Features • • • • • • • • • • • • Low-power, Low-voltage CMOS IDIC® Contactless Power Supply, Data Transmission and Programming of EEPROM Radio Frequency (RF): 100 kHz to 150 kHz, Typically 125 kHz Programmable Adaptation of Resonance Frequency Easy Synchronization with Special Terminators High-security Method Unilink Challenge Response Authentication by AUT64 Crypto Algorithm Encryption Time < 10 ms, Optional < 30 ms Programmable at 125 kHz 320-bit EEPROM Memory in 10 Blocks of 32 Bits Each Programmable Read/Write Protection Extensive Protection Against Contactless Malprogramming of the EEPROM Programming Time for One Block of the EEPROM Typically 16 ms Main Options Set by EEPROM: – Bit Rate [Bit/s]: RF/32, RF/64 – Encoding: Manchester, Bi-phase 1. Description Standard Read/Write Crypto Identification IC e5561 The e5561 is a member of Atmel®’s IDentification IC (IDIC) family for applications where information has to be transmitted contactlessly. The IDIC is connected to a tuned LC circuit for power supply and bi-directional data communication (Read/Write) to a base station. Atmel offers an LC circuit and a chip assembled in the form of a transponder or tag. These units are small, smart and rugged data storage units. The e5561 is a Read/Write crypto IC for applications which demand higher security levels than standard R/W transponder ICs can offer. For that purpose, the e5561 has an encryption algorithm block which enables a base station to authenticate the transponder. The base station transmits a random number to the e5561. This challenge is encrypted by both IC and base station. The e5561 sends back the result to the base station for comparison. As both should possess the same secret key, the results of this encryption are expected to be equal. Any attempt to fake the base station with a wrong transponder will be recognized immediately. The on-chip 320-bit EEPROM (10 blocks of 32 bits each) can be read and written blockwise by a base station. Two or four blocks contain the ID code and six memory blocks are used to store the crypto key as well as the read/write options. The crypto key and the ID code can be protected individually against overwriting. Likewise, the crypto key cannot be read out. 125 kHz is the typical operational frequency of a system using the e5561. Two read data rates are programmable. Reading occurs through damping the incoming RF field with an on-chip load. This damping is detected by the field-generating base station. Data transmission starts after power-up with the transmission of the ID code and continues as long as the e5561 is powered. Writing is carried out with Atmel's writing method. To transmit data to the e5561, the base station has to interrupt the RF for a short time to create a field gap. The information is encoded in the number of clock cycles between two subsequent gaps. 4699D–RFID–09/06 Transponder System Example Using e5561 Transponder Challenge Base station Response Coil interface Power Data Controller Figure 1-1. Memory Crypto e5561 2. Internal Modes The e5561 can be operated in several internal modes, each providing a special function. These are: • Start-up • ID mode • Programming mode • Direct-access mode • Crypto mode • Stop mode • Password function The following section gives a short functional description of each mode. A more detailed description is given in the section “Operating the e5561” on page 10. 2.1 Start-up After the Power-On Reset (POR) has reset the entire circuit, the e5561 is configured by reading out the configuration data bits of the EEPROM. 2.2 ID Mode During ID mode, the e5561 transmits an identification data stream (ID code) to the base station. As the base station reads out data coming from the transponder, this direction of data transmission will be designated as read. The ID code is sent in loop as long as the RF field is applied. The single parts of the data stream and the type of modulation depend on the configuration loaded during start-up. The following options are available during ID mode: • Two different bit rates and modulations • Two possible lengths of the ID code (64 bits or 128 bits) • Two different terminators • A 4-bit preburst followed by terminator 1 between start-up and sending the first data bits of the ID code 2 e5561 4699D–RFID–09/06 e5561 2.3 Programming Mode The e5561 must be programmed before being used in a security system. The e5561 contains a 320-bit EEPROM which is arranged in 10 blocks of 32 bits each. Programming the e5561 is carried out blockwise, i.e., every single block has to be programmed separately. The blocks of the EEPROM are divided into 4 sections: • Configuration • ID code • Crypto key • Customer configuration Every section consists of one or more EEPROM blocks. Programming is carried out by sending the programming data sequence to the e5561. When the base station sends data to the transponder, this direction of data transmission will be designated as write. When the base station has sent the data sequence and the specified block has been programmed, the e5561 transmits the content of the programmed EEPROM block. The content is always sent in loop with terminator 1. The beginning of the data stream is indicated by a preburst. During programming, the e5561 monitors several fault and protection mechanisms. If a fault or a protection violation is detected, the e5561 switches to ID mode. 2.4 Direct-access Mode If the base station transmits a special data sequence to the e5561, it will enter the direct-access mode. The base station can activate two different functions: • Read the content of a single block of the EEPROM In this case, the e5561 transmits the block's content in loop, starting with a preburst followed by the terminator which is also used to indicate the beginning of the transmission of the specified block data. • Reset the e5561 in case of all modes During direct-access mode, the e5561 monitors several fault and protection mechanisms. If a fault or a protection violation is detected, the e5561 switches to ID mode. 2.5 Crypto Mode In crypto mode, a non-linear high-security encryption algorithm called AUT64 is used to authenticate the e5561. After the base station has identified the e5561 (i.e., read the ID code), the base station may authenticate the transponder by transmitting a challenge. Receiving this data sequence causes the e5561 to switch to crypto mode. This initiates the following actions: • While calculating the AUT64 result, the transponder transmits the checksum of the challenge • The e5561 generates the response from the calculated result of the AUT64 • As soon as the calculation is finished, the e5561 interrupts the transmission of the checksum by sending a terminator • The e5561 transmits the response in loop with a terminator back to the base station 3 4699D–RFID–09/06 The base station can read the response and authentify the transponder. It is possible to interrupt the calculation of the AUT64 result by sending another data sequence (e.g., if the checksum was found to be wrong). During crypto mode, the e5561 monitors several fault and protection mechanisms. If a fault or a protection violation is detected, the e5561 enters ID mode. 2.6 Stop Mode If two or more transponders are used simultaneously (e.g., in a manufacturing step), it might be useful to be able to set the transponders to a passive state. To avoid a communication conflict, the base station has to transmit a special data sequence to the active transponder(s) forcing them to switch to stop mode. In stop mode, the e5561 switches off the damping as long as the RF field is applied. After a power-on reset or after having received the software-reset command, the e5561 enters start-up and ID mode again. During the data sequence of the stop mode, the e5561 monitors fault mechanisms. If a fault is detected, the e5561 enters ID mode. The stop command can be disabled. Note: 2.7 For correct stop-mode operation it is necessary that the field be switched off instantly. Password Function The password function is a separate protection mechanism to prevent a base station from reading or manipulating the internal configuration and data blocks of the e5561 without knowing the password. Only a transition to the crypto mode is possible. If the password function is active, the base station must first send the password to enable any other operations. During password mode, the e5561 monitors several fault and protection mechanism. If a fault or a protection violation is detected, the e5561 enters ID mode. 2.8 Mode Transitions If the e5561 is in ID mode and the base station transmits a write sequence by interrupting the RF field, the internal mode changes according to the received write sequence. If an error has been detected or the password function has been enabled, the e5561 remains in ID mode. A transition to and from all other modes (except the ID mode) is possible by sending the corresponding write sequence. Once the ID mode is left, switching to another mode is only possible by sending an incorrect data sequence to the transponder. 4 e5561 4699D–RFID–09/06 e5561 Figure 2-1. State Diagram of the e5561 (Overview) Reset Start-up ID Mode Gap Sequence Received Password Function Error Direct-access Mode Programming Mode Crypto Mode Transmit Data Transmit Data Transmit Data Stop Mode Gap Note: This diagram provides only an overview. In reality, more transitions are possible. 5 4699D–RFID–09/06 3. Building Blocks Figure 3-1. Block Diagram Modulator Crypto Circuit Bitrate Generator Coil2 Conf. Register CONTROLLER Configuration Data Transmission EEPROM Control Error Detection Encryption 3.1 VSS Crypto Key 64- or 128-bit Code Test Logic VDD EEPROM Memory HV Generator Adapt Analog Front End Bit Decoder Coil1 Input Register POR Test pads Analog Front End (AFE) The AFE includes all circuits directly connected to the coil. It generates the IC's power supply and handles the bi-directional data communication with the base station. It consists of the following blocks: • Rectifier to generate a DC supply voltage from the AC coil voltage • Clock extractor • Switchable load between Coil1/Coil2 for data transmission from the IC to the base station (read) • Field gap detector for data transmission from the base station to the IC (write) 3.2 Controller The controller has the following functions: • Initialize and refresh the EEPROM’s configuration register • Control memory access (read, program) • Handle correct write data transmission • Error detection and error handling • Control encryption operation • Control the adaptation of resonance frequency 6 e5561 4699D–RFID–09/06 e5561 3.3 Power-On Reset (POR) The power-on reset is a delay reset which is triggered when the supply voltage is applied. 3.4 Configuration Register The configuration register stores the configuration data read out from EEPROM blocks 0 and 9. It is continuously refreshed which increases the reliability of the device (if the initially loaded configuration was wrong or modified, it will be corrected by subsequent refresh cycles). 3.5 Adapt The derivation of the resonant frequency between the base station and transponder can be minimized by switching the on-chip capacitors in parallel to the LC circuit of the transponder. By using an antenna coil in the range of 4 mH matched to 128 kHz, a tuning range of about 5% can be achieved by the internal switch capacitors. For the adapt bit setting, the related bits (9 to 11) and the activation bit (6) in the configuration block 0 have to be set. The typical resonant frequency range is determined with 128 kHz using the 000 setting and 121 kHz using the 111 setting. Note: 3.6 Due to a mailfunction, adapt bit setting 111 should not be used. Bit-rate Generator The bit-rate generator can deliver bit rates of RF/32 and RF/64 for data transmission from the e5561 to the base station. 3.7 Bit Decoder The bit decoder forms the signals needed for write operations and decodes the received data bits in the write data stream. 3.8 Modulator The modulator consists of two data encoders and the terminator generator. There are two kinds of modulation: • Manchester – Mid-bit rising edge = data H – Mid-bit falling edge = data L • Bi-phase – Every bit creates a change, a data 0 creates an additional mid-bit change By using Bi-phase modulation, data transmission always starts with damping on. 3.9 HV Generator The HV generator is a voltage pump which generates about 18 V for programming the EEPROM. 7 4699D–RFID–09/06 3.10 Memory The memory of the e5561 is a 320-bit EEPROM which is arranged in 10 blocks of 32 bits each. All 32 bits of a block are programmed simultaneously. The programming voltage is generated on-chip. Block 0 is reserved for basic configuration data. Blocks 1 to 9 are freely programmable. Blocks 1 to 4 are used for the ID code, blocks 5 to 8 contain the crypto key. In password mode, bits 4 to 31 of block 9 contain the password; bits 0 to 3 of block 9 contain the customer-configuration data. If no password is required, the corresponding bits can be programmed freely. Note: Data from the memory is transmitted serially, starting with the least significant bit. The basic configuration data in block 0 contains the following information (see Figure 5-4 on page 12): • Type of modulation and bit rate • Length of ID code • Several lock-bits • Terminator set The customer-configuration data in block 9 contains (see Figure 5-5 on page 12): • Lock-bit for ID code (blocks 1 and 4/1 to 4) • Lock-bit for crypto key (block 5 to 8) • Lock-bit for block 9 • Password mode enable Figure 3-2. Types of Modulation DataClk ReadData 0 1 0 0 1 1 0 damping off Bi-phase Manchester damping on start of transmission 8 e5561 4699D–RFID–09/06 e5561 Figure 3-3. Memory Map 31 Password 0 3 4 bit conf. Block 9 Crypto key Blocks 5 to 8 ID code Blocks 1 to 4 Configuration data Block 0 32 bits 3.11 Crypto Circuit The crypto circuit uses the certified AUT64 algorithm to encrypt the challenge which is written to the e5561. The computed result can be read out by the base station. Comparing the encryption results of the base station and the e5561, a high-security authentification procedure is established. This procedure requires the crypto key of the e5561 and the base station to be equal. The crypto key is stored in blocks 5 to 8 of the EEPROM and can be locked by the user to avoid read out or changes. 4. Protection Mechanisms Several protection mechanisms are implemented into the e5561. These are mainly: • Error mechanisms to detect a fault. These mechanisms are always enabled. • Programmable protection mechanisms. These mechanisms are optional. When used, they provide protection against attempts to break the security system. 4.1 Password Protection If the password protection is enabled, the e5561 remains in ID mode even if it has received a correct write sequence. The only possible operation is to modify the content of block 9 by sending the correct password bits. In all other cases, an error handling procedure is started and the e5561 enters ID mode. 4.2 Lock-bit Protection A lock-bit is a physical part of the EEPROM's content and is under user control. The lock-bit protection mechanism has two different effects: • Avoid programming (modifying data) of the EEPROM's blocks • Avoid reading out the crypto key from the EEPROM using the direct-access mode If the base station tries to read out the crypto key and the corresponding lock-bit is set, the e5561 will enter ID mode immediately. Once the crypto key lock-bit is set, the crypto key can not be modified or read out any more. 9 4699D–RFID–09/06 There are several lock-bits available, each affecting a special data region of the EEPROM. The main groups of lock-bits are: • Lock-bits to inhibit programming of the specified blocks of the EEPROM • Lock-bits to inhibit programming of the specified blocks of a specific address range In both cases, an attempt to modify a data region protected by a lock-bit will cause an error handling procedure (i.e., the e5561 enters ID mode) 4.3 Stop Mode The stop mode can also be used as a protection mechanism, e.g., during configuration at manufacturing. The base station can configure the transponders one by one, forcing them into stop mode after programming. In this way, transponders can be programmed even if there are other transponders in the RF field at the same time. 5. Operating the e5561 5.1 General The basic functions of the e5561 are: • Supply the IC from the coil • Read data from the EEPROM to the base station • Authenticate the IC • Receive commands from the base station and program the received data into the EEPROM. Several write errors can be detected to protect the memory from being overwritten with incorrect data. A password function is implemented ensuring that only authorized people can operate the IC. Operating modes: • ID mode: the e5561 sends the ID code to the base station • Programming mode: the e5561 programs the EEPROM with data bits received from the base station • Direct-access mode: the e5561 sends the content of single blocks of the EEPROM to the base station • Crypto mode: the e5561 computes a response according to the challenge received from the base station and sends the response to the base station • Stop mode: the e5561 stops modulation An additional password function enables the e5561 to be operated only by a person who knows the password programmed in the EEPROM memory. 5.2 Supply The e5561 is supplied via a tuned LC circuit which is connected to Coil1 and Coil2 pads. The incoming RF (actually a magnetic field) induces a current into the coil which powers the chip. The on-chip rectifier generates the DC supply voltage (VDD, VSS pads). Overvoltage protection prevents the IC from damage due to high field strengths (depending on the coil, the open-circuit voltage across the LC circuit can reach more than 100 V). The first occurrence of RF triggers a power-on reset pulse, ensuring a defined start-up state. 10 e5561 4699D–RFID–09/06 e5561 5.3 Start-up The various modes of the e5561 are activated after the first read-out of the configuration. The modulation is on during power-on reset and is off while the configuration is read. After this initialization period of 190 + POR time FCs, the e5561 activates the adaption bit setting defined by configuration and enters in ID mode. If the IC is configured with terminator 1, a data value of FH acc. selected data coding is sent in advance of terminator and read data (see Figure 5-2). Figure 5-1. Application Circuit Coil of base station Tuned LC Energy Coil 1 125 kHz e5561 VDD Coil 2 Data Figure 5-2. VSS Voltage at Coil1/Coil2 after Start-up (e.g., RF/32, Manchester, Terminator 1) Damping off VCoil1-Coil2 Load config. (190 FCs) Power-on reset 5.4 Read Fh Term. 1 Damping on Read data with selected modulation and bit-rate Adaptation setting Configuration The configuration data of the e5561 is stored in block 0 of the EEPROM which contains the following information (see Figure 5-3 on page 12): • Type of modulation and bit rate • ID code length • Several lock-bits • Selected terminator • Stop mode selection for short/long authentication time • Adaptation of resonance frequency The configuration may be changed by programming block 0. However, this is only possible if the lock-bit L_0 in block 0 has not been set. 11 4699D–RFID–09/06 Figure 5-3. Configuration Data in Block 0 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 20 bit Supplier Chip ID (SCID) 9 AUT L_0 adapt bits 7 6 5 3 4 2 1 0 1 1 1 adapt bits MOD BR BC T S A 8 Modulation (0 = Manchester, 1 = Bi-phase) Bit-rate (0 = RF/32, 1 = RF/64) Bitcount (0 = 128 bit, 1 = 64 bit) ID Terminator Stop mode (0 = off, 1 = on) Adapt (1 = value according to user programmed adapt bit setting) Number of AUT64-times, 0 = 24 times, 1 = 8 times Lock-bit for block 0 (1 = active) Tuning bits L_0 AUT A T S Test only Terminator Terminator No terminator BC BR MOD [1] [0] 0 1 0 1 0 0 1 1 Block 9 contains the customer configuration and the password (if password function is enabled). The customer-configuration data in block 9 includes (see Figure 5-5): • Lock-bit for ID code (blocks 1 and 4/1 to 4) • Lock-bit for crypro key (block 5 to 8) • Lock-bit for block 9 • Password function enable If the password function has been enabled, bits 4 to 31 represent the password of the e5561. Figure 5-4. Customer Configuration Data in Block 9 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 28 bit Password PWD L_9 L_K L_ID 5.5 Password enable ('1' = active) Lockbit for block 9 ('1' = active) Lockbit for blocks 5 to 8 (crypto key) ('1' = active) Lockbit for blocks 1 and 4/1 to 4 (ID code) ('1' = active) L_9 L_ID PWD L_K Data Transmission to the Base Station (Read) Data transmission from the e5561 to the base station is carried out by switching a load between the coil pads on (damping) and off. This changes the current through the IC coil which can be detected by the base station. Figure 5-5. Signals from the Transponder During Reading Coil voltage of the e5560 Coil voltage of the base station 12 e5561 4699D–RFID–09/06 e5561 5.5.1 ID Mode The ID mode is the default mode after power-up. The ID code is read out of the EEPROM and sent to the base station. 5.5.2 Modulation and Bit Rate The different bit rates and modulations of the e5561 can be selected using the appropriate bit in block 0. Available bit rates are RF/32 and RF/64; the e5561 provides Bi-phase and Manchester modulation. Figure 5-6. Types of Modulation DataClk 1 0 ReadData 0 0 1 1 0 damping off Bi-phase Manchester damping on start of transmission 5.5.3 Data Streams Reading begins with block 1 (LSB first). Depending on the selected bit count, block 1 is followed by block 2, 3 and 4 (128-bit bit count) or just by block 4 (64-bit bit count). The ID code is transmitted in loop or interrupted by the selected terminator, respectively. To avoid malfunction, the mode register is refreshed continuously with the content of EEPROM blocks 0 and 9 during reading of block 4. The data streams of the ID mode are shown in Figure 5-7. Figure 5-7. ID Mode Data Streams 128-bit Bit-count with Terminator block 1 block 2 block 3 block 4 Terminator block 1 block 2 block 3 block 4 Terminator 64-bit Bit-count with Terminator block 1 block 4 Terminator block 1 block 4 Terminator 128-bit Bit-count without Terminator block 1 block 2 block 3 block 4 block 1 block 2 block 3 block 4 64-Bit bit-count without Terminator block 1 block 4 block 1 block 4 13 4699D–RFID–09/06 5.5.4 Terminators Terminators are a special pattern to mark the beginning and the end of a code. The terminators may be used to synchronize the base station. They can be detected reliably since they are a violation of the modulation scheme. After a terminator is sent, transmission of the first bit of the ID code starts with damping on for a certain detection (if Bi-phase modulation is used). Note: Figure 5-8. Terminator 2 is only available in ID mode; all other modes make use of terminator 1. Terminators Terminator 1 Terminator [3-bit period] bit period last bit Terminator 2 Terminator if bitrate = RF/64 [416 FCs] bit period last bit 16 64 16 bit period 32 5.6 first bit 1.5-bit period (damping = off) 16 128 FCs 208 FCs (damping = off) first bit Terminator if bitrate = RF/32 [384 FCs] last bit 16 16 16 128 FCs 176 FCs (damping = off) first bit Data Transmission to the e5561 (Write) Data transmission from the base station to the e5561 is carried out by using Atmel’s write method. It is based on interrupting the RF field with short gaps. The number of field clock cycles (FC) of two consecutive gaps encodes the 0/1 bit-information to be transmitted. 5.6.1 Start Gap The first gap is the start gap which triggers writing. During writing the damping is permanently enabled which simplifies gap detection. The start gap has to be longer than the subsequent gaps in order to be reliably detected. By default, a start gap will be detected at any time after start-up initialization has been finished (field-on plus approximately 2 ms). 14 e5561 4699D–RFID–09/06 e5561 Figure 5-9. Signals to the Transponder During Writing >64 FCs = EOT RF_Field Start Gap 1 0 1 1 0 Field clock reading 5.6.2 reading writing Bit Decoder The duration of the gaps is usually 50 µs to 150 µs. The time between two gaps is nominally 24 field clocks for a 0 and 56 field clocks for a 1. The bit will be interpreted as 0 if there are 16 to 32 field clocks since the last field gap; it will be interpreted as 1 if the number of field clock cycles is in a range of 48 to 64. When there is no gap for more than 64 field clocks, writing is carried out (EOT). If there is a wrong number of field clocks between two gaps – i.e., one or more data sent were not a valid 0 or 1 – the e5561 will detect an error (see section “Error Handling” on page 19). Figure 5-10. Bit Decoding Scheme (Number of FCs Between Two Consecutive Gaps) 16 1 32 48 64 Bit decoder fail 5.6.3 0 fail 1 EOT OPcodes The OPcode is defined as the first two bits of a writing sequence. It is used for changing the operational modes of the e5561. There are three valid OPcodes: The programming mode and direct-access mode are entered with the 10 OPcode, 01 is used to initiate the authentication of the e5561, and the OPcode '00' disables modulation until a POR occurs. Figure 5-11. OPcodes Programming mode Direct-access mode 10 1 0 more data... Start gap Crypto mode 01 Stop mode 11 0 more data... 1 1 1 > 64 clocks 15 4699D–RFID–09/06 5.6.4 Programming Mode Programming the EEPROM of the e5561 is carried out blockwise, i.e., every single block has to be programmed separately. The programming-mode write sequence is shown in Figure 5-12. After OPcode 10, the 32 data bits have to be sent followed by the four address bits specifying the block to be programmed (each LSB first). The sequence is completed by sending an EOT (end of transmission), i.e., more than 64 field clocks without any gap. Figure 5-12. Programming Mode Write Sequence OP code 10 0 block address 31 0 ADR 3 EOT 0 . . . . . .9 data bits Data bits When the entire write sequence has been written to the e5561, programming may proceed. There is a 64-clock delay between the end of writing and the start of programming. During this time, the EEPROM's programming voltage VPP is measured and the lock-bit for the block to be programmed is examined. Further, VPP is continually monitored throughout the programming cycle. If VPP is too low, the chip starts error handling. The programming time is 16 ms (including erase) with a field clock frequency of 125 kHz. Figure 5-13. Programming EOT received Write mode programming ends 16 ms Check VPP 0.512 ms programming starts VPP on Operation write VPP and lock ok? erase EEPROM program EEPROM read After programming has been carried out, the e5561 sends an Fh preburst followed by terminator 1. After that, the data just programmed is read out of the EEPROM and sent in loop with terminator 1. This enables the base station to detect a malprogramming by comparing the data transmitted with the data read out after programming. This mode remains until a POR occurs or another gap is detected. Figure 5-14. Programming Mode Data Stream write sequence 16 program block read Fh Terminator 1 read block Terminator 1 read block e5561 4699D–RFID–09/06 e5561 Figure 5-15. Coil Voltage in Programming Mode V Coil1-Coil2 End of programming sequence 5.6.5 16 ms programming read Fh Term. read block Term. read block Direct-access Mode The direct-access mode is typically used to read out the content of a single block of the EEPROM. The write sequence is shown in Figure 5-16. Following the OPcode 10, the address of the block to be read has to be sent (LSB first). Figure 5-16. Direct-access Mode Write Sequence 10 0 ADR 3 EOT It is always possible to read the content of block 0 and the four blocks of the ID code. The blocks containing the crypto-key (blocks 5 to 8) can only be accessed when the corresponding lock-bit in block 9 is not set. Therefore, there is no possibility for a non-authorized person to read out or modify the crypto key if it is locked. Figure 5-18 shows the direct-access-mode data stream. After the write sequence, an FFh preburst is sent followed by terminator 1. After that, the addressed block and terminator 1 are sent in loop. Figure 5-17. Direct-access Mode Data Stream write sequence read FFh Terminator 1 read block Terminator 1 read block Figure 5-18. Coil Voltage in Direct-access Mode VCoil1-Coil2 End of direct access sequence 5.6.6 read FFh Term. read block Term. read block Software Reset To set up the ICs in a defined state, a software reset command can be executed by sending a pseudo block address Fh. The write sequence is shown in Figure 5-20 on page 18. The Reset command is also accepted during stop mode. Figure 5-19. Software Reset 10 1 1 1 1 EOT 17 4699D–RFID–09/06 5.6.7 Crypto Mode The crypto mode enables a high-security authentication of the e5561. For this purpose, a certified algorithm called AUT64 is used. The crypto-mode write sequence is shown in Figure 5-20. After the OPcode 01, the challenge is sent to the e5561 (LSB first). Figure 5-20. Crypto Mode Write Sequence 01 0 Challenge bits 63 EOT After the write sequence, the AUT64-algorithm is started. The computation of the response takes about 30/10 ms (125 kHz). During this time, a checksum – the number of the challenge bits set to 1 – can be read by the base station. Once the response has been computed, the base station can read the response in loop with the terminator 1. This remains until a POR occurs or another gap is detected. The data stream of the crypto mode is shown in Figure 5-21. Figure 5-21. Crypto Mode Datastream write sequence read 00b read FFh checksum Terminator 1 response Terminator 1 During the encryption calculation, the checksum is sent in loop with a special pattern (see Figure 5-23). The bits of the checksum are sent with LSB first. If the base station detects an error by comparing the checksum, the calculation of the response can be interrupted by sending a new challenge. This will start the authentication procedure again. Figure 5-22. Checksum Data FFh Data 6-bit checksum 0 1 1 1 1 1 1 1 1 0 Data FFh Data 5 0 1 1 1 1 1 1 1 1 0 0 Figure 5-23. Coil Voltage in Crypto Mode V Response calculated Coil1-Coil2 End of programming sequence read FFh read 00b checksum read FFh Term. response Term. The encryption time is programmable in two options: The entire algorithm AUT64 is executed 8 or 24 times. This feature can be set at block 0, bit 7. 18 e5561 4699D–RFID–09/06 e5561 5.6.8 Stop Mode If several transponders enter the RF field of the base station one after the other (e.g., in a manufacturing step), it might be useful to be able to set the transponder in a passive state. In this case, the transponder may be collected one by one and disabled after being read out. To avoid a communication conflict, the base station has to transmit a special data sequence to the active transponder(s) forcing them to enter the stop mode. During stop mode, the e5561 switches off the damping as long as the RF field is applied. After a power-on reset, the e5561 enters the start-up and the ID mode again. An other possibility to exit the stop mode is to send the software reset (see Figure 5-25). This command results in a new initialization of the IC. Figure 5-24. Stop Mode Data Sequence 11 EOT Figure 5-25. Write Sequence to Disable Password Function 10 XXXX 4 Password 31 1 0 0 1 EOT X = do not care (both 0 or 1 acceptable) 5.6.9 Password Function The password function is a separate protection mechanism to prevent that a base station from reading or manipulating the internal configuration and data blocks of the e5561 without knowing the password. The password function may be used to prevent unauthorized programming or reading via direct-access mode. If the password bit in block 9 of the EEPROM is set, only certain operations are possible, i.e., reading the ID code in ID mode or authentication. For programming or direct-access mode, the password function has to be disabled by receiving the password. If this function is enabled, the customer configuration can only be changed by an authorized person using the correct password of the e5561. During password mode, the e5561 monitors several fault and protection mechanism. If a fault or a protection violation is detected, the e5561 enters ID mode. 5.7 Error Handling Several error conditions can be detected to ensure that only valid operations affect the e5561. 19 4699D–RFID–09/06 5.8 Errors while Writing Data There are four detectable errors possible during writing data to the e5561: • Field gap was not detected • Wrong number of field clocks between two gaps, e.g., 37 FCs • The OPcode is not valid (11) • The number of bits received is incorrect; valid bit counts are: – programming mode: 38 bits – direct-access mode: 6 bits – crypto mode: 66 bits – stop mode: 2 bits If any of these four conditions is detected, the e5561 stops writing and enters ID mode. This can easily be analyzed using the damping which is usually on during writing. It changes according to the selected modulation scheme in ID mode. 5.8.1 Errors During Programming Mode If the writing sequence has been transmitted successfully, there are three errors that may prevent the e5561 from programming the data to the EEPROM: • The programming voltage VPP is too low, i.e., the field strength is not high enough • The lock-bit of the addressed block is set • The password function is enabled In these cases, the procedure stops immediately after the error has been detected and the IC reverts to ID mode. 5.8.2 Errors During Direct-access Mode In addition to the possible errors mentioned before, two errors may occur in direct-access mode: • The lock-bit of the addressed block 5 to 8 is set • The password function is enabled In these cases, the IC enters ID mode after the end of the writing sequence. 5.8.3 Errors During Crypto Mode In crypto mode, ONE error mechanism is active, that may prevent the e5561 from sending the correct response: • Error during the crypto writing sequence The e5561 will enter ID mode immediately if an error in the writing sequence is detected. If the password function is enabled, the e5561 enters ID mode after having completed the writing sequence. 20 e5561 4699D–RFID–09/06 e5561 5.8.4 Error Handling During Password Mode If password function is enabled and the password transmitted does not match the programmed password, the full programming sequence is performed but without programming block 9. This makes it more difficult to find out the correct password by trial and error because in each case the result of the operation can only be recognized after the whole sequence has been processed. This increases the time needed to check a certain number of combinations. Figure 5-26. Simplified Error Handling of the e5561 Power-on reset Start-up Send ID code Receive OPcode fail ok Receive data fail EOT Password function Password ok or disabled Number of bits fail fail Error handling ok Lock-bit fail ok VPP fail ok fail Program 21 4699D–RFID–09/06 5.9 Authentication Especially for applications with high-security demands such as immobilizer systems, the e5561 contains an optimized authentication procedure with the following advantages: • Secure and fast authentication (< 100 ms) • Application-optimized high-security algorithm • Customer-specific generation of unique keys Therefore, a high-security data transmission and encryption as well as a short authentication time is achieved. For further information, some additional documentation and programs are available under NDA: • The encryption process of the e5561 • Key generating program • Algorithm program Figure 5-27. Authentication Procedure Base station e5561 Generate RF field Receive the ID code and select the crypto key ID code Transmit ID code Challenge Receive the datastream Generation of random number R Calculation of the challenge R' (encrypted random number R) Transmit the challenge Decryption of R' to R Receive the checksum Checksum in loop Transmit the checksum AUT64 with R as input value AUT64 with R as input value Calculate the valid response Calculation of the response Interrupt transmission of checksum Receive the response generated by the e5561 Response in loop Transmit response Authenticate by comparing the responses of e5561 to its own result 22 e5561 4699D–RFID–09/06 e5561 5.9.1 Initialization Before using the e5561 in crypto mode, it has to be initialized. First, the crypto key to be used by the crypto algorithm has to be generated by the key-generating program. This program guarantees that each crypto key is unique, no other e5561 has the same key. This key has to be stored in the memory (block 5 - block 8) of the e5561 via the programming mode. Once the crypto key is locked, it can not be overwritten or read out anymore with direct-access mode. For correct authentication it is necessary that base station and transponder both use the same key. Therefore, the base station needs to know which transponder is currently in the field. Only then, the base station can select the key corresponding to this particular transponder. For this identification the e5561 sends a string of data after it has been powered up. This ID code must also be stored in the e5561. 5.9.2 Starting the Authentication After power-up the various modes (bit rate, encoding) are read out of block 0. Then, the e5561 transmits the ID code to identify itself. Thereby, the base station can identify the transponder and knows which crypto key to use. The base station forces the e5561 into crypto mode by sending the OPcode 01 followed by a 64-bit string, the challenge. 5.9.3 Challenge The base station generates a 64-bit random number R. This number is the starting value of the actual encryption algorithm. To improve security, this random number is not sent directly to the transponder, but is encrypted by means of a part of the crypto key. The encoded result R' is then transmitted as challenge to the transponder. Once the transponder has received the encoded random number R', it recovers the random number R originally generated by the base station. Both devices, the base station as well as the transponder, then start with the encryption of this number. If the number of received bits is incorrect, the e5561 leaves the crypto mode and enters read mode immediately, transmitting the ID code. 5.9.4 Checksum For verification of the received challenge, the e5561 sends a checksum (representing the number of 1 of the challenge) with a special pattern in loop until the encryption is finished (less than 10 ms to optionally 30 ms). 5.9.5 Encryption For encryption, the optimized high-security algorithm AUT64 is used. The elementary parts of this 64-bit block cipher are transposition and substitution (Figure 5-29). For more detailed information on this algorithm additional documentation is provided. The entire algorithm AUT64 is executed 24 times. At each of these 8/24 times, another key is generated out of the crypto key. Therefore, the algorithm keeps changing and a high-security level is achieved. This is confirmed by statistical analysis. For more detailed information, the description 'The Encryption Process of the e5561' can be provided under NDA. 23 4699D–RFID–09/06 5.9.6 Response The 64-bit result of the algorithm is reduced to 32 bits using logical operations. This 32-bit response is sent back to the base station for comparison. If the correct keys were used, the result generated inside the base station is identical to the result sent by the e5561. The response is transmitted in loop including the terminator until the IC is powered by the RF field. This gives the base station enough time to check the validation of the response. Figure 5-28. Atmel’s Crypto Algorithm AUT64 a0 a1 a2 a3 a4 a5 a6 a7 a6 a7 Input of AUT64 in round n Byte permutation σ a0 a1 a2 a3 a4 a5 Function f Substitution τ Bit permutation σ Substitution τ a0 24 a1 a2 a3 a4 a5 a6 a7 Input of AUT64 in round n+1 e5561 4699D–RFID–09/06 e5561 Figure 5-29. Authentication Example Power-on reset 5 ms Read ID code 20 ms Start-up ID mode (if 64 bit ID used, < 10 ms possible) Send challenge 30 ms ID mode Challenge ENCRYPTION Checksum and Encrypt (AUT64) and Checksum Response < 10 ms (8 times of AUT64) 30 ms option (24 times of AUT64) 10 ms Checksum and Encrypt Response t < 65 ms (8 times of AUT64 and reduced ID used) t < 75 ms (8 times of AUT64) t < 95 ms (24 times AUT64) 25 4699D–RFID–09/06 6. Absolute Maximum Ratings Stresses beyond those listed under “Absolute Maximum Ratings” may cause permanent damage to the device. This is a stress rating only and functional operation of the device at these or any other conditions beyond those indicated in the operational sections of this specification is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability. All voltages are given corresponding to VSS. Parameters Symbol Value Unit Supply voltage VDD –0.3 to +7.0 V Input voltage VIN VSS –0.3 ≤ VIN ≤ VDD +0.3 V IC1/C2 10 mA Ptot 100 mW Operating temperature range Tamb –40 to +85 °C (2) Storage temperature range Tstg –40 to +125 °C Assembly temperature (t ≤ 5 min) Notes: 1. Free-air condition. Time of application: 1 s. Tass 170 °C Current into Coil1/Coil2 Power dissipation (dice)(1) 2. Data retention reduced. 7. Operating Range Tamb = 25°C; reference terminal is VSS; DC operating voltage VDD – VSS = 2 V (unless otherwise noted). Parameters Test Conditions Symbol Min. Typ. Max. Unit fRF 100 125 150 kHz RF frequency range Supply current Clamp voltage fRF = 125 kHz, read and write IDD 15 µA fRF = 125 kHz, programming IDD 100 µA No clock IDD 100 250 500 nA Vcl 7.5 9.0 10.2 V Current into Coil1/Coil2 = 5 mA Equivalent coil input capacitance (without self-adapt) C1,2 Programming voltage Programming time 30 VPP fRF = 125 kHz 15 pF 16 tPP 19 16 V ms tretention 10 Years Programming cycles ncycle 100,000 – Lowest operating voltage for programming Vmfs 1.8 V Data retention Figure 7-1. Application Example from oscillator 125 kHz 4.2 mH 4.2 mH 386 pF Energy Coil 1 e5561 Coil 2 Data to base station fres = 386 pF 26 1 2p = 125 kHz LC e5561 4699D–RFID–09/06 e5561 8. Ordering Information Extended Type Number Package e5561A-DOW DOW Remarks – 9. Pads Note: Name Pad Window Function Coil1 136 × 136 m 1st coil pad Coil2 136 × 136 m2 2nd coil pad VDD 78 × 78 m 2 Positive supply voltage VSS 82 × 82 m 2 Negative supply voltage (GND) 2 For normal (coil-driven) operation, the e5561 needs only Coil1 and Coil2. 10. Chip Dimensions Test pads e5561 Coil2 VDD 1600 µm Coil1 VSS 4930 µm 11. Revision History Please note that the following page numbers referred to in this section refer to the specific revision mentioned, not to this document. Revision No. History 4699D-RFID-09/06 • • • • 4699C-RFID-08/05 • Last page: Disclaimer text changed 4699B-RFID-03/05 • Put datasheet in a new template • Section 5.9 “Authentication” on page 22 changed • Section 5.9.5 “Encryption” on page 23 changed Put datasheet in a new template Features on page 1 changed Section 3.5 “Adapt” on page 7 changed Figure 5-2 “Voltage at Coil1/Coil2 after Start-up (e.g., RF/32, Manchester, Terminator 1) on page 11 changed • Section 5.4 “Configuration” on page 11 changed • Figure 5-3 “Configuration Data in Block 0” on page 12 changed 27 4699D–RFID–09/06 Atmel Corporation 2325 Orchard Parkway San Jose, CA 95131, USA Tel: 1(408) 441-0311 Fax: 1(408) 487-2600 Regional Headquarters Europe Atmel Sarl Route des Arsenaux 41 Case Postale 80 CH-1705 Fribourg Switzerland Tel: (41) 26-426-5555 Fax: (41) 26-426-5500 Asia Room 1219 Chinachem Golden Plaza 77 Mody Road Tsimshatsui East Kowloon Hong Kong Tel: (852) 2721-9778 Fax: (852) 2722-1369 Japan 9F, Tonetsu Shinkawa Bldg. 1-24-8 Shinkawa Chuo-ku, Tokyo 104-0033 Japan Tel: (81) 3-3523-3551 Fax: (81) 3-3523-7581 Atmel Operations Memory 2325 Orchard Parkway San Jose, CA 95131, USA Tel: 1(408) 441-0311 Fax: 1(408) 436-4314 RF/Automotive Theresienstrasse 2 Postfach 3535 74025 Heilbronn, Germany Tel: (49) 71-31-67-0 Fax: (49) 71-31-67-2340 Microcontrollers 2325 Orchard Parkway San Jose, CA 95131, USA Tel: 1(408) 441-0311 Fax: 1(408) 436-4314 La Chantrerie BP 70602 44306 Nantes Cedex 3, France Tel: (33) 2-40-18-18-18 Fax: (33) 2-40-18-19-60 ASIC/ASSP/Smart Cards 1150 East Cheyenne Mtn. Blvd. Colorado Springs, CO 80906, USA Tel: 1(719) 576-3300 Fax: 1(719) 540-1759 Biometrics/Imaging/Hi-Rel MPU/ High-Speed Converters/RF Datacom Avenue de Rochepleine BP 123 38521 Saint-Egreve Cedex, France Tel: (33) 4-76-58-30-00 Fax: (33) 4-76-58-34-80 Zone Industrielle 13106 Rousset Cedex, France Tel: (33) 4-42-53-60-00 Fax: (33) 4-42-53-60-01 1150 East Cheyenne Mtn. Blvd. Colorado Springs, CO 80906, USA Tel: 1(719) 576-3300 Fax: 1(719) 540-1759 Scottish Enterprise Technology Park Maxwell Building East Kilbride G75 0QR, Scotland Tel: (44) 1355-803-000 Fax: (44) 1355-242-743 Literature Requests www.atmel.com/literature Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN ATMEL’S TERMS AND CONDITIONS OF SALE LOCATED ON ATMEL’S WEB SITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel’s products are not intended, authorized, or warranted for use as components in applications intended to support or sustain life. © 2006 Atmel Corporation. All rights reserved. Atmel ®, logo and combinations thereof, Everywhere You Are ®, IDIC ® and others, are registered trademarks or trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others. 4699D–RFID–09/06