Security & Chip Card ICs SLE 4466 Intelligent 515–Bit Memory Chip with Counter for > 130.000 Units, Security Logic and High Security Authentication Short Product Information 07.99 6/(6KRUW3URGXFW,QIR 5HYLVLRQ+LVWRU\ Ref.: SPI_SLE4466_0799.doc &XUUHQW9HUVLRQ Previous Releases: 10.98 Page Subjects (changes since last revision) Layout change ,PSRUWDQW: Further information is confidential and on request. Please contact: Infineon Technologies AG in Munich, Germany, Security & Chip Card ICs, Fax +49 89 234-28925 E-Mail: Security-andChipcard-ICs@infineoncom 3XEOLVKHGE\,QILQHRQ7HFKQRORJLHV$*&&$SSOLFDWLRQV*URXS 6W0DUWLQ6WUDVVH'0QFKHQ ,QILQHRQ7HFKQRORJLHV$* $OO5LJKWV5HVHUYHG $WWHQWLRQSOHDVH The information herein is given to describe certain components and shall not be considered as warranted characteristics. Terms of delivery and rights to technical change reserved. We hereby disclaim any and all warranties, including but not limited to warranties of non-infringement, regarding circuits, descriptions and charts stated herein. Infineon Technologies is an approved CECC manufacturer. ,QIRUPDWLRQ For further information on technology, delivery terms and conditions and prices please contact your nearest Infineon Technologies Office in Germany or our Infineon Technologies Representatives world-wide (see address list). :DUQLQJV Due to technical requirements components may contain dangerous substances. For information on the types in question please contact your nearest Infineon Technologies Office. Infineon Technologies Components may only be used in life-support devices or systems with the express written approval of Infineon Technologies, if a failure of such components can reasonably be expected to cause the failure of that life-support device or system, or to affect the safety or effectiveness of that device or system. Life support devices or systems are intended to be implanted in the human body, or to support and/or maintain and sustain and/or protect human life. If they fail, it is reasonable to assume that the health of the user or other persons may be endangered. 6/( ,QWHOOLJHQW±%LW0HPRU\&KLS ZLWK&RXQWHUIRU!8QLWV 6HFXULW\/RJLFDQG+LJK6HFXULW\$XWKHQWLFDWLRQ )HDWXUHV • ELW((3520DQGELWPDVNSURJUDPPDEOH520 128 bit Identification Area consisting of – 16 bit Manufacturer code (mask-programmable ROM) – 8 bit Manufacturer data (ROM) – 104 bit for personalization data of card issuer (PROM) 160 bit Value Counter (PROM/EEPROM) 16 bit secret User Code (EEPROM) 32 bit either secret Security Code or Data Area 3 in Standard User Mode (EEPROM) 12 bit Data Area 1 (EEPROM) 32 bit Data Area 2 (EEPROM) 64 bit Response Counter 64 bit secret Authentication Key 0 • 7KUHH&KLSPRGHVZLWKVHFXUHGPHPRU\DFFHVV The memory is secured by different access codes dependent on the mode – Issuer Mode: The memory access is secured by the 4 byte Transport Code – Security User Mode: The memory access is secured by the 4 byte Security Code – Standard User Mode: The memory access is secured by the 2 byte User Code. The verification procedure is fully compatible with SLE 4404 The different chip modes are set by 3 flag bits. Only after a successful code verification the chip logic allows to write or erase the data according to the implemented functionality. • 9DOXH&RXQWHUZLWKXSWRFRXQWXQLWV – Three stage abacus counter – Due to testing purposes a maximum of 127040 count units is guaranteed • +LJKVHFXULW\DXWKHQWLFDWLRQXQLW – 64 bit Random number as challenge – 64 bit individual secret Authentication Key – Calculation of up to 31 bit response within 60 ms at a clock frequency of 100 kHz – Response calculation with cipher block chaining – Authentication access and response calculation controlled by the Response Counter – Four stage Response Counter with up to 69904 count units (61712 units guaranteed) – Certification of the decreasing of the Value Counter – Signature of the data content • 0HPRU\DFFHVVLQWHUIDFHFRPSDWLEOHZLWK6/( • 7UDQVSRUW&RGHSURWHFWLRQIRUGHOLYHU\ • ((3520VHFXULW\FHOOVLQVHQVLWLYHDUHDV • &KLSFLUFXLWU\DQGFKLSOD\RXWRSWLPLVHGIRUKLJKVHFXULW\DJDLQVWSK\VLFDODQGHOHFWULFDO VLJQDODQDO\VLV 6KRUW3URGXFW,QIRUPDWLRQ 3/6 6/( )HDWXUHV (cont’d) • $PELHQWWHPSHUDWXUH±«& 6XSSO\YROWDJH9 • 6XSSO\FXUUHQWP$ • ((3520SURJUDPPLQJWLPHPV • • (6'SURWHFWLRQW\SLFDO9 (QGXUDQFHPLQLPXPZULWHHUDVHF\FOHVELW1 • 'DWDUHWHQWLRQIRUPLQLPXPRI\HDUV • &RQWDFWFRQILJXUDWLRQDQG $QVZHUWR5HVHW V\QFKURQRXV WUDQVPLVVLRQ LQ DFFRUGDQFH WRVWDQGDUG,62,(& • 7DEOH 2UGHULQJ,QIRUPDWLRQ 7\SH SLE 4466 M2 SLE 4466 C 1) 2) 3DFNDJH M2 C Values are temperature dependent, for further information please refer to your Infineon Sales Office. available as wire-bonded module (M2) for embedding in plastic cards or as die (C) for customer packaging 6KRUW3URGXFW,QIRUPDWLRQ 4/6 6/( 3LQ'HVFULSWLRQ )LJXUH VCC C1 C5 GND RST C2 C6 N.C. CLK C3 C7 I/O N.C. C4 C8 PROG 3LQ&RQILJXUDWLRQWRSYLHZ CLK VDD 6/( RST GND I/O )LJXUH 3DG&RQILJXUDWLRQ'LH 7DEOH 3LQ'HILQLWLRQVDQG)XQFWLRQV &DUG&RQWDFW C1 C2 C3 C4 C5 C6 C7 C8 6\PERO VCC RST CLK N.C. GND N.C. I/O PROG 6KRUW3URGXFW,QIRUPDWLRQ )XQFWLRQ Supply voltage Control input (Reset Signal) Clock input Not connected Ground Not connected Bi-directional data line (open drain) Control input (Programming Signal) 5/6 6/( *HQHUDO'HVFULSWLRQ SLE 4466 is designed for prepaid payment applications (e.g. vending machines, electronic metering) and secured payment applications (e.g. loyalty scheme). The chip consists of an EEPROM memory of 496 bit (incl. 8 bit Manufacturer data), a ROM of 16 bit, a control/security unit, a memory access control logic, a special computing unit for chip authentication and 3 flag bits for mode selection. 3URJUDPPLQJ8QLW )ODJV $GGUHVV 8QLW 0HPRU\ $FFHVV &RQWURO Error Counter $XWKHQWLFDWLRQ 8QLW 0HPRU\8QLW Identification Area Security Code User Code Authentication Key Data Areas Response Counter Value Counter &RQWURO8QLW6HFXULW\,QWHUIDFH 352* &/. ,2 567 *1' 9&& %ORFN'LDJUDP • • • • • • 0HPRU\8QLW Value Counter, Identification Data (e.g. serial number, expiry date) and Data Areas. $GGUHVV8QLW Setting of the address counter is synchronously with CLK. The chip provides the Answer to Reset (ATR) for synchronous transmission according to ISO/IEC 7816. 0HPRU\$FFHVV&RQWURO Access to Authentication Unit and Memory Unit is controlled by a secret code (mode dependent). $XWKHQWLFDWLRQ8QLW The secret algorithm offers a challenge & response procedure for card authentication (individual key) and as signature for data and counter status integrity. Additionally cipher block chaining of the responses allows the certification of a Value Counter decreasing procedure. The authentication is controlled and limited by the response counter also avoiding a repetition of identical responses. 3URJUDPPLQJ8QLW The programming voltage for the EEPROM/PROM is generated and controlled internally. 6HFXULW\,QWHUIDFH Ensures a minimum and a maximum frequency and proper logical voltage levels. 6KRUW3URGXFW,QIRUPDWLRQ 6/6