preliminary Security & Chip Card ICs SLE 66C644P 16-Bit Security Controller with Memory Management and Protection Unit in 0.22 µm CMOS Technology 208 Kbytes ROM, 4 Kbytes RAM, 64 Kbytes EEPROM 112-Bit DDES Accelerator Short Product Information 11.02 SLE 66C644P Short Product Information Ref.: SPI_SLE 66C644P_1102.doc This document contains preliminary information on a new product under development. Details are subject to change without notice. Revision History: Current Version 11.02 Previous Releases: 04.02 Page Subjects (changes since last revision) 3, 6 Important: Further information is confidential and on request. Please contact: Infineon Technologies AG in Munich, Germany, Security & Chip Card ICs, Tel +49 - (0)89 234 80000 Fax +49 - (0)89 234-81000 E-Mail: [email protected] Edition 2002 Published by Infineon Technologies AG, CC Applications Group St.-Martin-Strasse 53, D-81541 München © Infineon Technologies AG 2001 All Rights Reserved. Attention please! The information herein is given to describe certain components and shall not be considered as warranted characteristics. Terms of delivery and rights to technical change reserved. We hereby disclaim any and all warranties, including but not limited to warranties of non-infringement, regarding circuits, descriptions and charts stated herein. Infineon Technologies is an approved CECC manufacturer. Information For further information on technology, delivery terms and conditions and prices please contact your nearest Infineon Technologies Office in Germany or our Infineon Technologies Representatives world-wide (see address list). Warnings Due to technical requirements components may contain dangerous substances. For information on the types in question please contact your nearest Infineon Technologies Office. Infineon Technologies Components may only be used in life-support devices or systems with the express written approval of Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure of that life-support device or system, or to affect the safety or effectiveness of that device or system. Life support devices or systems are intended to be implanted in the human body, or to support and/or maintain and sustain and/or protect human life. If they fail, it is reasonable to assume that the health of the user or other persons may be endangered. . SLE 66C644P 16-Bit Security Controller with MMU in 0.22µm CMOS Technologie 208 Kbytes ROM, 4 Kbytes RAM, 64 Kbytes EEPROM, 112-Bit DDES • • Supply voltage range: 1.62 V to 5.5 V Current consumption < 10mA @ 5.5 V < 6 mA @ 3.3 V < 4 mA @ 1.98 V • Temperature range: -25 to +85°C • ESD protection larger than 6 kV Features • • • • • • • • • • • • • • • • • • • 16-bit microcomputer in 0.22 µm CMOS technology Instruction set opcode compatible with standard SAB 8051 processor Enhanced 16-bit arithmetic Additional powerful instructions optimized for chip card applications Dedicated, non-standard architecture with execution time 6 times faster (18 times by PLLmax) than standard SAB 8051 processor at same external clock 206 Kbytes User ROM for application programs Additional 2 Kbytes reserved ROM for Resource Management System (RMS+ Superslim) with intelligent EEPROM write/erase routines 64 Kbytes Superslim-EEPROM 4 Kbytes XRAM, 256 Bytes IRAM Memory Management and Protection Unit (MMU) Dual Key Triple DES (DDES) and EC2 GF (2n ) Accelerator Superslim-EEPROM • • • • • • • • Data retention for a minimum of 10 years EEPROM programming voltage generated on chip Memory Management and Protection Unit • • CRC Module Interrupt Module Two 16-bit Autoreload Timer PLL up to 15 MHz • • • Power saving sleep mode Ext. Clock freq. 1 to 7.5 MHz for int. Clock ≤ 15 MHz @ 2.7V-5.5V Ext. Clock freq. 1 to 5 MHz for int. Clock ≤ 11 MHz @ 1.62V-5.5V UART for handling serial interface in accordance with ISO/IEC 7816 part 3 supporting transmission protocols T=1 and T=0 Addressable memory up to 1 Mbyte Separates OS (system) and application (user) System routines called by traps OS can restrict access to peripherals in application mode Code execution from XRAM possible Security Features Operation state monitoring mechanism • • • • • • I/O routines realized in software executable Short Product Information Reading and programming byte by byte Flexible page mode for 1 to 64 bytes write/erase operation 32 bytes security area (OTP) Fast personalization mode 0.63 ms @15MHz Erase + Write time < 4.0 ms @15MHz Minimum of 500.000 write/erase cycles at 25°C 3/8 Low and high voltage sensors Frequency sensors and filters Light Sensor Glitch Sensor Temperature Sensor Life Test Function for Sensors 11.02 SLE 66C644P Testmode Memory Security • • Irreversible Lock - Out of testmode Anti Snooping • • • • • • HW-countermeasures against SPA/DPA-, Timing- and DFA-attacks (differential fault analysis – DFA) CRC – Module Non standard dedicated Smart Card CPU – Core Active Shield with automatic and user controlled attack detection • • Document References • • • Support • • HW-& SW-Tools (Emulator, ROM Monitor, Card Emulator, Simulator, Softmasking) Application notes • • Supported Standards • • • • 16 bytes security PROM, hardware protected Unique chip identification number for each chip MED - memory encryption/decryption device for XRAM, ROM and EEPROM True Random Number Generator with Firmware test function Security optimised layout and layout scrambling Confidential Data Book SLE66CxxxP Qualification report Chip delivery specification for wafer with chip-layout (die size, orientation, ...) Module specification containing description of package, etc. Qualification report module Development Tools Overview ISO/IEC 7816 EMV 2000 GSM 11.11, 11.12, 11.18 ETS I TS 102 221 • • • • • Short Product Information 4/8 Short Product Info Software Development Kit SDK CC Short Product Info Card Emulator CE66P Short Product Info ROM Monitor RM66P Short Product Info Emulator ET66P Hitex or ET66P KSC Short Product Info Smart Mask Package 11.02 SLE 66C644P Performance DDES-EC2 Accelerator Operation Data Block Length Encryption Time for an 8-Byte Block incl. Data Transfer 5 MHz 10 MHz 15 MHz 56-bit Single DES Encryption 64 bit 23 µs 11 µs 8 µs 112-bit Triple DES Encryption 64 bit 35 µs 17 µs 12 µs Operand Length Calculation Time n 192 bit 285 ms 142 ms 95 ms n 192 bit 540 ms 270 ms 180 ms Elliptic Curves GF(2 ) EC-DSA Signature Generate Elliptic Curves GF(2 ) EC-DSA Signature Verify 5 MHz 10 MHz 15 MHz Ordering Information Type Package 1 Voltage Range SLE 66C644P M5 M5 SLE 66C644P C Die Temperature Range 2.7 V - 5.5 V – 25°C to + 70°C or or 1.62 V – 5.5 V – 25°C to + 85°C Frequency Range (ext. clock frequency) 1 MHz - 5 MHz or 1 MHz - 7.5 MHz For ordering information please refer to the databook and contact your sales representative. Production sites: • Dresden (Germany) SLE 66CxxxP • UMC (Taiwan) SLE 66CxxxPU • Altis (France) SLE 66CxxxPA 1 available as wire-bonded module (M5) for embedding in plastic cards or as die (C) for customer packaging Short Product Information 5/8 11.02 SLE 66C644P Pin Configuration VDD GND CLK RST SLE 66C644P I/O Figure 1: Pin Configuration Pin Definitions and Functions Symbol Function VCC Operating voltage RST Reset input CLK Processor clock input GND Ground I/O Bi-directional data port Short Product Information 6/8 11.02 SLE 66C644P General Description SLE 66C644P is a member of Infineon Technologies high-end security controller family in advanced 0.22 µm CMOS technology. The CPU provides the high efficiency of the SAB 8051instruction set extended by additional powerful instructions together with enhanced performance, memory sizes and security features. The internal clock frequency can be adjusted up to 15 MHz independent of the clock rate of the terminal with the help of the PLL. The controller IC offers 206 Kbytes of User-ROM, 256 bytes internal RAM, 4096 bytes XRAM and 64 Kbytes EEPROM with Superslim. The Memory Management and Protection Unit allows a secure separation of the operating system and the applications. Furthermore the MMU makes a secure downloading of applications possible after the personalization of a card. These new features meet the requirements of the next generation of multi application operating systems. For code compatibility to the SLE 66CxxS family, a transparent mode for the MMU is available which allows you to keep the memory mapping of the SLE 66CxxS products. Voltage Clock Reset ROM 208Kbyte XRAM 4 Kbyte 16-Bit CPU with MMU & ECO 2000 Instruction Set Sleep Mode Logic Sensors/Filters EEPROM 64 Kbyte DDES Accelerator PLL Address-/Data Bus Interrupt Voltage Regulator two 16-bit Timer CRC RNG UART Figure 2: Block Diagram SLE 66C644P The CRC module allows the easy generation of checksums according to ISO/IEC 3309 (16-BitCRC). To minimize the overall power consumption, the chip card controller IC offers a sleep mode. The UART supports the half-duplex transmission protocols T=0 and T=1 according to ISO/IEC 7816-3. All relevant transmission parameters can be adjusted by software, as e.g. the clock division factor, direct/inverse convention and the number of stop bits. Additionally, the I/O port can be driven by communication routines realized in software. The random number generator (RNG) is able to supply the CPU with true random numbers under all conditions. As an important measure, the chip provides a new and enhanced level of on-chip security features. The DES accelerator supports symmetrical crypto algorithms according to the Data Encryption Standard in the Electronic Code Book Mode. In conclusion, the SLE 66C644P fulfills the requirements of today's chip card applications, as GSM, UMTS , and offers a powerful platform for future multi application cards. The SLE 66C644P integrates outstanding memory sizes, additional peripherals in combination with enhanced performance and optimized power consumption on a minimized die size. Therefore, the SLE 66C644P offers the basis for a generation of new chip card applications. Short Product Information 7/8 11.02