San Jose, Ca. – Atmel Corp. has just introduced its AT88SA family of lowest cost, ultra low power, super secure cryptographic authentication ICs.
The first device in the family, the AT88SA102S, is a general purpose CrytpoAuthentication IC designed to protect consumers from counterfeit electronic and medical consumables, such as batteries, ink cartridges, test strips, blood bags, breathing tubes, and others.
They can be used in any microcontroller-based system to secure network data transmissions such as satellite radio broadcasts or medical records, protect end-products from bogus firmware updates and validate software or media modules.
Modern MCU based systems typically use nonvolatile memory to store firmware/software. CryptoAuthentication provides a low cost way to ensure that the the stored code is authentic as well as protect downloads from snooping or modification.
CryptoAuthentication ICs are the ideal complement to AVR and ARM microcontrollers that include AES encryption engines as it can securely store an encryption key for information stored within various bulk memory devices on the system, while the controller can quickly encrypt or decrypt the data using this key.
Lastly, when the system is part of a network the CryptoAuthentication device can provide a way of exchanging encryption keys over an open network in such a way that an observer can't see the keys but the processor can easily encrypt/decrypt the message.
Authentication with SHA-256
The company claims the AT88SA devices are the industry's most secure authentication ICs, with an embedded SHA-256 engine and 256-bit cryptographic key . The 256-bit size allows more possible keys than there are atoms in the sun, making it essentially impossible to crack using brute force methods.
In contrast, according to the company, the nearest competing authentication IC has a key size of only half the bits. The AT88SA102S includes 23-bits of one-time-programmable fuses that can be used for personalization, status, or consumption logging and a guaranteed unique 48-bit serial number.
The device has a high speed single wire interface that is compatible with all microcontrollers, supports a wide supply voltage range of 2.5V to 5.5V, and an even wider 1.8V to 5.5V communications voltage range.
Authentication. Authentication is based on a “challenge/response” protocol between the microcontroller host and client. The host could be a portable power tool, printer, medical test equipment, or even a satellite radio transmitter. The corresponding client could be the battery used in the power tool, an ink cartridge, a medical consumable, or a satellite radio.
Each AT88SA102S client device has a unique serial number, a 256-bit key permanently stored inside the chip and an additional 64-bit secret stored in a fuse array. At the beginning of a transaction (e.g., unlocking a door or installing an ink cartridge), the AT88SA102S sends its serial number to the host microcontroller.
The host performs a SHA-256 hash based on the AT88SA102S's serial number, an internally generated random number and the 256-bit key that resides in the host. The host sends the random number to the client as a “challenge”.
The AT88SA102S client performs its own SHA-256 hash, based on the random number, its own serial number and its 256-bit key. The resulting digest, or “response”, is sent back to the host.
The host microcontroller compares this response with the SHA-256 digest from its earlier calculation; if they match the client is deemed to be authentic. The output digest, of the SHA-256 calculation is so sensitive to the original information that changing even a single bit will result in a completely different value.
In the case of an ink cartridge or medical consumable, the microcontroller in the printer or medical device can prevent system operation if the “client” is not authentic, and allow normal system operation for authentic clients.
In the case of data, such as a broadcast to a satellite radio, the host uses the 256-bit value of the SHA-1 digest as the session encryption key for the radio transmission, based on a random value sent along with the data. Only an authentic client-radio containing an AT88SA102S programmed with the correct secret will be able to translate the random number to the session key properly to decrypt the transmission.
Since the microprocessor generates a new random number challenge for each transaction, intercepting the challenge/response pair that is sent back and forth over the bus is useless because a new response, based on a different random number, is generated for every transaction.
Client-products using the AT88SA devices can be configured with a single key or with unique keys for each unit. Since the key is unreadable and is never transmitted, it is always secure in the AT88SA102S CryptoAuthentication IC.
Ultra-low Power Consumption. Authentication ICs spend about 1/1000 of a percent of their time active, so sleep mode power consumption is the most important power consumption metric.
With sleep mode power consumption of less than 100 nanoamps (nA), Atmel's AT88SA CryptoAuthentication ICs have virtually no effect on system battery life. The normal leakage current of the battery is substantially greater. Supply voltage for the AT88SA102S is 2.5V to 5.5V.
System Integration. In order to speed system design, Atmel provides complete source code libraries for the AVR microcontroller which implements all necessary cryptographic modules to perform the host-side authentication capability. The chip requires only a single GPIO pin on the host processor and only three wires on the connector to the consumable plus a standard bypass capacitor for a low overall BOM impact.
The AT88SA102S CryptoAuthentication IC is available now in production quantities in a 2.9mm x 2.1mm footprint, green-compliant (exceeds RoHS) 3-pin SOT-23 package. Priced at $0.66 in quantities of 100 units, it is 40% to 60% less expensive than any authentication IC on the market. Atmel will introduce additional AT88SA family members during 2009.
To learn more, go to www.atmel.com.