Data Sheet

A710x family
Secure authentication microcontroller
Rev. 3.5 — 1 November 2013
195735
Product short data sheet
COMPANY PUBLIC
1. General description
1.1 Overview
The A710x family is a tamper resistant secure Micro Controller Unit (MCU) family using a
dedicated security hardened MX51CPU. NXP Semiconductors has a long track record in
security MCUs. NXP ICs had been used in all kind of security applications like bank cards,
health insurance cards, electronic passports, pay-tv cards or as embedded secure
element in mobile phones. The A710x family features a significantly enhanced secure
microcontroller architecture. Extended instructions for Java and C code, linear addressing
and high speed at low power are among many other improvements added to the classic
80C51 core architecture.
The A710x family supports the following features:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Dedicated MX51 security CPU
•
•
•
•
•
Secured 2-key/3-key triple-DES coprocessor
400 kbit/s I2C Fast-mode interface
Four wire 2 Mbit SPI interface
111 kbit/s One-Wire Interface according to Ref. 16 (A7103)
40 C to +90 C operational ambient temperature (A7102)
Optional on-chip operating system firmware: JCOP 2.4.2 (A710xC)
Optional X.509 certificate-based client authentication application pre-installed
Optional on-chip cryptographic library
NXP glue logic
NXP secure fetch technology
Active shielding technology
Asynchronous self-timed Handshake Technology
20 KB EEPROM for application-code and data
40 A typical sleep mode current with I2C pads in tristate mode
10 A max deep sleep mode current with I2C pads in tristate mode
High-performance secured Public Key Infrastructure (PKI) coprocessor 
(RSA up to4096-bit keys, ECC over GF(p) up to 544-bit keys)
Secured AES coprocessor (128-, 192- and 256-bit keys)
EEPROM with min 500,000 cycles endurance and min 25 years retention time
Four general-purpose IO ports (partly multiplexed with the I2C and SPI interface)
Broad range of tiny package types, i.e. WLCSP
A710x family
NXP Semiconductors
Secure authentication microcontroller
The A710x family key benefits:
• Complete security platform enabling customized solutions
• Field and silicon proven solutions- deployed in numerous devices and environments
• Ensures trust to drive applications in open and closed systems where high level of
security is needed
• Full solution, ease to integrate, ensuring lower total cost of ownership
• Robust cryptographic core, countermeasures and protection of device assets
• Powerful cryptographic coprocessors for public and secret key encryption within a
low-power, performance optimized design based on NXP Semiconductors'
handshaking technology.
For more detailed information refer to following documentation1:
• Hardware Data Sheet A710x family, Secure authentication microcontroller, Document
Number DocID 2164xx2 (see Ref. 8).
The hardware data sheet explains the details of the A710x family product from a
hardware point of view. It outlines figures like pinning diagram and power
consumption but also provides all information needed to develop firmware running on
the chip (ROM code).
1.
These documents are available under NDA
2.
Where XX refers to the last version; e.g. 10 refers to version 1.0
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
2 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
1.2 Cryptographic hardware coprocessors
1.2.1 PKI coprocessor
The approved and modular PKI coprocessor architecture supports the trend of increasing
RSA keys with faster execution speeds as well as Elliptic Curve Cryptography (ECC)
based on GF(p) or GF(2n) at best performance. The PKI coprocessor supports RSA with
an operand length of up to 8-kbit (up to 4-kbit with intermediate storage in RAM only).
The PKI coprocessor supports 192-bit ECC key length that offers the same level of
security as 2048-bit RSA. An ECC GF(2n) based signature, using a 163-bit key can be
executed in less than 30 ms providing a security level comparable to 1024-bit RSA. The
operand size for ECC is only limited by the 2.5 KB size of the Crypto-RAM. The PKI
coprocessor is easy to use and the flexible interface provides programmers with the
flexibility to implement their own cryptography solutions.
1.2.2 Triple-DES coprocessor
The DES widely used for symmetric encryption is supported by a dedicated, high
performance, highly attack-resistant hardware coprocessor. Single DES and triple-DES,
based on two or three DES keys, can be executed within less than 40 s. Relevant
standards (ISO/IEC, ANSI, FIPS) and Message Authentication Code (MAC) are fully
supported.
1.2.3 AES coprocessor
The A710x family secure microcontroller platform provides a dedicated high performance
128-bit parallel processing coprocessor to support secure AES. The implementation is
based on FIPS197 as standardized by the National Institute for Standards and Technology
(NIST), and supports key lengths of 128-bit, 192-bit, and 256-bit with performance levels
comparable to DES. AES is the next generation for symmetric data encryption and
recommended successor of DES providing a significantly improved security level.
1.3 I2C interface
The A710x family has an I2C interface supporting data rates up to 400 kbit/s operating in
Fast-Mode (FM) as specified in Ref. 4. Both operating modes, Master and Slave are
supported. The I2C address is configurable by the embedded firmware.
1.4 SPI interface
The A710x family has a four wire SPI slave interface supporting data rates up to 2 Mbit for
full-duplex and synchronous data transfer.
1.5 Universal Asynchronous Receiver/Transmitter (UART)
The A7103 uses a built-in Universal Asynchronous Receiver/Transmitter (UART) to
support a Smart Card OneWire (SC1W) Protocol as specified in Ref. 16. The Protocol is
using a one-wire based physical interface, a UART-based data link layer, an SMBus
based network layer as well as a mapping layer to convey ISO/IEC 7816-4 based
communication. The UART is software configurable to use any of the four IO ports.
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
3 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
1.6 General-Purpose IO ports
The A710x family has four general-purpose IO ports (partly multiplexed with the UART,
I2C and SPI interface) which can be used for any purpose.
1.7 Optional on-chip cryptographic library
A secure crypto library providing a broad range of required functions will be available for
all A710x devices in order to support customers implementing cryptographic solutions:
• Various algorithms
– AES encryption and decryption using the AES coprocessor
– DES and Triple-DES encryption and decryption using the DES coprocessor
– RSA encryption and decryption, signature generation and verification for
straightforward and CRT keys up to 4096-bit
– RSA key generation
– ECC over GF(p) signature generation and verification (ECDSA) and Diffie-Hellman
key exchange for keys up to 544 bits
– ECC over GF(p) key generation
– ECC over GF(2n) signature generation and verification (ECDSA) and
Diffie-Hellman key exchange for keys up to 544-bit
– ECC over GF(2n) key generation
– SHA-1, SHA-224 and SHA-256 hash algorithm
– Pseudo-Random Number Generator (PRNG)
• Easy to use API for all algorithms
• Latest built-in security features to avoid power (SPA/DPA), timing and fault attacks
(DFA)
1.8 Optional on-chip operating system firmware: JCOP 2.4.2 (A710xC)
The A710x family can execute program code from its internal memories. The ROM is
used to host program code and data either owned by NXP Semiconductors or provided by
third-parties (custom ROM masked product).
NXP Semiconductors offers a Java Card Open Platform operating system called JCOP
based on independent, third-party specifications, i.e. by Oracle, the Global Platform
consortium, the International Organization for Standards (ISO), EMV (Europay,
MasterCard and VISA) and others. The Java Card and GlobalPlatform industry standards
together ensure ease of application development and application interoperability for
developers. JCOP 2.4.2 compliant to Java Card specification V3.0.1 classic as defined in
Ref. 1 JCOP 2.4.2 compliant to Global Platform specification as defined in Ref. 2 and
Ref. 3.
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
4 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
JCOP provides extended support for several industry-specific requirements. This support
is given with the JCOPX API that comprises following functionality:
• Extended cryptography support (several algorithms and methods not specified in
Java Card v3.0.1 classic (see Ref. 1)
• A710xC (JCOP 2.4.2 R1): Support of IO Config and Control API, implementing
methods to reconfigure the default I2C slave address, to configure the GPIO pin as
either input or output pin and the read, set or clear the pin.

For more detailed information refer to following documentation3:
• User manual JCOP 2.4.2 Revision 1.0, JCOP V2.4.2 Revision 1.0 secure A7 MCU
operating system, Document Number 2318xx4 (see Ref. 10).
The User manual describes JCOP for the applet developer. It outlines the features
available through the Java Card API. Also it explains any additional functionality at the
Java layer. Also, this User manual contains the information on how to order A710x
family products.
• Administrator manual JCOP 2.4.2 Revision 1.0, JCOP V2.4.2 Revision 1.0 secure A7
MCU operating system, Document Number 2319xx4 (see Ref. 11).
The Administrator manual describes JCOP for the administrator of a JCOP operating
system. This means it explains the pre-personalization process and its specific
commands.
• Hardware Data sheet, A710x family, secure authentication microcontroller, Document
Number 2164xx4 (see Ref. 8).
The Full data sheet explains the details of the A710x family product from a hardware
point of view. It outlines figures like pinning diagram and power consumption.
• A710x family with JCOP 2.4.1R1, secure authentication microcontroller, Document
Number 2366xx4 (see Ref. 9).
The data sheet explains the details of the A710x family product embedding a JCOP
2.4.2 R1 operating system from a hardware point of view. It outlines figures like
pinning diagram and power consumption.
1.9 Optional X509 certificate-based client authentication
In addition to the A710x family secure MCU and the Java Card Open Platform operating
system, the total solution includes an X.509 certificate-based client authentication
application.
For more detailed information refer to following documentation:
• Application note, Device Authentication APDU Specification, Document Number
2118xx4 (see Ref. 12).
The applet user manual contains a detailed description of the authentication
application on the A710x family product. It outlines the interface description including
the APDU description and a description how to use the applet.
3.
These documents are available under NDA
4.
Where XX refers to the last version; e.g. 10 refers to version 1.0
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
5 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
1.10 Trust provisioning service
The A710x family is delivered with pre-programmed, die-specific keys and certificates
which are being generated and programmed in a certified (Common Criteria) secure
NXP Semiconductors internal environment with master keys securely stored in HSMs
(Hardware Secure Modules). Additional authentication software for the host (host-MCU or
remote server) can also be included as part of the solution.
NXP Semiconductors offers a pre-personalizations service where customer specific
initialization data can be preprogrammed. This data can be die individual card manager
keys, symmetric DES-or AES keys, random data, X509 certificates, RSA signing keys or
any other constant data like application code.
1.11 A710x family naming conventions
The following table explains the naming conventionsof the commercial product name of
the A710x family products. Every A710x family product gets assigned such a commercial
name, which includes also customer and application-specific data.
The A710x family commercial names have the following format.
A710xagpp(p)/mvsrrff
The ’A710’ is a constant, all other letters are variables, which are explained in the
following Table 1.
Table 1.
Variable
Meaning
x
IC hardware specification 1
code
standard operational ambient temperature:
25 C to +90 C
I2C and SPI interface supported
2
standard operational ambient temperature:
40 C to +90 C
I2C and SPI interface supported
3
standard operational ambient temperature:
25 C to +90 C. 
I2C and UART interface supported
A
JCOP V2.4.2 R0.95
C
JCOP V2.4.2 R1
Z
Custom ROM coded product
G
Generic, no application layer firmware (i.e.
JCOP applets) pre-installed
C
Customized, customer Applet pre-installed
in ROM or EEPROM
A
Application firmware implementing generic
X509 based client authentication
a
g
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
A710x commercial name format
Values
embedded operating
system code
embedded application
firmware (applet) code
pp(p)
package type code
see Table 3
m
Manufacturing Site Code
T
v
Silicon Version Code
0
Description
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
6 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
Table 1.
A710x commercial name format
Variable
Meaning
Values
s
Silicon Version Subcode
B
rr
ROM Code ID
ff
FabKey ID
Description
1.12 Security features
The A710x family security concept is combining a comprehensive portfolio of
NXP Semiconductors security measures which is protecting the chip against all types of
attacks. All in all there are more than 100 security features in an NXP Semiconductors
security chip to protect against attacks from outside. NXP Semiconductors apply their
extensive knowledge of chip security to harden the chip against any kinds of attacks.
The counter measures against reverse engineering attacks i.e. the dedicated security
CPU designed in asynchronous handshaking circuit technology, the very dense
sub-micron 5-metal-layer 0.14 m technology, the NXP glue logic and active shielding
technology are providing highest level of attack resilience which is unique in the market.
Secure Fetch Technology will significantly enhance the chip hardware security for a
certain class of light and laser attacks to the chip hardware. More specifically, Secure
Fetch offers increased protection against attacks with higher spatial resolution and against
both those with shorter and with longer light pulses; both with single and with multiple
pulses. It protects both the device memory and code fetching operations from ROM, RAM
and EEPROM, greatly increasing the probability that fault injection attacks are detected.
This unique security technology offers increased protection against future attack
scenarios with light and laser sources, facilitating the development of highly secure
software applications for customers.
The A710x family security concept includes dedicated HW measures to protect against
any kind of leakage attacks. The Triple-DES coprocessor provides a high level of
leak-resistance to 1st order DPA, thus equally well resilient against all kinds of leakage
attacks.
The A710x family incorporates inherent and OS controlled security features:
•
•
•
•
•
•
Secure Fetch Technology, protecting code fetches from ROM, RAM and EEPROM
Dedicated security CPU designed in asynchronous handshaking circuit technology
High dense sub-micron 5-metal-layer 0.14 m CMOS technology,
NXP glue logic
Active Shielding
Enhanced security sensors
– Low and high temperature sensor (for A7101 and A7103 only)
– Low and high supply voltage sensor
– Single Fault Injection (SFI) attack detection
– Light sensors (incl. integrated memory light sensor functionality)
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
7 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
1.13 Security licensing
NXP Semiconductors has obtained a patent license for SPA and DPA countermeasures
from Cryptography Research Incorporated (CRI). This license covers both hardware and
software countermeasures. It is important to customers that countermeasures within the
operation system are covered under this license agreement with CRI. Further details can
be obtained on request.
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
8 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
2. Features and benefits
2.1 Standard family features
 High reliable EEPROM for both data storage and program execution: 20 KB
 Data retention time: 25 years minimum
 Endurance: 500,000 cycles minimum
 Dedicated Secure_MX51 MCU (Memory eXtended/enhanced 80C51)
 Public Key Cryptography (PKC) coprocessor supporting RSA, Elgamal, DSS,
Diffie-Hellman, Guillou-Quisquater, Fiat-Shamir and Elliptic Curves
 RSA support for the key lengths up to 4096-bit
 Elliptic Curve over GF(p) Cryptography with key lengths up to 544-bit
 Single DES (56-bit) and Triple DES with 2 or 3 Keys (112-bit- or 168-bit), encryption
and decryption in ECB, CBC and CBC-MAC mode
 High-speed AES coprocessor (128-bit parallel processing AES engine)
 Low-power True-Random Number Generator (TRNG) in hardware, AIS-31 compliant
 SHA1, SHA-224 and SHA-256
 On-Chip Key generation
 CRC calculations
 Low-power design using NXP Semiconductors’ handshaking technology
 Wake-up from SLEEP mode by any I2C communication request
 40 A typical sleep mode current with I2C pads operated in tristate mode, don’t
obstructing the bus lines
 10 A maximal deep sleep mode current with I2C pads operated in tristate mode, don’t
obstructing the bus lines
 Internally generated CPU clock (typical 31 MHz)
 1.62 V to 3.6 V operating voltage range
 Broad spectrum of delivery types
 Wafers
 WL-CSP package
 SMD packages
2.2 Product-specific features
 A7101
 25 C to +90 C operational ambient temperature
 400 kbit/s I2C Fast-mode interface (Master and Slave)
 2 Mbit four wire SPI interface (Slave)
 A7102
 40 C to +90 C operational ambient temperature
 400 kbit/s I2C Fast-mode interface (Master and Slave)
 2 Mbit four wire SPI interface (Slave)
 A7103
 25 C to +90 C operational ambient temperature
 111 kbit/s One-Wire Interface according to Ref. 16
 400 kbit/s I2C Fast-mode interface (Master and Slave)
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
9 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
3. Applications
The A710x family is a complete embedded security platform for mobile phones, portable
devices, computing and consumer electronic devices, and embedded systems where a
strong security infrastructure is required. The A710x family provides an outstanding level
of security, while overcoming the challenges of performance, power consumption and
solution footprint. Its flexible architecture offers brand owners and device manufacturers a
robust solution that can be tailored to meet today’s demanding embedded security
requirements. The A710x family can be used in various host platforms and host operating
systems to secure a broad range of applications.
The A710x family is offered as a turnkey solution that provides customers easy integration
of authentication solutions into their end products. Minimal impact on the performance of
end-products is achieved through high-speed, low power consumption ICs that feature the
industry standard I2C, SPI and UART interfaces.
The flexibility of the A710x family solution allows for fast and convenient customization of
specific solutions or implementations.
3.1 Application areas
 Embedded Security
 Counterfeit protection of hardware and software
 Anti-cloning
 Brand integrity of original goods
 Profile of service
 Conditional access to software, content and features
 Secure access to online services
 Device identity
 Signing transactions
 Secure machine to machine (M2M) communication
4. Quick reference data
Table 2.
Quick reference data
Symbol
Parameter
VDD
supply voltage
Conditions
Min
Typ
Max
Unit
1.62
-
3.6
V
Tamb = +55 C
25
-
-
years
under all operating conditions
5
-
-
cycles
EEPROM
tret
Nendu(W)
retention time
write endurance
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
105
© NXP B.V. 2013. All rights reserved.
10 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
5. Ordering information
Table 3.
Ordering information
Type number[1]
A7101agUS/...
Package
Name
Description
Version
FFC
8 inch wafer (sawn; 250 m thickness; on film frame carrier;
electronic fail die marking according to SECSII format)
not applicable
WLCSP12
wafer level chip scale package, 12 bumping, body 2.1 2.1 0.6 mm;
0.5 mm ball pitch
not applicable
SO-8
plastic small outline package, body 4.9 3.9 1.75 mm; 1.27 mm pin
pitch, 8 leads
SOT096-1
HVSON-8
plastic thermal enhanced very thin small outline package; no leads; 8
terminals; body 4 4 0.85 mm
SOT909-1
HVQFN32
plastic thermal enhanced very thin quad flat package; no leads,
32 terminals; body 5 5 0.85 mm
SOT617-3
HVQFN20
plastic thermal enhanced very thin quad flat package; no leads,
SOT917-1
A7102agUS/...
A7103agUS/...
A7101agUK/...
A7102agUK/...
A7103agUK/...
A7101agT1/...
A7102agT1/...
A7103agT1/...
A7101agTK2/...
A7102agTK2/...
A7103agTK2/...
A7101agHN1/...
A7102agHN1/...
A7103agHN1/...
A7101agHN2/...
A7102agHN2/...
20 terminals; body 4 4 0.85 mm
A7103agHN2/...
[1]
a = A or C, g = G, C or A, according to the A710x family type classification see Section 1.11 “A710x family naming conventions”
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
11 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
6. Block diagram
APPLICATION
LAYER
APPLETS
APPLET 1
APPLET 2
INSTALLER
CARD
OPERATING
SYSTEM
LAYER
JAVA CARD
RUNTIME
ENVIRONMENT
3.0.1 CLASSIC(1)
JCOP V2.4.2
APPLET n
SYSTEM CLASSES
APPLET
MANAGEMENT
TRANSACTION
MANAGEMENT
JAVA CARD VIRTUAL MACHINE
(JCVM)
HARDWARE
LAYER
PLATFORM
TRIPLE-DES
COPROCESSOR
GLOBAL
PLATFORM
2.1.1
FRAMEWORK CLASSES APIs
(JAVA CARD 3.0.1 CLASSIC APIs)
EXTENSIONS
PKI
COPROCESSOR
FameXE
SCI2C PROTOCOL
IMPLEMENTATION(2)
MEMORY
MANAGEMENT
UNIT
(MMU)
OTHER
SERVICES
I/O NETWORK
COMMUNICATION
SECURE MX51
CPU
SC1W PROTOCOL
IMPLEMENTATION(4)
RAM
ROM
EEPROM
SCSPI PROTOCOL
IMPLEMENTATION(3)
AES
COPROCESSOR
A710x
INTERFACE
RST_N
VCC
VSS
SPI_MISO/I2C_SDA
SPI_MOSI/I2C_SCL
SPI_nSS/UART
SPI_CLK
aaa-007651
(1) For more details see Ref. 5 Figure 3.4 page 36
(2) For more details see Ref. 6
(3) For more details see Ref. 6
(4) For more details see Ref. 16
Fig 1.
A710x family block diagram with JCOP OS
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
12 of 20
xxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxx x x x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxx xx xx xxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxx xxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxx x x
xxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxx xxx
NXP Semiconductors
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
A710x
SPI_MISO/I2C_SDA
SPI INTERFACE
BLOCK
SPI_MOSI/I2C_SCL
SPI_nSS
SPI_CLK
PROGRAMMABLE
IO
I2C
INTERFACE
BLOCK
ROM
EEPROM
RAM
196 KB
PROGRAM
MEMORY
20 KB
DATA AND
PROGRAM
MEMORY
6144 B
DATA
MEMORY
FameXE
ENHANCED PUBLIC
KEY
COPROCESSOR e.g.
RSA, ECC
PROTECTED LINEAR ADDRESS MAPPING
SECURE_MX51 CPU
TRIPLE-DES
COPROCESSOR
TIMERS
RST_N
SECURITY SENSORS
RESET GENEREATION
CRC16
16-bit 16-bit
T0
T1
AES
COPROCESSOR
FAST
RNG
VOLTAGE REGULATOR
Fig 2.
A710x family block diagram
VSS
aaa-007652
© NXP B.V. 2013. All rights reserved.
13 of 20
A710x family
VCC
A710X secure authentication microcontroller
Rev. 3.5 — 1 November 2013
195735
All information provided in this document is subject to legal disclaimers.
UNIVERSAL
ASYNCHRONOUS
RECEIVER/
TRANSMITTER
A710x family
NXP Semiconductors
Secure authentication microcontroller
7. Limiting values
Table 4.
Limiting values
In accordance with the Absolute Maximum Rating System (IEC 60134). Voltages are referenced to
VSS (ground = 0 V).
Symbol Parameter
Product short data sheet
COMPANY PUBLIC
Min
Max
Unit
0.3
+4.6
V
any signal pad
0.3
+4.6
V
pad SPI_nSS/UART_IO,
SPI_MISO/I2C_SDA,
SPI_CLK,
SPI_MOSI/I2C_SCL
-
10
mA
output current
pad SPI_nSS/UART_IO,
SPI_MISO/I2C_SDA,
SPI_CLK,
SPI_MOSI/I2C_SCL
-
10
mA
latch-up current
VI < 0 V or VI > VDD
-
supply voltage
VI
input voltage
II
input current
IO
Ilu
VESD
A710x_FAM_SDS
Conditions
VDD
electrostatic discharge
voltage
Ptot
total power dissipation
Tstg
storage temperature
100
mA
Human Body Model (HBM)
[1][2]
 2.0
kV
Charge Device Model (CDM)
[1][3]
 500 V
[4]
-
1
W
55
+125
C
[1]
pads VCC, VSS, RST_N, SPI_nSS/UART_IO, SPI_MISO/I2C_SDA, SPI_CLK,
SPI_MOSI/I2C_SCL
[2]
MIL Standard 883-D method 3015; human body model; C = 100 pF, R = 1.5 k; Tamb = 25 C to +85 C.
[3]
JESD22-C101, JEDEC Standard Field induced charge device model test method.
[4]
Depending on appropriate thermal resistance of the package.
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
14 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
8. Abbreviations
Table 5.
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
Abbreviations
Acronym
Description
AES
Advanced Encryption Standard
API
Application Programming Interface
CBC
Cipher-Block Chaining
CRC
Cyclic Redundancy Check
DES
Digital Encryption Standard
DPA
Differential Power Analysis
DSS
Digital Signature Standard
ECB
Electronic CodeBook
ECC
Elliptic Curve Cryptography
EEPROM
Electrically Erasable Programmable Read-Only Memory
GF
Galois Function
I/O
Input/Output
MAC
Message Authentication Code
MD5
Message-Digest algorithm 5
MMU
Memory Management Unit
OS
Operating System
PKC
Public Key Cryptography
PKI
Public Key Infrastructure
RSA
Rivest, Shamir and Adleman
SFI
Single Fault Injection
SHA
Secure Hash Algorithm
SMD
Surface Mounted Device
SPA
Simple Power Analysis
SPI
Serial Peripheral Interface
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
15 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
9. References
[1]
Oracle Java Card 3.0.1 classic
http://www.oracle.com/technetwork/java/javacard/overview/index.html
[2]
Global Platform Consortium: GlobalPlatform Card Specification 2.1.1, March 2003
http://www.globalplatform.org/
[3]
GlobalPlatform Consortium: GlobalPlatform; Card Specification 2.1.1 Amendment A,
March 2004
[4]
I2C-bus specification and user manual, Rev. 0.3 — June-19-2007, NXP
Semiconductors
[5]
Java Card Technology for Smart Cards, Zhiqun Chen, ISBN 0-201-70329-7
[6]
SCI2C Protocol Specification, Rev. 2.0 — Aug-04-2010, NXP Semiconductors
[7]
SC-SPI Protocol Specification, Rev. 1.0 — Mar-01-2011, NXP Semiconductors
[8]
Hardware Data Sheet A710x family, Secure authentication microcontroller,
Document Number DocID 2164xx5, NXP Semiconductors
[9]
A710x family with JCOP 2.4.2 R1, Secure authentication microcontroller, Document
Number 2366xx5, NXP Semiconductors
[10] User manual JCOP 2.4.2 R1 for A7 family, JCOP V2.4.2 Revision 1.0 secure
embedded MCU operating system, Document Number 2318xx5, NXP
Semiconductors
[11] Admin manual JCOP 2.4.2 R1 for A7 family, JCOP V2.4.2 Revision 1.0 secure
embedded MCU operating system, Document Number 2319xx5, NXP
Semiconductors
[12] Application note, Device Authentication APDU Spec - FS1.1, Document Number
2185xx5, NXP Semiconductors
[13] Application note, Device Authentication Architecture, Application Note for Feature
Set FS1.1, Document Number 2154xx5, NXP Semiconductors
[14] Application note, X.509 Device Certificate Format, Document Number 2119xx5, NXP
Semiconductors
[15] Application note, Device Authentication Host library API, Document Number
2196xx5, NXP Semiconductors
[16] SC1W Protocol Specification, Rev. 1.1, NXP Semiconductors
[17] SOT909-1; HVSON8; Reel pack; Ordering code (12NC) ending 118; Packing
Information; Rev. 2 — 19 April 2013
5.
Where XX refers to the last version; e.g. 10 refers to version 1.0
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
16 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
10. Revision history
Table 6.
Revision history
Document ID
Release date
Data sheet status
A710X_FAM_SDS v.3.5
20131101
Product short data sheet
Modifications:
A710X_FAM_SDS v.3.4
Modifications:
A710X_FAM_SDS v.3.3
Modifications:
A710X_FAM_SDS v.3.2
Modifications:
A710X_FAM_SDS v.3.1
Modifications:
A710X_FAM_SDS v.3.0
Modifications:
A710X_FAM_SDS v.2.0
Modifications:
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
•
Product short data sheet
A710X_FAM_SDS v.3.3
Reference to HVSON8 packing information added
Inserted electrostatic discharge voltage (Charge Device Model) in Table 4 “Limiting values”
on page 14
Product short data sheet
A710X_FAM_SDS v.3.2
Chapter 7 “Pinning Information” removed from product short data sheet
20130128
•
A710X_FAM_SDS v.3.4
Inserted A7103 product type supporting UART communication
20130315
•
Supersedes
Updated storage temperature in Table 4 “Limiting values” on page 14
20130809
•
•
•
Change notice
Product short data sheet
A710X_FAM_SDS v.3.1
SO8 pinning figure corrected. See also Figure 8 “Pin configuration for SO-8 (SOT96-1)” on
page 16
20121213
Product short data sheet
A710X_FAM_SDS v.3.0
•
HVQFN32 pinning corrected. SPI_nSS is connected to pin 3 and pin 2 is not connected. See
also Figure 7 “Pin configuration for HVQFN32 (SOT617-3)” on page 15 and Table 7 on
page 15
•
HVSON8 package (SOT685-1, 5 mm  6 mm) removed from Table 3 “Ordering information”
on page 11
•
•
Footnote about availabilty of HVQFN20 package removed. HVQFN20 package is available.
Defined maximum input and output currents in Table 4 “Limiting values” on page 14
20121024
•
20111005
•
Product short data sheet
A710X_FAM_SDS v.2.0
Preliminary short data sheet
-
Product version
Initial version
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
17 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
11. Legal information
11.1
Data sheet status
Document status[1][2]
Product status[3]
Definition
Objective [short] data sheet
Development
This document contains data from the objective specification for product development.
Preliminary [short] data sheet
Qualification
This document contains data from the preliminary specification.
Product [short] data sheet
Production
This document contains the product specification.
[1]
Please consult the most recently issued document before initiating or completing a design.
[2]
The term ‘short data sheet’ is explained in section “Definitions”.
[3]
The product status of device(s) described in this document may have changed since this document was published and may differ in case of multiple devices. The latest product status
information is available on the Internet at URL http://www.nxp.com.
11.2
Definitions
Draft — The document is a draft version only. The content is still under
internal review and subject to formal approval, which may result in
modifications or additions. NXP Semiconductors does not give any
representations or warranties as to the accuracy or completeness of
information included herein and shall have no liability for the consequences of
use of such information.
Short data sheet — A short data sheet is an extract from a full data sheet
with the same product type number(s) and title. A short data sheet is intended
for quick reference only and should not be relied upon to contain detailed and
full information. For detailed and full information see the relevant full data
sheet, which is available on request via the local NXP Semiconductors sales
office. In case of any inconsistency or conflict with the short data sheet, the
full data sheet shall prevail.
Product specification — The information and data provided in a Product
data sheet shall define the specification of the product as agreed between
NXP Semiconductors and its customer, unless NXP Semiconductors and
customer have explicitly agreed otherwise in writing. In no event however,
shall an agreement be valid in which the NXP Semiconductors product is
deemed to offer functions and qualities beyond those described in the
Product data sheet.
11.3
Disclaimers
Limited warranty and liability — Information in this document is believed to
be accurate and reliable. However, NXP Semiconductors does not give any
representations or warranties, expressed or implied, as to the accuracy or
completeness of such information and shall have no liability for the
consequences of use of such information. NXP Semiconductors takes no
responsibility for the content in this document if provided by an information
source outside of NXP Semiconductors.
In no event shall NXP Semiconductors be liable for any indirect, incidental,
punitive, special or consequential damages (including - without limitation - lost
profits, lost savings, business interruption, costs related to the removal or
replacement of any products or rework charges) whether or not such
damages are based on tort (including negligence), warranty, breach of
contract or any other legal theory.
Notwithstanding any damages that customer might incur for any reason
whatsoever, NXP Semiconductors’ aggregate and cumulative liability towards
customer for the products described herein shall be limited in accordance
with the Terms and conditions of commercial sale of NXP Semiconductors.
Right to make changes — NXP Semiconductors reserves the right to make
changes to information published in this document, including without
limitation specifications and product descriptions, at any time and without
notice. This document supersedes and replaces all information supplied prior
to the publication hereof.
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
Suitability for use — NXP Semiconductors products are not designed,
authorized or warranted to be suitable for use in life support, life-critical or
safety-critical systems or equipment, nor in applications where failure or
malfunction of an NXP Semiconductors product can reasonably be expected
to result in personal injury, death or severe property or environmental
damage. NXP Semiconductors and its suppliers accept no liability for
inclusion and/or use of NXP Semiconductors products in such equipment or
applications and therefore such inclusion and/or use is at the customer’s own
risk.
Applications — Applications that are described herein for any of these
products are for illustrative purposes only. NXP Semiconductors makes no
representation or warranty that such applications will be suitable for the
specified use without further testing or modification.
Customers are responsible for the design and operation of their applications
and products using NXP Semiconductors products, and NXP Semiconductors
accepts no liability for any assistance with applications or customer product
design. It is customer’s sole responsibility to determine whether the NXP
Semiconductors product is suitable and fit for the customer’s applications and
products planned, as well as for the planned application and use of
customer’s third party customer(s). Customers should provide appropriate
design and operating safeguards to minimize the risks associated with their
applications and products.
NXP Semiconductors does not accept any liability related to any default,
damage, costs or problem which is based on any weakness or default in the
customer’s applications or products, or the application or use by customer’s
third party customer(s). Customer is responsible for doing all necessary
testing for the customer’s applications and products using NXP
Semiconductors products in order to avoid a default of the applications and
the products or of the application or use by customer’s third party
customer(s). NXP does not accept any liability in this respect.
Limiting values — Stress above one or more limiting values (as defined in
the Absolute Maximum Ratings System of IEC 60134) will cause permanent
damage to the device. Limiting values are stress ratings only and (proper)
operation of the device at these or any other conditions above those given in
the Recommended operating conditions section (if present) or the
Characteristics sections of this document is not warranted. Constant or
repeated exposure to limiting values will permanently and irreversibly affect
the quality and reliability of the device.
Terms and conditions of commercial sale — NXP Semiconductors
products are sold subject to the general terms and conditions of commercial
sale, as published at http://www.nxp.com/profile/terms, unless otherwise
agreed in a valid written individual agreement. In case an individual
agreement is concluded only the terms and conditions of the respective
agreement shall apply. NXP Semiconductors hereby expressly objects to
applying the customer’s general terms and conditions with regard to the
purchase of NXP Semiconductors products by customer.
No offer to sell or license — Nothing in this document may be interpreted or
construed as an offer to sell products that is open for acceptance or the grant,
conveyance or implication of any license under any copyrights, patents or
other industrial or intellectual property rights.
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
18 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
Export control — This document as well as the item(s) described herein
may be subject to export control regulations. Export might require a prior
authorization from competent authorities.
Quick reference data — The Quick reference data is an extract of the
product data given in the Limiting values and Characteristics sections of this
document, and as such is not complete, exhaustive or legally binding.
11.4
Licenses
ICs with DPA Countermeasures functionality
NXP ICs containing functionality
implementing countermeasures to
Differential Power Analysis and Simple
Power Analysis are produced and sold
under applicable license from
Cryptography Research, Inc.
Non-automotive qualified products — Unless this data sheet expressly
states that this specific NXP Semiconductors product is automotive qualified,
the product is not suitable for automotive use. It is neither qualified nor tested
in accordance with automotive testing or application requirements. NXP
Semiconductors accepts no liability for inclusion and/or use of
non-automotive qualified products in automotive equipment or applications.
In the event that customer uses the product for design-in and use in
automotive applications to automotive specifications and standards, customer
(a) shall use the product without NXP Semiconductors’ warranty of the
product for such automotive applications, use and specifications, and (b)
whenever customer uses the product for automotive applications beyond
NXP Semiconductors’ specifications such use shall be solely at customer’s
own risk, and (c) customer fully indemnifies NXP Semiconductors for any
liability, damages or failed product claims resulting from customer design and
use of the product for automotive applications beyond NXP Semiconductors’
standard warranty and NXP Semiconductors’ product specifications.
Translations — A non-English (translated) version of a document is for
reference only. The English version shall prevail in case of any discrepancy
between the translated and English versions.
11.5
Trademarks
Notice: All referenced brands, product names, service names and trademarks
are the property of their respective owners.
FabKey — is a trademark of NXP B.V.
I2C-bus — logo is a trademark of NXP B.V.
12. Contact information
For more information, please visit: http://www.nxp.com
For sales office addresses, please send an email to: [email protected]
A710x_FAM_SDS
Product short data sheet
COMPANY PUBLIC
All information provided in this document is subject to legal disclaimers.
Rev. 3.5 — 1 November 2013
195735
© NXP B.V. 2013. All rights reserved.
19 of 20
A710x family
NXP Semiconductors
Secure authentication microcontroller
13. Tables
Table 1.
Table 2.
Table 3.
A710x commercial name format . . . . . . . . . . . . .7
Quick reference data . . . . . . . . . . . . . . . . . . . .10
Ordering information . . . . . . . . . . . . . . . . . . . . . 11
Table 4.
Table 5.
Table 6.
Limiting values . . . . . . . . . . . . . . . . . . . . . . . . 14
Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . 15
Revision history . . . . . . . . . . . . . . . . . . . . . . . . 17
14. Figures
Fig 1.
A710x family block diagram with JCOP OS. . . . .12
Fig 2.
A710x family block diagram . . . . . . . . . . . . . . . . 13
11.2
11.3
11.4
11.5
12
13
14
15
Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . .
Disclaimers . . . . . . . . . . . . . . . . . . . . . . . . . .
Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . .
Contact information . . . . . . . . . . . . . . . . . . . .
Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15. Contents
1
1.1
1.2
1.2.1
1.2.2
1.2.3
1.3
1.4
1.5
1.6
1.7
1.8
1.9
1.10
1.11
1.12
1.13
2
2.1
2.2
3
3.1
4
5
6
7
8
9
10
11
11.1
General description . . . . . . . . . . . . . . . . . . . . . . 1
Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Cryptographic hardware coprocessors . . . . . . . 3
PKI coprocessor . . . . . . . . . . . . . . . . . . . . . . . 3
Triple-DES coprocessor . . . . . . . . . . . . . . . . . . 3
AES coprocessor . . . . . . . . . . . . . . . . . . . . . . . 3
I2C interface . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
SPI interface . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Universal Asynchronous Receiver/Transmitter
(UART) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
General-Purpose IO ports. . . . . . . . . . . . . . . . . 4
Optional on-chip cryptographic library . . . . . . . 4
Optional on-chip operating system firmware:
JCOP 2.4.2 (A710xC) . . . . . . . . . . . . . . . . . . . . 4
Optional X509 certificate-based client
authentication . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Trust provisioning service . . . . . . . . . . . . . . . . . 6
A710x family naming conventions . . . . . . . . . . 6
Security features. . . . . . . . . . . . . . . . . . . . . . . . 7
Security licensing . . . . . . . . . . . . . . . . . . . . . . . 8
Features and benefits . . . . . . . . . . . . . . . . . . . . 9
Standard family features . . . . . . . . . . . . . . . . . . 9
Product-specific features . . . . . . . . . . . . . . . . . 9
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Application areas . . . . . . . . . . . . . . . . . . . . . . 10
Quick reference data . . . . . . . . . . . . . . . . . . . . 10
Ordering information . . . . . . . . . . . . . . . . . . . . 11
Block diagram . . . . . . . . . . . . . . . . . . . . . . . . . 12
Limiting values. . . . . . . . . . . . . . . . . . . . . . . . . 14
Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . 15
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Revision history . . . . . . . . . . . . . . . . . . . . . . . . 17
Legal information. . . . . . . . . . . . . . . . . . . . . . . 18
Data sheet status . . . . . . . . . . . . . . . . . . . . . . 18
18
18
19
19
19
20
20
20
Please be aware that important notices concerning this document and the product(s)
described herein, have been included in section ‘Legal information’.
© NXP B.V. 2013.
All rights reserved.
For more information, please visit: http://www.nxp.com
For sales office addresses, please send an email to: [email protected]
Date of release: 1 November 2013
195735