Microchip ATSHA204A Manual

Microchip Ikke kategoriseret ATSHA204A

Læs gratis den danske manual til Microchip ATSHA204A (18 sider) i kategorien Ikke kategoriseret. Denne vejledning er vurderet som hjælpsom af 28 personer og har en gennemsnitlig bedømmelse på 4.3 stjerner ud af 14.5 anmeldelser. Har du et spørgsmål om Microchip ATSHA204A, eller vil du spørge andre brugere om produktet?

Download PDF

Side 1/18

CryptoAuthentication™ Product Uses

Abstract

Companies are continuously searching for ways to protect property using

various implementations of security; however the cost of implementation can

drive companies away from effective hardware solutions to less secure

software solutions. With the introduction of the AT88SA10HS/102S devices,

affordable hardware security is now in reach and can provide exceptional

protection for:

CryptoAuthentication

Product Uses

AT88SA10HS

AT88SA102S

Application Note

8663B–SMEM–3/09

 Confidential file protection

 Embedded software anti-cloning

 Development system anti-cloning

 Media transmission encryption

 USB security dongles

 Securing wireless or other radio transmission nodes

 Authentication for data over power lines

 Physical access control

 Electronic lockers

 Hardware user authentication

 Consumable product authentication

 Battery authentication.

1. Overview

This document provides an introduction to the Atmel AT88SA10HS/102S

CryptoAuthentication devices. These exceptional devices enable solutions to

countless problems across many industries. The use cases outlined in this

document will provide a brief description of possible applications for the

AT88SA10HS/102S devices and how they can be implemented.

2. AT88SA10HS/102S Introduction

To understand the operations and applications explained later in this

document you will first need to have a basic understanding of the

AT88SA10HS/102S devices and how they work. The AT88SA10HS and

AT88SA102S were developed to work together. The AT88SA102S is

designed to be embedded in the product that is protected or authenticated

(client) and the AT88SA10HS device is designed to be placed in the

validating system (host). The AT88SA102S client device can be used with or

without the host side device. When the AT88SA102S is used without the

host side AT88SA10HS chip the host microcontroller must store secret

information in order to perform the validation of the client. Having the secret

information stored in the embedded source code presents a security risk as

the secrets may be ascertained with little effort. For the strongest security

the AT88SA10HS host device should be used; this keeps the customer’s

secret keys protected securely in hardware away from hackers attempting to

reverse engineer the host embedded code.

2 CryptoAuthentication™ Product Uses

8663B–SMEM–3/09

The AT88SA10HS/102S devices uses a cutting edge SHA-256 engine embedded in hardware as the heart of their

security architectures. In the most basic operation the device is sent a challenge to which it will respond with a unique

response that only it can produce. Since challenge and response pairs are nearly infinite for each device, each device

can be used indefinitely without fear of repeating the same challenge-response pair. The response generated by the

device is created by hashing the input challenge with a secret key stored in protected memory thus a particular device

will always respond exactly the same to a given challenge. A product using the AT88SA10HS/102S can be configured

so that the entire product line uses the same key or so that each device has a unique key. The response that a

particular device will produce can only be reproduced by something that knows the key that is stored in the device.

3. Secure Key Exchange

In addition, the AT88SA102S device can be used for secure key exchange. If the device is used in conjunction with a

symmetric encryption algorithm such as AES or DES an end-to-end encrypted transmission can be created. In the case

of symmetric encryption the weakest link is securely transferring the keys to encrypt and decrypt the data at each end.

The AT88SA102S can facilitate this by using the unique response produced by the device as a key to the symmetric

encryption algorithm. This is done be sending a random challenge to a system that contains the key stored in the

AT88SA102S and then encrypting the message with the system response. The message and the random challenge

are then sent to the client device where the challenge is feed into AT88SA102S and the response from the

CryptoAuthentication chip is used as a key to decrypt the message.

4. Key Diversification

Key diversification is highly recommended when using the CryptoAuthentication device. The device is designed with an

embedded 265bit key that is never exposed. This 256 bit key is always used during the MAC hashing operation of the

SHA-256 engine, however, additional bits can be incorporated into the result as well. CryptoAuthentication also

provides a 62 bit customer secret that can be burned into fuses in the device once, and after which can never be read.

In addition to the 62 bit secret an additional 23 bits of incremental blow fuses can be used as needed by the customer.

All of these methods as well as the incorporation of the devices unique serial number can be used in the key

diversification schema. When these values are added into the MAC the response then becomes an output of all of the

values. This makes a strong diversification configuration for the CryptoAuthentication device. When using diversified

keys a source of compromise can be isolated easier and a remedy implemented much more rapidly. The incremental

burn fuses provided by the AT88SA102S can also be used to provide a consumable usage tracking or to limit device

usage cycles.

5. Programming Services

To enable a greater scale of control of secrets when diversified keys are utilized, Atmel offers a secure programming

service. This programming service provides several key components which implement an end to end management and

secret insertion for production devices programmed during manufacturing at Atmel facilities. The service provides for

secure transport of customer secrets directly to the manufacturing facility and delivering their secrets to their devices.

This service enables customers to minimize the risk of secret compromise by limiting exposure of the secrets to key

personnel, maintaining confidentiality, providing accountability for units programmed, and by verifying that the devices

are locked down properly.

Note: For additional security information read the “CryptoAuthentication High Level Security Design” which gives a

detailed explanation of the security offered by the CryptoAuthentication family of devices.

Produkt Specifikationer

Mærke:	Microchip
Kategori:	Ikke kategoriseret
Model:	ATSHA204A

Har du brug for hjælp?

Hvis du har brug for hjælp til Microchip ATSHA204A stil et spørgsmål nedenfor, og andre brugere vil svare dig

Dit navn*

Din email*

Skriv dit spørgsmål her

Ikke kategoriseret Microchip Manualer

Microchip AT7913 Manual

1 September 2025

Microchip ATmega1281 Manual

19 Juli 2025

Microchip ATtiny461 Manual

19 Juli 2025

Microchip ATxmega128D3 Manual

19 Juli 2025

Microchip ATxmega128D4 Manual

19 Juli 2025

Microchip ATTINY28 Manual

19 Juli 2025

Microchip ATTINY861 Manual

19 Juli 2025

Microchip ATmega1280 Manual

19 Juli 2025

Microchip ATtiny84A Manual

19 Juli 2025

Microchip ATmega645P Manual

19 Juli 2025

Ikke kategoriseret Manualer

Nyeste Ikke kategoriseret Manualer

Elektrobock PT44 Manual

14 September 2025

BSS Audio FDS-366T Manual

14 September 2025

Systemair Airline R-114 Manual

14 September 2025

IFM SU2031 Manual

14 September 2025

Morel Tempo Ultra Integra 502 Manual

14 September 2025

IMC Networks 232CL9R Manual

14 September 2025

Varta Speed Charger 57955 Manual

14 September 2025

Melissa & Doug 9336 Manual

14 September 2025

Opus dataPREDATOR Manual

13 September 2025

Varta Wireless Power Bank 20000 57909 Manual

13 September 2025