APPLICATION NOTE. Authentication Counting. Atmel CryptoAuthentication. Features. Introduction



Similar documents
APPLICATION NOTE. Secure Personalization with Transport Key Authentication. ATSHA204A, ATECC108A, and ATECC508A. Introduction.

Application Note. Atmel ATSHA204 Authentication Modes. Prerequisites. Overview. Introduction

AT88CK490 Evaluation Kit

Application Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview

CryptoAuth Xplained Pro

APPLICATION NOTE. AT16268: JD Smart Cloud Based Smart Plug Getting. Started Guide ATSAMW25. Introduction. Features

AVR106: C Functions for Reading and Writing to Flash Memory. Introduction. Features. AVR 8-bit Microcontrollers APPLICATION NOTE

SMARTCARD XPRO. Preface. SMART ARM-based Microcontrollers USER GUIDE

AVR151: Setup and Use of the SPI. Introduction. Features. Atmel AVR 8-bit Microcontroller APPLICATION NOTE

APPLICATION NOTE. AT07175: SAM-BA Bootloader for SAM D21. Atmel SAM D21. Introduction. Features

AT11805: Capacitive Touch Long Slider Design with PTC. Introduction. Features. Touch Solutions APPLICATION NOTE

APPLICATION NOTE. Atmel AVR134: Real Time Clock (RTC) Using the Asynchronous Timer. Atmel AVR 8-bit Microcontroller. Introduction.

AVR32701: AVR32AP7 USB Performance. 32-bit Microcontrollers. Application Note. Features. 1 Introduction

APPLICATION NOTE. RF System Architecture Considerations ATAN0014. Description

USER GUIDE EDBG. Description

More Secure, Less Costly IoT Edge Node Security Provisioning

How To Use An Atmel Atmel Avr32848 Demo For Android (32Bit) With A Microcontroller (32B) And An Android Accessory (32D) On A Microcontroller (32Gb) On An Android Phone Or

Atmel AVR4921: ASF - USB Device Stack Differences between ASF V1 and V2. 8-bit Atmel Microcontrollers. Application Note. Features.

Atmel AVR4903: ASF - USB Device HID Mouse Application. Atmel Microcontrollers. Application Note. Features. 1 Introduction

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

APPLICATION NOTE. AT12405: Low Power Sensor Design with PTC. Atmel MCU Integrated Touch. Introduction

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

AVR32138: How to optimize the ADC usage on AT32UC3A0/1, AT32UC3A3 and AT32UC3B0/1 series. 32-bit Microcontrollers. Application Note.

Using CryptoMemory in Full I 2 C Compliant Mode. Using CryptoMemory in Full I 2 C Compliant Mode AT88SC0104CA AT88SC0204CA AT88SC0404CA AT88SC0808CA

8-bit. Application Note. Microcontrollers. AVR282: USB Firmware Upgrade for AT90USB

formerly Help Desk Authority Quest Free Network Tools User Manual

AVR115: Data Logging with Atmel File System on ATmega32U4. Microcontrollers. Application Note. 1 Introduction. Atmel

USER GUIDE. ZigBit USB Stick User Guide. Introduction

AVR131: Using the AVR s High-speed PWM. Introduction. Features. AVR 8-bit Microcontrollers APPLICATION NOTE

AVR1318: Using the XMEGA built-in AES accelerator. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

Atmel AVR4920: ASF - USB Device Stack - Compliance and Performance Figures. Atmel Microcontrollers. Application Note. Features.

AVR1309: Using the XMEGA SPI. 8-bit Microcontrollers. Application Note. Features. 1 Introduction SCK MOSI MISO SS

Dell InTrust Preparing for Auditing Cisco PIX Firewall

APPLICATION NOTE. Atmel AT04389: Connecting SAMD20E to the AT86RF233 Transceiver. Atmel SAMD20. Description. Features

AVR127: Understanding ADC Parameters. Introduction. Features. Atmel 8-bit and 32-bit Microcontrollers APPLICATION NOTE

Dell Statistica. Statistica Document Management System (SDMS) Requirements

AVR305: Half Duplex Compact Software UART. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

32-bit AVR UC3 Microcontrollers. 32-bit AtmelAVR Application Note. AVR32769: How to Compile the standalone AVR32 Software Framework in AVR32 Studio V2

Application Note. 8-bit Microcontrollers. AVR270: USB Mouse Demonstration

AVR1922: Xplain Board Controller Firmware. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

ChangeAuditor 6.0 For Windows File Servers. Event Reference Guide

AVR353: Voltage Reference Calibration and Voltage ADC Usage. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

ChangeAuditor 5.6. For Windows File Servers Event Reference Guide

Introduction to Version Control in

AVR1600: Using the XMEGA Quadrature Decoder. 8-bit Microcontrollers. Application Note. Features. 1 Introduction. Sensors

Dell Migration Manager for Enterprise Social What Can and Cannot Be Migrated

APPLICATION NOTE. AT05558: Wireless Manufacturing Test Kit. Atmel ATmega256RFR2. Description. Features

Spotlight Management Pack for SCOM

QT1 Xplained Pro. Preface. Atmel QTouch USER GUIDE

Capacitive Touch Technology Opens the Door to a New Generation of Automotive User Interfaces

AVR1900: Getting started with ATxmega128A1 on STK bit Microcontrollers. Application Note. 1 Introduction

Designing Feature-Rich User Interfaces for Home and Industrial Controllers

AVR287: USB Host HID and Mass Storage Demonstration. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

Quest vworkspace Virtual Desktop Extensions for Linux

AT15007: Differences between ATmega328/P and ATmega328PB. Introduction. Features. Atmel AVR 8-bit Microcontrollers APPLICATION NOTE

AVR1510: Xplain training - XMEGA USART. 8-bit Microcontrollers. Application Note. Prerequisites. 1 Introduction

APPLICATION NOTE. Atmel LF-RFID Kits Overview. Atmel LF-RFID Kit. LF-RFID Kit Introduction

AN AES encryption and decryption software on LPC microcontrollers. Document information

APPLICATION NOTE. Atmel AT02985: User s Guide for USB-CAN Demo on SAM4E-EK. Atmel AVR 32-bit Microcontroller. Features. Description.

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Using the RS232 serial evaluation boards on a USB port

AVR033: Getting Started with the CodeVisionAVR C Compiler. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

Object Level Authentication

General Porting Considerations. Memory EEPROM XRAM

Top 10 Most Popular Reports in Enterprise Reporter

How To Design An Ism Band Antenna For 915Mhz/2.4Ghz Ism Bands On A Pbbb (Bcm) Board

Dell InTrust Preparing for Auditing CheckPoint Firewall

AN Boot mode jumper settings for LPC1800 and LPC4300. Document information

Security Analytics Engine 1.0. Help Desk User Guide

formerly Help Desk Authority HDAccess Administrator Guide

SAMA5D2. Scope. Reference Documents. Atmel SMART ARM-based MPU ERRATA

AVR317: Using the Master SPI Mode of the USART module. 8-bit Microcontrollers. Application Note. Features. Introduction

MODFLEX MINI GATEWAY ETHERNET USER S GUIDE

New Features and Enhancements

AVR2006: Design and characterization of the Radio Controller Board's 2.4GHz PCB Antenna. Application Note. Features.

APPLICATION NOTE. Atmel AVR443: Sensor-based Control of Three Phase Brushless DC Motor. Atmel AVR 8-bit Microcontrollers. Features.

AVR1301: Using the XMEGA DAC. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

AVR1321: Using the Atmel AVR XMEGA 32-bit Real Time Counter and Battery Backup System. 8-bit Microcontrollers. Application Note.

Dell Statistica Document Management System (SDMS) Installation Instructions

8051 Flash Microcontroller. Application Note. A Digital Thermometer Using the Atmel AT89LP2052 Microcontroller

Organized, Hybridized Network Monitoring

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

AVR319: Using the USI module for SPI communication. 8-bit Microcontrollers. Application Note. Features. Introduction

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

How to Deploy Models using Statistica SVB Nodes

AVR315: Using the TWI Module as I2C Master. Introduction. Features. AVR 8-bit Microcontrollers APPLICATION NOTE

Spotlight Management Pack for SCOM

AT88CK490 and AT88CK590

Dell Statistica Statistica Enterprise Installation Instructions

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

Dell NetVault Backup Plug-in for Advanced Encryption 2.2. User s Guide

Application Note. 8-bit Microcontrollers. AVR272: USB CDC Demonstration UART to USB Bridge

AT12181: ATWINC1500 Wi-Fi Network Controller - AP Provision Mode. Introduction. Features. Atmel SmartConnect APPLICATION NOTE

AGREEMENT BETWEEN USER AND Caduceon Environmental Laboratories Customer Portal

This document has been provided by the International Center for Not-for-Profit Law (ICNL).

AT91SAM ARM-based Flash MCU. Application Note

Hybrid Cloud Computing

Dell InTrust Preparing for Auditing and Monitoring Microsoft IIS

Foglight. Managing Java EE Systems Supported Platforms and Servers Guide

Transcription:

APPLICATION NOTE Authentication Counting Atmel CryptoAuthentication Features How to achieve high endurance counters in excess of 800,000 counts. How to disable the Atmel CryptoAuthentication ATSHA204A device after a pre-set number of authentications. Device Configuration System Software Operations How to count the number of authentications with the ATSHA204A. Device Configuration System Software Operations Applications applies to the Atmel CryptoAuthentication Devices: ATSHA204(A) ATECC108(A) ATECC508A Introduction With many consumable applications, there is a requirement to limit the number authentications that can be performed on a slot. The limited use capability of Slot F can be used if the total number of authentications is not greater than 128. To track the number of authentications beyond 128, the technique of chaining SingleUse slots can be used. This is made possible since the DeriveKey command on slot numbers up to Slot 8 resets the UseFlag to FF. When Slot F is the last slot in the authentication chain, this technique limits the use of the device. This example will chain Slots 7 to F. Sometimes, only high endurance counting is required. To support applications where the number of authentications is the only thing of interest without a requirement for authentications to be limited, chaining SingleUse slots can be used. When the last slot in the chain is also derivable and the rolling UpdateCount is kept tracked, a rolling authentication counter can be achieved.

Table of Contents 1 Authentication Consumption by Chaining SingleUse Slots... 3 1.1 Slot Configuration... 3 1.2 Consumption Tracking... 3 1.3 Consumption Chaining Examples... 4 2 Authentication Counter by Chaining SingleUse Slots... 5 2.1 Slot Configuration... 5 2.2 Authentication Counting... 6 2.3 Authentication Counting Examples... 7 3 Revision History... 7 2 Authentication 2 Counting [APPLICATION NOTE]

1 Authentication Consumption by Chaining SingleUse Slots With many consumable applications, there is a requirement to limit the number authentications that can be performed on a slot. Slot F s limited use capability can be used if the total number of authentications is not greater than 128. To track the number of authentications beyond 128, the technique of chaining single use slots can be used. This is made possible since the DeriveKey command on slot numbers less than eight resets the UseFlag to FF. When Slot F is the last slot in the authentication chain, this technique limits the use of the device. This example will chain Slots 7 and F. 1.1 Slot Configuration The slot configurations are as follows: Table 1-1. Slot 7 Slot Configuration Description SlotConfig Bytes: ReadConfig: WriteConfig: Key: AF 3F AF (1010 1111), IsSecret, SingleUse 3F (0011 1111), DeriveKey, Use Parent, No Authorizing MAC, WriteKey=F Initialize to the result of DeriveKey. F SlotConfig Bytes: ReadConfig: WriteConfig: AF 8F AF (1010 1111), IsSecret, SingleUse 8F (1000 1111), IsSecret Use Slot 7 as the primary authentication slot with either the Fixed-Challenge sequence or the Random-Challenge authentication sequence. Either authentication will consume one UseFlag bit per authentication. 1.2 Consumption Tracking Table 1-2. Consumption Timing Step To ATSHA204A System Software 1 MAC or CheckMac Authentication 2 Read(UseFlag Slot 7) 3 If UseFlag is not zero, then do nothing further. 4 If UseFlag is zero, continue. 5 Nonce(Fixed) 6 DeriveKey(Slot 7) Notes: 1. Step 1: Consume one UseFlag bit. 2. Steps 2 thru 4: Check to see if the UseFlag is used up. 3. Step 5: Use the same constant value for the Nonce. 4. Step 6: Initiate a DeriveKey. The same key is in Slot 7 after DeriveKey. Reset UseFlag in Slots 7 to FF. Consume one LastKeyUse for Slot F. Authentication Counting [APPLICATION NOTE] 3 3

The equation that determines the number of authentications is as follows: Number of Authentications: #auths = (8 (n 1) C n ) + 8 n (C LKU ) Where: n = The number of chained slots. Cn = The count of UseFlagn bits consumed = 8 max (for Slots 0 to 7) CLKU = The count of LastKeyUse bits consumed = 128 max 1.3 Consumption Chaining Examples Use the table below to determine the number of chained slots for your application. Examples: n = 1 #auths = C1 + 8(CLKU) n = 2 #auths = C1 + 8C2 + 64(CLKU) The number of authentications that is possible when linking in this way is shown in the following table. Table 1-3. Possible Authentications When Linking Chaining (n) Auth Calculation #Auths Max 1 st Slot Endurance Count (1) Notes 1 SingleUse to Slot F 8 + (8 1 x 128) 1,032 129 2 SingleUse to Slot F 8 + (8 1 x 8) + (8 2 x 128) 8,264 1,033 3 SingleUse to Slot F 8 + (8 1 x 8) + (8 2 x 8) + (8 3 x 128) 66,120 8,265 4 SingleUse to Slot F 8 + (8 1 x 8) + (8 2 x 8) + (8 3 x 8) + (8 4 x 128) 528,968 66,121 Maximum recommended number of slots to chain together is 4 due to EE wear. 5 SingleUse to Slot F 8 + (8 1 x 8) + (8 2 x 8) + (8 3 x 8) + (8 4 x 8) + (8 5 x 128) 4,231,752 528,969 Maximum recommendation of 800,000 authentications instead of 4,231,752 to stay within the limit of the first slot EE endurance. (1) Note: 1. EEPROM Endurance is 100,000 maximum. 4 Authentication 4 Counting [APPLICATION NOTE]

2 Authentication Counter by Chaining SingleUse Slots Sometimes, only high endurance counting is required. To support applications where the number of authentications is the only thing of interest without a requirement for authentications to be limited, chaining SingleUse slots can be used. When the last slot in the chain is also derivable and the rolling UpdateCount is kept tracked, a rolling authentication counter can be achieved. 2.1 Slot Configuration This example will chain Slots 6, 7, and 8. The slot configurations are as follows: Table 2-1. Slot 6 7 Slot Configuration Description SlotConfig Bytes: AF 37 ReadConfig: AF (1010 1111), IsSecret, SingleUse WriteConfig: 36 (0011 0111), DeriveKey, Use Parent, No Authorizing MAC, WriteKey=7 SlotConfig Bytes: AF 38 ReadConfig: AF (1010 1111), IsSecret, SingleUse WriteConfig: 37 (0011 1000), DeriveKey, Use Parent, No Authorizing MAC, WriteKey=8 8 SlotConfig Bytes: ReadConfig: WriteConfig: 8F 8F AF (1000 1111), IsSecret 8F (1000 1111), IsSecret Use Slot 6 as the primary authentication slot with either the Fixed Challenge sequence or the Random Challenge authentication sequence. Either authentication will consume one UseFlag bit per authentication. Authentication Counting [APPLICATION NOTE] 5 5

2.2 Authentication Counting Table 2-2. Consumption Tracking Step To ATSHA204A System Software 1 MAC or CheckMac Authentication 2 Read(UseFlag slot 6) 3 If UseFlag is not zero, then do nothing further. 4 If UseFlag is zero, continue. 5 Nonce(Fixed) 6 DeriveKey(slot 6) 6 Read(UseFlag slot 6) 7 If UseFlag is not zero, then do nothing further. 8 If UseFlag is zero, continue. 9 Nonce(Fixed) 10 DeriveKey(slot 7) 11 Read(UpdateCount slot 7) 1. Step 1: Consume one UseFlag bit. 2. Steps 2 thru 4: Check to see if the UseFlag is used up. 3. Step 5: Initiate a DeriveKey on Slot 6. Reset UseFlag in Slot 6 to FF. UpdateCount in Slot 6 is incremented (rolls to zero after FF). Consume one UseFlag for Slot 7. DeriveKey 4. Steps 6 thru 8: Check to see if the UseFlag is used up. 5. Step 5: Initiate a DeriveKey on Slot 7. Reset UseFlag in Slot 7 to FF. UpdateCount in Slot 7 is incremented (rolls to zero after FF). The equation that determines the number of authentications is as follows: Number of Authentications: #auths = (8 (n 1) C n ) + 8 n (UpdateCount n ) Where: n = The number of chained slots. Cn = The count of UseFlagn bits consumed = 8 max (for Slots 0 to 7) UpdateCountn = The UpdateCount for the slot = 256 max (for Slots 0 to 7) 6 Authentication 6 Counting [APPLICATION NOTE]

2.3 Authentication Counting Examples Use the table below to determine the number of chained slots for the application. Examples: n = 1 #auths = C1 + 8(UpdateCount1) n = 2 #auths = C1 + 8C2 + 64(UpdateCount2) n = 3 #auths = C1 + 8C2 + 64C3 + 512(UpdateCount3) The number of authentications that is possible before rolling the counter is shown in the following table. Table 2-3. Possible Authentications Before Rolling the Counter Chaining Auth Calculation #Auths Max 1 st Slot Endurance Count Notes 1 SingleUse Chained 8 + (8 1 x 256) 2,056 257 2 SingleUse Chained 8 + (8 1 x 8) + (8 2 x 256) 16,456 2,057 3 SingleUse Chained 8 + (8 1 x 8) + (8 2 x 8) + (8 3 x 256) 131,656 16,457 Maximum recommended number of slots to chain together is 3 due to EE wear. 4 SingleUse Chained 8 + (8 1 x 8) + (8 2 x 8) + (8 3 x 8) + (8 4 x 256) 1,053,256 131,657 Maximum recommendation of 800,000 authentications instead of 1,053,256 to stay within the limit of the first slot EE endurance. Note: 1. EEPROM Endurance is 100,000 maximum. 3 Revision History Doc Rev. Date Comments 8863A 04/2015 Initial document release. Authentication Counting [APPLICATION NOTE] 7 7

8 Atmel Corporation 1600 Technology Drive, San Jose, CA 95110 USA T: (+1)(408) 441.0311 F: (+1)(408) 436.4200 www.atmel.com 2015 Atmel Corporation. / Rev.:. Atmel, Atmel logo and combinations thereof, Enabling Unlimited Possibilities, CryptoAuthentication, and others are registered trademarks or trademarks of Atmel Corporation in U.S. and other countries. Other terms and product names may be trademarks of others. DISCLAIMER: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to a ny intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND CONDITIONS OF SALES LOCATED ON THE ATMEL WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODU CTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAG ES FOR LOSS AND PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and products descriptions at any time without notice. Atmel does not make any com mitment to update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel products are not intended, authoriz ed, or warranted for use as components in applications intended to support or sustain life. SAFETY-CRITICAL, MILITARY, AND AUTOMOTIVE APPLICATIONS DISCLAIMER: Atmel products are not designed for and will not be used in connection with any applications whe re the failure of such products would reasonably be expected to result in significant personal injury or death ( Safety -Critical Applications ) without an Atmel officer's specific written consent. Safety-Critical Applications include, without limitation, life support devices and systems, equipment or systems for the operation o f nuclear facilities and weapons systems. Atmel products are not designed Authentication nor intended for use 8 Counting military or [APPLICATION aerospace applications or NOTE] environments unless specifically designated by Atmel as military-grade. Atmel products are not designed nor intended for use in automotive applications unless specifically designated by as automotive-grade.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information