AT88SC018 CryptoCompanion Cryptographic Security Chip - Atmel

Atmel’s new AT88SC018 CryptoCompanion is a hardware based embedded security chip which employs Secure Hash Algorithm 1 (SHA-1) and designed as the host-side to Atmel’s CryptoMemory and CryptoRF chips. Atmel’ AT88SC018 CryptoCompanion chip provides designers a cost-effective cryptographic security solution to their products which prone to piracy/cloning/counterfeiting. In conjunction with CryptoMemory chip, it provides secure storage of the secret information necessary to authenticate consumable items or software intellectual property (IP). Since AT88SC018 CryptoCompanion implements the security algorithms and protocol completely in hardware, designers do not need to know detail knowledge of cryptographic algorithms or coding.

Atmel’s CryptoCompanion, CryptoMemory and CryptoRF

CryptoMemory
Atmel’s CryptoMemory is EEPROM with a 64-bit embedded hardware encryption engine, four sets of non-readable, 64-bit authentication keys and four sets of non-readable, 64-bit session encryption keys. CryptoMemory devices currently available in densities from 1 Kbit to 256 Kbits of user memory which may be divided into as many as 16 separate sections, each of which can be customized to allow different levels of read and write access. CryptoMemory devices have standard communication interfaces to microcontrollers and off-the-shelf readers that include a synchronous two-wire interface (TWI), and asynchronous interface (ISO 7816-3 in T=0 Mode) for smart card applications. CryptoMemory devices can be used as drop-in replacements for non-secure EEPROMs to protect software IP.

CryptoRF
Atmel’s CryptoRF is the 13.56 MHz RFID devices with a 64-bit embedded cryptographic engine, dual authentication capability, and up to 64 Kbits of memory, each with up to 16 individually configurable sectors. CryptoRF devices use the authentication keys, session encryption keys and a random number to generate a unique identity, or “cryptogram”, for each transaction. The host reader and the CryptoRF device must both be able to duplicate each other’s cryptograms before any data can be accessed or written. Atmel’s CryptoRF devices integrate a 13.56 MHz radio based on the ISO 14443-B standard with a range up to 10 cm. CryptoRF is deliverable as modules for creation of RFID cards, complete RFID tags, and thinned wafers.

To communicate to microcontroller, CryptoCompanion, CryptoMemory and CryptoRF use TWI (Two Wire Interface) with SDA and SDA pins. It is identical to that supported by the popular Atmel’s AT24C16B SEEPROM chip.

Connection between Microcontroller and CryptoCompanion

Since all these cryptografic chips are slave devices, CryptoCompanion can not directly communicate with CryptoMemory or CryptoRF chip.

Cryptographic Strategy
Source: Atmel’s AT88SC018 product summary

The client-side (CryptoMemory or CryptoRF) contains secrets that must be known or derived by a host system (CryptoCompanion) in order to establish a trusted link between the two and permit communications to happen. CryptoCompanion stores these secrets in an obscured way in nonvolatile memory and contains all the circuitry necessary to perform the authentication, password and encryption/decryption functions. In this manner, the secrets do not ever need to be revealed.

The general cryptographic strategy is as follows:

Features of Atmel’s AT88SC018 CryptoCompanion Cryptographic Security Chip:

• High Security Features in Hardware
  • SHA-1 Standard Cryptographic Algorithm
  • CryptoMemory and CryptoRF F2 Algorithm
  • 64-bit Mutual Authentication Protocol (Under License of ELVA)
  • High Quality Random Number Generator (RNG)
  • Permanently Coded Serial Numbers
  • Data Scrambling in Nonvolatile Memory
  • Reset Locking to prevent Illegal Power Cycling
  • Delay Penalties to prevent Systematic Attacks
  • Voltage and Frequency Monitors
  • Metal Shield Over Memory
• Companion Chip to CryptoMemory and CryptoRF
  • Securely implements host algorithms
  • Securely stores host secrets
  • Verifies Host Firmware Digests
• Host-side Crypto Functions
  • Authentication Challenge Generation
  • Device Challenge Response
  • Message Authentication Codes (MAC) Generation
  • Data Encryption and Decryption
  • Secure Authentication Key Management
• Secure Storage and Key Management
  • Up to 16 sets of 64-bits Diversified Host Keys
  • Eight Sets of Two 24-bit Passwords
  • Secure and Custom Personalization
  • Up to 232-Byte Read/Write Configurable User Data Area
• Nonvolatile Up Counters
  • Four sets Unidirectional Counters
  • 64 Million Maximum Counts Per Counter
• Application Features
  • Low Voltage Supply: 2.7V – 3.6V
  • 2-Wire Serial Interface (TWI, 5V Compatible)
  • Standard 8-lead SOIC Plastic Package, Green compliant (exceeds RoHS)
• High Reliability
  • Endurance : 100,000 Cycles
  • Data Retention : 10 years
  • ESD Protection : 3,000 V min. HBM

Devekopment Tool for AT88SC018 CryptoCompanion Chip

To speed-up application development using AT88SC018 CryptoCompanion chip, Atmel offer the Aris+ (AT88SC-ADK2), an AVR-based demonstration kit. Atmel’s Aris+ is a low-cost starter kit and development system for CryptoMemory and CryptoCompanion chips on an AVR-based flash microcontroller platform. Aris+ is suitable for low volume personalization of the CryptoCompanion and CryptoMemory chips for fast prototyping of embedded security solutions both the Host and Client side. Aris+ features ACES (Atmel Crypto Evaluation Studio) and the Crypto Core Development Library. The library architecture permits code porting to other microcontroller platforms.

Atmel’s Aris+ CryptoCompanion and CryptoMemory Evaluation Kit

Aris+ package content:

• Aris+ Demo board
• Sample tube CryptoCompanion
• Sample tube CryptoMemory
• Embedded Crypto Solutions CD
• USB cable

Atmel Aris+ offers sample development resources to include a large-memory AT90USB AVR microcontroller, rich debug capabilities with JTAG-ICE and ISP programming ports, high-level API development library, and convenient connectivity through USB. Aris+ features 4 LEDs for debug feedback, pushbuttons for AVR reset, CryptoCompanion reset, and a Hardware Boot function for programming the AVR.

Samples for AT88SC018 CryptoCompanion chip are available now in SOIC packages for $0.61 each. Samples for CryptoMemory start at $0.66 (depends on memory densities and packages). The Aris+ AVR-based demonstration kit (AT88SC-ADK2) is available for $99.95.

References:

• Press release: Atmel Offers Complete Embedded System Protection through Introduction of Next Generation CryptoCompanion IC (_http://www.atmel.com/dyn/corporate/view_detail.asp?FileName=CryptoCompanionIC_Arisplusdevkit_3_5.html)
• CryptoCompanion (_http://www.atmel.com/products/securerf/cryptocompanion.asp?family=646)
• Product summary: AT88SC018 CryptoCompanion Chip for CryptoMemory and CryptoRF (_http://www.atmel.com/dyn/resources/prod_documents/5277s.pdf)
• Secure RFID: CryptoRF (_http://www.atmel.com/products/secureRF/default.asp)
• Secure Memory: CryptoMemory (_http://www.atmel.com/products/securemem/default.asp)
• Aris+ Quick Start Guide (_http://www.atmel.com/dyn/resources/prod_documents/Aris+QSG.pdf)