ATAES132A - Summary

ATAES132A
32K AES Serial EEPROM Specification
SUMMARY DATASHEET
Features
CryptoAuthentication
 Crypto Element Device with Secure Hardware-based Key Storage
Ensures Things and Code
are Real, Untampered, and
Confidential
 32Kb Standard Serial EEPROM Memory
 Compatible with the Atmel® AT24C32D and the Atmel AT25320B
 16 User Zones of 2Kb Each
 High-security Features








AES Algorithm with 128-bit Keys
AES-CCM for Authentication
Message Authentication Code (MAC) Capability
Guaranteed Unique Die Serial Number
Secure Storage for up to Sixteen 128-bit Keys
Encrypted User Memory Read and Write
Internal High-quality FIPS Random Number Generator (RNG)
16 High-Endurance Monotonic EEPROM Counters
 Flexible User Configured Security
 User Zone Access Rights Independently Configured
 Authentication Prior to Zone Access
Secure Download and Boot
 Read/Write, Encrypted, or Read-only User Zone Options
Authentication and Protect Code
In-transit
 High-speed Serial Interface Options
Ecosystem Control
Ensure Only OEM/Licensed
Nodes and Accessories Work
 10MHz SPI (Mode 0 and 3)
 1MHz Standard I2C Interface
 2.5V to 5.5V Supply Voltage Range
Anti-cloning
 <250nA Sleep Current
Prevent Building with Identical
BOM or Stolen Code
 8-pad UDFN and 8-lead SOIC Package Options
Message Security
Authentication, Message Integrity,
and Confidentiality of Network
Nodes (IoT)
 Temperature Range: -40°C to +85°C
Benefits
 Easily Add Security by Replacing Existing Serial EEPROM
 Authenticate Consumables, Components, and Network Access
 Protect Sensitive Firmware
 Securely Store Sensitive Data and Enable Paid-for Features
 Prevent Contract Manufacturers from Overbuilding
 Manage Warranty Claims
 Securely Store Identity Data (i.e. Fingerprints and Pictures)
This is a summary document.
The complete document is
available on the Atmel website
at www.atmel.com.
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
Description
The Atmel ATAES132A is a high-security, Serial Electrically-Erasable and Programmable Read-Only Memory
(EEPROM) providing both authentication and confidential nonvolatile data storage capabilities. Access
restrictions for the 16 user zones are independently configured, and any key can be used with any zone. In
addition, keys can be used for standalone authentication. This flexibility permits the ATAES132A to be used in a
wide range of applications.
The AES-128 cryptographic engine operates in AES-CCM mode to provide authentication, stored data
encryption/decryption, and Message Authentication Codes. Data encryption/decryption can be performed for
internally stored data or for small external data packets, depending upon the configuration. Data encrypted by one
ATAES132A device can be decrypted by another, and vice versa.
2
The ATAES132A pinout is compatible with standard SPI and I C Serial EEPROMs to allow placement on existing
2
PC boards. The SPI and I C instruction sets are identical to the Atmel Serial EEPROMs. The extended security
functions are accessed by sending command packets to the ATAES132A using standard write instructions, and
reading responses using standard read instructions. The ATAES132A secure Serial EEPROM architecture allows
it to be inserted into existing applications.
The ATAES132A device incorporates multiple physical security mechanisms to prevent the release of the
internally stored secrets. Secure personalization features are provided to facilitate third-party product
manufacturing.
Pin Descriptions and Configurations
Table 1.
Name
Pin Descriptions
Description
SPI Chip Select Bar Input
SO
Serial Data Out
NC
No Connect
VSS
Ground
SI/SDA
Serial Data In
SCK
Serial Clock Input
NC
No Connect
VCC
Supply Voltage
Table 2.
2
Pin Configurations
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
1.
Introduction
The ATAES132A is the first device in a family of high-security Serial EEPROMs using the Advanced Encryption
Standard (AES) cryptographic algorithm. The ATAES132A provides 32Kb of EEPROM user data memory, sixteen
128-bit Key Registers, sixteen high-endurance monotonic EEPROM Counters, factory unique Die Identification
Numbers, and a Configuration Memory. The Configuration Memory registers control access to the User Memory,
as well as the restrictions on Key and Counter functionality.
2
The User Memory can be accessed directly with standard SPI or I C commands if a user zone is configured for
open or read-only access. If the user zone security is activated, then the extended ATAES132A command set is
used to access the contents of a user zone. The extended ATAES132A commands are executed by writing the
2
command packet to the virtual memory using standard SPI or I C Write commands. The response packet is
2
retrieved by reading it from the virtual memory using standard SPI or I C Read commands.
2
The ATAES132A packages are compatible with standard SPI and I C EEPROM footprints. This allows the
ATAES132A to be inserted into many existing Serial EEPROM applications.
2.
Security Features
All ATAES132A security features are optional. Each feature is enabled or disabled by programming configuration
bits in the EEPROM Configuration Memory. Each user zone, Key, and Counter is separately and independently
configured.
2.1
Architecture
ATAES132A contains all circuitry for performing authentication, encryption, and decryption using keys stored
securely in the internal EEPROM. Since the secrets are stored securely in the ATAES132A, they do not have to
be exchanged prior to executing cryptographic operations.
ATAES132A has fixed cryptographic functionality; it is not a microcontroller and cannot accept customer
firmware. ATAES132A contains a hardware AES cryptographic engine and has a fixed command set. Although
the functionality is fixed, it is also flexible because each feature is enabled or disabled by the customer by
programming registers in the EEPROM Configuration Memory. After personalization is complete, fuses lock the
configuration so it cannot be changed.
2.1.1
AES
The ATAES132A cryptographic functions are implemented with a hardware cryptographic engine using AES in
CCM mode with a 128-bit key. AES-CCM mode provides both confidentiality and integrity checking with a single
key. The integrity MAC includes both the encrypted data and additional authenticate-only data bytes, as
described in each command definition. Each MAC is unique due to inclusion of a Nonce and an incrementing
MacCount Register in the MAC calculation.
2.1.2
Hardware Security Features
The ATAES132A device contains physical security features to prevent an attacker from determining the internal
secrets. ATAES132A includes tamper detectors for voltage, temperature, frequency, and light, as well as an
active metal shield over the circuitry, internal memory encryption, and other various features. The ATAES132A
physical design and cryptographic protocol are designed to prevent or significantly complicate most algorithmic,
timing, and side-channel attacks.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
3
2.2
Authentication
The authentication commands utilize AES-CCM to generate or validate a MAC value computed using an
internally stored key. The command set supports both one-way and mutual authentication. One ATAES132A
device can generate packets for authentication of a second ATAES132A device containing the same key. The
internal authentication status register remembers only the most recent authentication attempt. A user zone can be
configured to require prior authentication of a designated key before access to the user zone is permitted.
2.2.1
Key Authentication
Individual keys can be configured to require a successful authentication prior to use. This requirement can be
used to prevent some kinds of exhaustive attacks on the keys. The authentication requirement can be chained to
require authentication of several keys prior to allowing a particular operation. The internal Authentication Status
Registers remember only the most recent authentication attempt.
3.
Electrical Characteristics
3.1
Absolute Maximum Ratings*
Operating Temperature ....................... -40°C to +85°C
Notice*:
Storage Temperature......................... -65°C to +150°C
Maximum Operating Voltage ................................ 6.0V
DC Output Current ............................................. 5.0mA
Voltage on any pin ...................... -0.7V to (VCC + 0.7V)
HBM ESD ...............................................3kV minimum
3.2
tresses beyond those listed under “Absolute
Maximum Ratings” may cause permanent damage to
the device. This is a stress rating only, and the
functional operation of the device at these or any
other conditions beyond those indicated in the
operational sections of this specification is not
implied. Exposure to absolute maximum rating
conditions for extended periods may affect device
reliability.
Reliability
The ATAES132A is fabricated with the Atmel high reliability CMOS EEPROM manufacturing technology. The
reliability ratings in Table 3-1 apply to each byte of the EEPROM memory.
Table 3-1.
(1)
EEPROM Reliability
Parameter
Write Endurance (each byte)
Min
Max
Units
100,000
Write Cycles
Data Retention (at 55°C)
10
Years
Data Retention (at 35°C)
30
Read Endurance
Note:
4
Typical
1.
50
Years
Unlimited
Read Cycles
These specifications apply to every byte of the User Memory, Configuration Memory, and Key Memory. The
Write Endurance specification also applies to the RNG EEPROM Seed Register.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
3.3
DC Characteristics
3.3.1
Supply Characteristics
Table 3-2.
Supply Voltage and Current Characteristics
Applicable over recommended operating range from TA = -40°C to +85°C, VCC = +2.5V to +5.5V (unless otherwise noted).
Symbol
VCC
(1)
Parameter
Test Conditions
Min
Max
Units
5.50
V
6
mA
10
mA
600
800
µA
(3)
0.10
0.25
µA
(3)
0.25
0.50
µA
Supply Voltage
Typ
(1)
2.50
(4)
fmax
ICC1
Supply Current
VCC = 3.3V at
(3)
SO = Open , Read, Write, or AES operation.
ICC2
Supply Current
VCC = 5.5V at fmax
(3)
SO = Open , Read, Write, or AES operation.
ICC3
Idle Current
VCC = 3.3V or 5.5V at fmax
(3)
SO = Open , Waiting for a command.
ISL1
Sleep Current
VCC = 3.3V;
= VCC , Sleep State
ISL2
Sleep Current
VCC = 5.5V;
= VCC , Sleep State
ISB1
Standby Current
VCC = 3.3V;
= VCC
State
15
30
µA
ISB2
Standby Current
VCC = 5.5V;
= VCC , Standby State
20
40
µA
(4)
(4)
Notes: 1.
(3)
, Standby
(3)
Typical values are at 25°C, and are for reference only. Typical values are not tested or guaranteed.
2.
On power-up, VCC must rise continuously from VSS to the operating voltage, with a rise time no faster than 1V/µs.
3.
All input pins must be held at either Vss or Vcc during this measurement. In SPI interface mode, the
2
be at VCC. In I C interface mode, the
pin may be in either state.
4.
Measurement is performed at the maximum serial clock frequency. In the I C interface mode, fmax is 1MHz. In the
SPI interface mode, fmax is 10MHz.
5.
The ATAES132A does not support hot swapping or hot plugging. Connecting or disconnecting this device to a
system while power is energized can cause permanent damage to the ATAES132A.
pin must
2
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
5
3.3.2
I/O Characteristics
Table 3-3.
DC Characteristics
Applicable over recommended operating range from TA = -40°C to +85°C, VCC = +2.5V to +5.5V (unless otherwise noted).
Symbol
Test conditions
Min
Max
Units
ILI
Input Current
VIN = 0V or VCC
-3.0
3.0
µA
ILO
Output Leakage
VOUT = 0V or VCC
-3.0
3.0
µA
Input Low-Voltage
-0.5
VCC x 0.3
V
Input High-Voltage
VCC x 0.7
VCC + 0.5
V
VIL
(1)
VIH
(1)
VOL1
(2)
VOH1
(2)
VOL2
Notes: 1.
2.
6
Parameter
Output Low-Voltage,
2
Except SI/SDA in I C Mode
IOL = 3.0mA
0
0.4
V
Output High-voltage,
2
Except SI/SDA in I C Mode
IOH = -3.0mA
VCC − 0.8
VCC
V
Output Low-voltage,
2
SI/SDA Pin in the I C Mode Only
IOL = 3.0mA
0
0.4
V
VIL min and VIH max are for reference only, and are not tested.
2
In the I C interface mode, if Auth signaling is enabled, the SO pin functions as the AuthO output. When AuthO is
high, the VOH1 specification applies. When AuthO is not high, the pin is in the high-impedance state; the VOL1
specification is not applicable.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
3.4
AC Characteristics
Table 3-4.
AC Characteristics
Applicable over recommended operating range from TA = -40°C to + 85°C, VCC = +2.5V to +5.5V.
Symbol
tWC1
Parameter
User Zone Write Cycle Time
tWC2
Key Zone Write Cycle Time
(1)
(1)
Min
Max
Units
6.0
9.0
ms
12.0
16.0
ms
Command Response Time
Note:
3.4.1
1.
The write cycle time includes the EEPROM Erase, Write, and Automatic Data Write verification operations.
Power-Up, Sleep, Standby, and Wake-Up Timing
Table 3-5.
Power-Up, Sleep, and Wake-Up Timing Characteristics
(1)
Applicable over recommended operating range from TA = -40°C to + 85°C, VCC = +2.5V to +5.5V.
Symbol
Parameter
Min
Typ
Max
Units
tPU.STATUS
Power-Up Time, Status
500
600
µs
tPU.RDY
Power-Up Ready Time
1200
1500
µs
tSB
Sleep Time, Entering the Standby State
65
100
µs
tSL
Sleep Time, Entering the Sleep State
55
90
µs
tWupSB.STATUS
Wake-Up Status Time, Standby State
50
100
µs
tWupSB.RDY
Wake-Up Ready Time, Standby State
200
240
µs
tWupSL.STATUS
Wake-Up Status, Sleep State
500
600
µs
tWupSL.RDY
Wake-Up Ready Time, Sleep State
1200
1500
µs
Note:
1.
All values are based on characterization and are not tested. Typical values are at 25°C and are for reference
only.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
7
3.4.2
2
I C Interface Timing
Table 3-6.
2
AC Characteristics of I C Interface
Applicable over recommended operating range from TA = -40°C to + 85°C, VCC = +2.5V to +5.5V,
CL = 1 TTL Gate and 100pF (unless otherwise noted).
Symbol
Parameter
fSCK
SCK Clock Frequency
Max
Units
1
MHz
70
percent
SCK Clock Duty Cycle
30
tHIGH
SCK High Time
400
ns
tLOW
SCK Low Time
400
ns
tSU.STA
Start Setup Time
250
ns
tHD.STA
Start Hold Time
250
ns
tSU.STO
Stop Setup Time
250
ns
tSU.DAT
Data in Setup Time
100
ns
tHD.DAT
Data in Hold Time
0
ns
tR
Input Rise Time
(1)
(1)
tF
Input Fall Time
tAA
Clock Low to Data Out Valid
tDH
Data Out Hold Time
tBUF
Time bus must be free before a new transmission can start.
Notes: 1.
2.
8
Min
50
(1)
100
ns
550
ns
ns
500
ns
AC measurement conditions:

RL (connects between SDA and VCC): 2.0kΩ (for VCC +2.5V to +5.0V)

Input pulse voltages: 0.3VCC to 0.7VCC

Input rise and fall times: ≤ 50ns

Input and output timing reference voltage: 0.5VCC
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
ns
50
Values are based on characterization, and are not tested.
ATAES132A [Summary Datasheet]
300
3.4.3
SPI Interface Timing
Table 3-7.
AC Characteristics of SPI Interface
Applicable over recommended operating range from TA = -40°C to + 85°C, VCC = +2.5V to +5.5V,
CL = 1 TTL Gate and 30pF (unless otherwise noted).
Symbol
Parameter
Min
Max
Units
fSCK
SCK Clock Frequency
0
10
MHz
SCK Clock Duty Cycle
30
70
percent
tWH
SCK High Time
40
ns
tWL
SCK Low Time
40
ns
tCS
High Time
50
ns
tCSS
Setup Time
50
ns
tCSH
Hold Time
50
ns
tSU
Data In Setup Time
10
ns
tH
Data In Hold Time
10
ns
tRI
Input Rise Time
(1)
(1)
tFI
Input Fall Time
tV
Output Valid
0
tHO
Output Hold Time
0
tDIS
Output Disable Time
Note:
1.
2
µs
2
µs
40
ns
ns
50
ns
Values are based on characterization, and are not tested.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
9
4.
Ordering Information
To increase security, ATAES132A packages are not marked with the ordering code. The ATAES132A standard
packages are marked with a trace code which is unique for each manufacturing lot. Contact Atmel for additional
information.
A.1
Ordering Codes
Atmel Ordering Code
Interface
Configuration
ATAES132A-SHEQ-B
SPI
ATAES132A-SHER-B
IC
ATAES132A-SHEQ-T
SPI
ATAES132A-SHER-T
IC
ATAES132A-MAHEQ-T
SPI
ATAES132A-MAHER-T
IC
2
Conditioning
Bulk
8S1
NiPdAu
Lead-free/Halogen-free
(Exceeds RoHS
Requirments)
2
2
Temperature
Range
(2)
Industrial
Temperature
(-40°C to 85°C)
8MA2
-B = Bulk

2.
Lead Finish
(1)
Tape and Reel
Notes: 1.
Package
SOIC = 100 per tube.
-T = Tape and Reel

SOIC = 4,000 per reel.

UDFN = 15,000 per reel.
Package Type
10
8S1
8-lead, 0.150” wide body, Plastic Gull Wing mall Outline, Green (JEDEC SOIC)
8MA2
8-pad, 2.0mm x 3.0mm x 0.6mm body, Thermally Enhanced Plastic Ultra Thin Dual Flat No Lead, Green (UDFN)
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
A.2
Mechanical Information
A.2.1
8S1 — 8-lead JEDEC SOIC
C
1
E
E1
L
N
Ø
TOP VIEW
END VIEW
e
b
COMMON DIMENSIONS
(Unit of Measure = mm)
A
A1
D
SIDE VIEW
Notes: This drawing is for general information only.
Refer to JEDEC Drawing MS-012, Variation AA
for proper dimensions, tolerances, datums, etc.
SYMBOL MIN
A
–
A1
0.10
NOM
MAX
–
–
1.75
0.25
b
0.31
–
0.51
C
0.17
–
0.25
D
4.90 BSC
E
6.00 BSC
E1
3.90 BSC
e
1.27 BSC
L
0.40
–
1.27
0°
–
8°
NOTE
3/6/2015
Package Drawing Contact:
[email protected]
TITLE
8 1, 8-lead (0.150” Wide Body), Plastic Gull Wing
Small Outline (JEDEC SOIC)
GPC
SWB
DRAWING NO.
REV.
8S1
H
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
11
A.2.2
8MA2 — 8-pad UDFN
E
1
8
Pin 1 ID
2
7
3
6
4
5
D
C
TOP VIEW
A2
SIDE VIEW
A
C
A1
E2
b (8x)
8
7
1
D2
6
3
5
4
e (6x)
K
L (8x)
BOTTOM VIEW
Notes:
COMMON DIMENSIONS
(Unit of Measure = mm)
2
Pin#1 ID
1. This drawing is for general information only. Refer to
Drawing MO-229, for proper dimensions, tolerances,
datums, etc.
2. The Pin #1 ID is a laser-marked feature on Top View.
3. Dimensions b applies to metallized terminal and is
measured between 0.15 mm and 0.30 mm from the
terminal tip. If the terminal has the optional radius on
the other end of the terminal, the dimension should
not be measured in that radius area.
4. The Pin #1 ID on the Bottom View is an orientation
feature on the thermal pad.
SYMBOL
MIN
NOM
MAX
A
0.50
0.55
0.60
A1
0.0
0.02
0.05
A2
-
-
0.55
D
1.90
2.00
2.10
D2
1.40
1.50
1.60
E
2.90
3.00
3.10
E2
1.20
1.30
1.40
b
0.18
0.25
0.30
C
L
3
0.152 REF
0.35
e
K
NOTE
0.40
0.45
0.50 BSC
0.20
-
-
11/2/15
Package Drawing Contact:
[email protected]
12
TITLE
8MA2, 8-pad 2 x 3 x 0.6mm Body, Thermally
Enhanced Plastic Ultra Thin Dual Flat No-Lead
Package (UDFN)
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
GPC
DRAWING NO.
REV.
YNZ
8MA2
H
5.
Revision History
Doc. Rev.
Date
Comments
8914BS
02/2016
Corrected ordering codes ATAES132A-SHEQ-B and ATAES132A-SHER-B by adding “-B”.
Updated 8MA2 package drawing.
Added a high-feature bullet, “Guaranteed Unique Die Serial Number.”
8914AS
03/2015
Initial summary document release.
ATAES132A [Summary Datasheet]
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
13
Atmel Corporation
1600 Technology Drive, San Jose, CA 95110 USA
T: (+1)(408) 441.0311
F: (+1)(408) 436.4200
│
www.atmel.com
© 2016 Atmel Corporation. / Rev.:Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016.
Atmel®, Atmel logo and combinations thereof, Enabling Unlimited Possibilities®, ryptoAuthentication™, and others are registered trademarks or trademarks of Atmel
Corporation in U.S. and other countries. Other terms and product names may be trademarks of others.
DISCLAIMER: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is
granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND CONDITIONS OF SALES LOCATED ON THE ATMEL
WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE
FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS AND PROFITS,
BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to
make changes to specifications and products descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Unless specifically
provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel products are not intended, authorized, or warranted for use as components in
applications intended to support or sustain life.
14
SAFETY-CRITICAL, MILITARY, AND AUTOMOTIVE APPLICATIONS DISCLAIMER: Atmel products are not designed for and will not be used in connection with any applications where the
failure of such products would reasonably be expected to result in significant personal injury or death (“ afety- ritical Applications”) without an Atmel officer's specific written consent. afetyCritical Applications include, without limitation, life support devices and systems, equipment or systems for the operation of nuclear facilities and weapons systems. Atmel products are not
designed nor intended for use in military or aerospace applications or environments unless specifically designated by Atmel as military-grade. Atmel products are not designed nor intended for
use in automotive applications unless specifically designated by Atmel as automotive-grade.
Atmel-8914BS-CryptoAuth-ATAES132A-Datasheet-Summary_022016
ATAES132A [Summary Datasheet]