Releases
|
Atmel's SHA-256 Cryptographic Authentication IC Family Prevents Cloning, Secures Data Sub -$1, New CryptoAuthentication ICs Consume Less than 100 nA in Sleep Mode San Jose, CA, April 27, 2009 - Atmel® Corporation (Nasdaq: ATML), announced today its AT88SA family of lowest cost, ultra low power, super secure cryptographic authentication ICs. The first device in the family, the AT88SA102S, is a general purpose CryptoAuthentication™ IC designed to protect consumers from counterfeit electronic and medical consumables, such as batteries, ink cartridges, test strips, blood bags, breathing tubes, and others. They can be used to secure network transmissions such as satellite radio broadcasts or medical records or any other kind of logical data such as firmware or media. Modern MCU based systems typically use nonvolatile memory to store firmware/software. CryptoAuthentication provides a low cost way to ensure that the the stored code is authentic as well as protect downloads from snooping or modification. CryptoAuthentication ICs are the ideal complement to AVR® and ARM® microcontrollers that include AES encryption engines as it can securely store an encryption key for information stored within various bulk memory devices on the system, while the controller can quickly encrypt or decrypt the data using this key. Lastly, when the system is part of a network the CryptoAuthentication device can provide a way of exchanging encryption keys over an open network in such a way that an observer can't see the keys but the processor can easily encrypt/decrypt the message. Industry's Only Authentication IC with SHA-256. Authentication. Authentication is based on a "challenge/response" protocol between the microcontroller host and client. The host could be a portable power tool, printer, medical test equipment, or even a satellite radio transmitter. The corresponding client could be the battery used in the power tool, an ink cartridge, a medical consumable, or a satellite radio. Each AT88SA102S client device has a unique serial number, a 256-bit key permanently stored inside the chip and an additional 64-bit secret stored in a fuse array. At the beginning of a transaction (e.g., unlocking a door or installing an ink cartridge), the AT88SA102S sends its serial number to the host microcontroller. The host performs a SHA-256 hash based on the AT88SA102S's serial number, an internally generated random number and the 256-bit key that resides in the host. The host sends the random number to the client as a "challenge". The AT88SA102S client performs its own SHA-256 hash, based on the random number, its own serial number and its 256-bit key. The resulting digest, or "response", is sent back to the host. The host microcontroller compares this response with the SHA-256 digest from its earlier calculation; if they match the client is deemed to be authentic. The output digest, of the SHA-256 calculation is so sensitive to the original information that changing even a single bit will result in a completely different value. In the case of an ink cartridge or medical consumable, the microcontroller in the printer or medical device can prevent system operation if the "client" is not authentic, and allow normal system operation for authentic clients. In the case of data, such as a broadcast to a satellite radio, the host uses the 256-bit value of the SHA-1 digest as the session encryption key for the radio transmission, based on a random value sent along with the data. Only an authentic client-radio containing an AT88SA102S programmed with the correct secret will be able to translate the random number to the session key properly to decrypt the transmission. Since the microprocessor generates a new random number challenge for each transaction, intercepting the challenge/response pair that is sent back and forth over the bus is useless because a new response, based on a different random number, is generated for every transaction. Client-products using the AT88SA devices can be configured with a single key or with unique keys for each unit. Since the key is unreadable and is never transmitted, it is always secure in the AT88SA102S CryptoAuthentication IC. Ultra-low Power Consumption. Authentication ICs spend about 1/1000 of a percent of their time asleep, so sleep mode power consumption is the most important power consumption metric. With sleep mode power consumption of less than 100 nanoamps (nA), Atmel's AT88SA CryptoAuthentication ICs have virtually no effect on system battery life. The normal leakage current of the battery is substantially greater. Supply voltage for the AT88SA102S is 2.5V to 5.5V. Easy System Integration. In order to speed system design, Atmel provides complete source code libraries for the AVR microcontroller which implements all necessary cryptographic modules to perform the host-side authentication capability. The chip requires only a single GPIO pin on the host processor and only three wires on the connector to the consumable plus a standard bypass capacitor for a low overall BOM impact. Availability and Pricing About Atmel © 2009 Atmel Corporation. All Rights Reserved. Atmel®, Atmel logo and combinations thereof, Everywhere You Are®, and AVR® others, are registered trademarks, CryptoAuthentication™ and others are trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others. Information: Atmel Press Contacts: Sharon Harnisch, Marketing Communications |
