Microchip ATSHA204A Manual
Microchip
Ikke kategoriseret
ATSHA204A
Læs gratis den danske manual til Microchip ATSHA204A (18 sider) i kategorien Ikke kategoriseret. Denne vejledning er vurderet som hjælpsom af 20 personer og har en gennemsnitlig bedømmelse på 4.5 stjerner ud af 10.5 anmeldelser. Har du et spørgsmål om Microchip ATSHA204A, eller vil du spørge andre brugere om produktet?
Side 1/18
CryptoAuthentication™ Product Uses
Abstract
Companies are continuously searching for ways to protect property using
various implementations of security; however the cost of implementation can
drive companies away from effective hardware solutions to less secure
software solutions. With the introduction of the AT88SA10HS/102S devices,
affordable hardware security is now in reach and can provide exceptional
protection for:
CryptoAuthentication
Product Uses
AT88SA10HS
AT88SA102S
Application Note
8663B–SMEM–3/09
Confidential file protection
Embedded software anti-cloning
Development system anti-cloning
Media transmission encryption
USB security dongles
Securing wireless or other radio transmission nodes
Authentication for data over power lines
Physical access control
Electronic lockers
Hardware user authentication
Consumable product authentication
Battery authentication.
1. Overview
This document provides an introduction to the Atmel AT88SA10HS/102S
CryptoAuthentication devices. These exceptional devices enable solutions to
countless problems across many industries. The use cases outlined in this
document will provide a brief description of possible applications for the
AT88SA10HS/102S devices and how they can be implemented.
2. AT88SA10HS/102S Introduction
To understand the operations and applications explained later in this
document you will first need to have a basic understanding of the
AT88SA10HS/102S devices and how they work. The AT88SA10HS and
AT88SA102S were developed to work together. The AT88SA102S is
designed to be embedded in the product that is protected or authenticated
(client) and the AT88SA10HS device is designed to be placed in the
validating system (host). The AT88SA102S client device can be used with or
without the host side device. When the AT88SA102S is used without the
host side AT88SA10HS chip the host microcontroller must store secret
information in order to perform the validation of the client. Having the secret
information stored in the embedded source code presents a security risk as
the secrets may be ascertained with little effort. For the strongest security
the AT88SA10HS host device should be used; this keeps the customer’s
secret keys protected securely in hardware away from hackers attempting to
reverse engineer the host embedded code.
2 CryptoAuthentication™ Product Uses
8663B–SMEM–3/09
The AT88SA10HS/102S devices uses a cutting edge SHA-256 engine embedded in hardware as the heart of their
security architectures. In the most basic operation the device is sent a challenge to which it will respond with a unique
response that only it can produce. Since challenge and response pairs are nearly infinite for each device, each device
can be used indefinitely without fear of repeating the same challenge-response pair. The response generated by the
device is created by hashing the input challenge with a secret key stored in protected memory thus a particular device
will always respond exactly the same to a given challenge. A product using the AT88SA10HS/102S can be configured
so that the entire product line uses the same key or so that each device has a unique key. The response that a
particular device will produce can only be reproduced by something that knows the key that is stored in the device.
3. Secure Key Exchange
In addition, the AT88SA102S device can be used for secure key exchange. If the device is used in conjunction with a
symmetric encryption algorithm such as AES or DES an end-to-end encrypted transmission can be created. In the case
of symmetric encryption the weakest link is securely transferring the keys to encrypt and decrypt the data at each end.
The AT88SA102S can facilitate this by using the unique response produced by the device as a key to the symmetric
encryption algorithm. This is done be sending a random challenge to a system that contains the key stored in the
AT88SA102S and then encrypting the message with the system response. The message and the random challenge
are then sent to the client device where the challenge is feed into AT88SA102S and the response from the
CryptoAuthentication chip is used as a key to decrypt the message.
4. Key Diversification
Key diversification is highly recommended when using the CryptoAuthentication device. The device is designed with an
embedded 265bit key that is never exposed. This 256 bit key is always used during the MAC hashing operation of the
SHA-256 engine, however, additional bits can be incorporated into the result as well. CryptoAuthentication also
provides a 62 bit customer secret that can be burned into fuses in the device once, and after which can never be read.
In addition to the 62 bit secret an additional 23 bits of incremental blow fuses can be used as needed by the customer.
All of these methods as well as the incorporation of the devices unique serial number can be used in the key
diversification schema. When these values are added into the MAC the response then becomes an output of all of the
values. This makes a strong diversification configuration for the CryptoAuthentication device. When using diversified
keys a source of compromise can be isolated easier and a remedy implemented much more rapidly. The incremental
burn fuses provided by the AT88SA102S can also be used to provide a consumable usage tracking or to limit device
usage cycles.
5. Programming Services
To enable a greater scale of control of secrets when diversified keys are utilized, Atmel offers a secure programming
service. This programming service provides several key components which implement an end to end management and
secret insertion for production devices programmed during manufacturing at Atmel facilities. The service provides for
secure transport of customer secrets directly to the manufacturing facility and delivering their secrets to their devices.
This service enables customers to minimize the risk of secret compromise by limiting exposure of the secrets to key
personnel, maintaining confidentiality, providing accountability for units programmed, and by verifying that the devices
are locked down properly.
Note: For additional security information read the “CryptoAuthentication High Level Security Design” which gives a
detailed explanation of the security offered by the CryptoAuthentication family of devices.
Produkt Specifikationer
| Mærke: | Microchip |
| Kategori: | Ikke kategoriseret |
| Model: | ATSHA204A |
Har du brug for hjælp?
Hvis du har brug for hjælp til Microchip ATSHA204A stil et spørgsmål nedenfor, og andre brugere vil svare dig
Ikke kategoriseret Microchip Manualer
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
Ikke kategoriseret Manualer
- Fromm & Starck
- Christmaxx
- Raidsonic
- Horizon Fitness
- Violectric
- Wëasy
- Blue Sky
- Benidub
- Interphone
- NAV-TV
- Husky
- Proel
- Hikvision
- Muama
- Texas Instruments
Nyeste Ikke kategoriseret Manualer
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025
17 Juni 2025