation
Marked on Bottom side unless in
Injector Mold
AT: Atmel
3/5/12
REV.
TITLE
DRAWING NO.
88SC3216CSM
88SC3216CSM, AT88SC3216C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
ꢀ
74
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.7 AT88SC6416C
AT88SC6416C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
6416C
U YYWW
AT88SC
6416C
U
YYWW
Note 1:
designates pin 1
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
02: Week 2
04: Week 4
...
U: Industrial/Matte Tin
16: 2016
17: 2017
18: 2018
19: 2019
52: Week 52
Country of Assembly
Lot Number
Marked on Bottom side
Atmel Truncation
Marked on Bottom side unless in
Injector Mold
AT: Atmel
3/5/12
REV.
TITLE
DRAWING NO.
88SC6416CSM
88SC6416CSM, AT88SC6416C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
75
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.8 AT88SC12816C
AT88SC12816C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
12816C
U YYWW
AT88SC
12816C
U
YYWW
Note 1:
designates pin 1
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
02: Week 2
04: Week 4
...
U: Industrial/Matte Tin
16: 2016
17: 2017
18: 2018
19: 2019
52: Week 52
Country of Assembly
Lot Number
Marked on Bottom side
Atmel Truncation
Marked on Bottom side unless in
Injector Mold
AT: Atmel
3/5/12
REV.
TITLE
DRAWING NO.
88SC12816CSM
88SC12816CSM, AT88SC12816C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
ꢀ
76
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
14.9 AT88SC25616C
AT88SC25616C: Package Marking Information
8-lead PDIP
8-lead SOIC
AT88SC
25616C
U YYWW
AT88SC
25616C
U
YYWW
Note 1:
designates pin 1
Note 2: Package drawings are not to scale
Date Codes
Grade/Lead Finish Material
YY = Year
12: 2012
13: 2013
14: 2014
15: 2015
WW = Work Week of Assembly
02: Week 2
04: Week 4
...
U: Industrial/Matte Tin
16: 2016
17: 2017
18: 2018
19: 2019
52: Week 52
Country of Assembly
Lot Number
Marked on Bottom side
Atmel Truncation
Marked on Bottom side unless in
Injector Mold
AT: Atmel
3/5/12
REV.
TITLE
DRAWING NO.
88SC25616CSM
88SC25616CSM, AT88SC25616C Package Marking Information
Package Mark Contact:
DL-CSO-Assy_eng@atmel.com
A
77
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
15. Revision History
Doc. Rev.
5211F
5211E
5211D
5211C
5211B
5211A
Date
Comments
03/2015
02/2014
12/2011
01/2010
01/2010
06/2010
Added JEDEC SOIC tape and reel package options.
Added package marking information and updated Atmel logos and disclaimer page.
Updated template and edited ordering information.
Added MJTG module and added Ordering Information.
Converted to MS Word.
Initial document release.
ꢀ
78
AT88SC0104C/0204C/0404C/0808C/1616C/3216C/6416C/12816C/25616C [Datasheet]
Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015
Atmel Corporation
1600 Technology Drive, San Jose, CA 95110 USA
T: (+1)(408) 441.0311
F: (+1)(408) 436.4200
│
www.atmel.com
© 2015 Atmel Corporation. / Rev.:Atmel-5211F-CryptoMem-Full-Specification-Datasheet_032015.
Atmel®, Atmel logo and combinations thereof, Enabling Unlimited Possibilities®, CryptoMemory®, and others are registered trademarks or trademarks of Atmel
Corporation in U.S. and other countries. Other terms and product names may be trademarks of others.
DISCLAIMER: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is
granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND CONDITIONS OF SALES LOCATED ON THE ATMEL
WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE
FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS AND PROFITS,
BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to
make changes to specifications and products descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Unless specifically
provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel products are not intended, authorized, or warranted for use as components in
applications intended to support or sustain life.
SAFETY-CRITICAL, MILITARY, AND AUTOMOTIVE APPLICATIONS DISCLAIMER: Atmel products are not designed for and will not be used in connection with any applications where the
failure of such products would reasonably be expected to result in significant personal injury or death (“Safety-Critical Applications”) without an Atmel officer's specific written consent. Safety-
Critical Applications include, without limitation, life support devices and systems, equipment or systems for the operation of nuclear facilities and weapons systems. Atmel products are not
designed nor intended for use in military or aerospace applications or environments unless specifically designated by Atmel as military-grade. Atmel products are not designed nor intended for
use in automotive applications unless specifically designated by Atmel as automotive-grade.
相关型号:
AT88SC12816C-Y4U
EEPROM, 128KX1, Serial, CMOS, 6 X 4.90 MM, LEAD FREE AND HALOGEN FREE, SAP-8
MICROCHIP
©2020 ICPDF网 联系我们和版权申明