ATSHA204A-XHCZ-T Просмотр технического описания (PDF) - Microchip Technology
Номер в каталоге
Компоненты Описание
производитель
ATSHA204A-XHCZ-T Datasheet PDF : 93 Pages
| |||
ATSHA204A
Security Features
3. Security Features
3.1 Physical Security
The ATSHA204A incorporates a number of physical security features designed to protect the EEPROM
contents from unauthorized exposure. The security measures include:
• An Active Shield Over the Part
• Internal Memory Encryption
• Secure Test Modes
• Glitch Protection
• Voltage Tamper Detection
• Temperature Tamper Detection
Pre-programmed transport keys stored on the ATSHA204A are encrypted in such a way as to make
retrieval of their values using outside analysis very difficult.
Both the logic clock and logic supply voltage are internally generated, preventing any direct attack on
these two signals using the pins of the device.
3.2 Random Number Generator (RNG)
The ATSHA204A includes a high-quality RNG that returns a 32-byte random number to the system. The
device combines this generated number with a separate input number to form a nonce that is stored
within the device in TempKey and may be used by subsequent commands.
The system may use this RNG for any purpose. One common purpose would be as the input challenge to
the MAC command on a separate CryptoAuthentication device. The device provides a special random
command for such purposes, which does do not affect the internally stored nonce.
To simplify system testing, prior to locking the Configuration zone the RNG always returns the following
32 byte value:
0xFF FF 00 00 FF FF 00 00 …
where 0xFF is the first byte read from the device and is used for the SHA message.
To prevent replay attacks on encrypted data that is passed to or from the ATSHA204A, the device
requires that a new, internally generated nonce be included as part of the encryption sequence used to
protect the data being read or written. To implement this requirement, the data protection key generated
by GenDig and used by the Read or Write command must use the internal RNG during the creation of
the nonce.
Random numbers are generated from a combination of the output of a hardware RNG and an internal
seed value, which is not externally accessible. The internal seed is stored in the EEPROM and is
normally updated once after every power-up or sleep/wake cycle. After the update, this seed value is
retained in SRAM registers within the device that are invalidated if the device enters sleep mode or the
power is removed.
© 2018 Microchip Technology Inc.
DS40002025A-page 19
Share Link: 