Atmel ATAES132
32K AES Serial EEPROM Specification
Preliminary Datasheet
Features
• 32Kbits of standard Serial EEPROM user memory
• Compatible with the Atmel AT24C32D and the Atmel AT2530B
• 16 user zones of 2Kbits each
• High security features
• AES algorithm wit h 128-bit keys
• AES-CCM for authentication
• Message authentication code for cryptograp hi c operations
• Secure storage for sixteen 12 8 bit keys
• Encrypted user memory read and write
• FIPS random number generator
• 16 non-revers ible monotonic counters
• Flexible user configured security
• User zone access rights are independently configured
• Authenticat i on prior to zone access
• Read/write, Encrypted, or Read only user zone options
• High speed serial interface options
• 10MHz SPI (Mode 0 and 3)
• 1MHz I2C
• 2.5V to 5.5V supply, <250nA Sleep
• Packages: SOIC, TSSOP or UDFN
• Serial EEPROM compatible pinout
• Operating temperature
• -40° to +85°C
Description
The Atmel® ATA ES132 is a high security Serial electrically-erasable and programma ble
read only memory (EEPROM) providing both authenticat i on and confidential nonvolatile
data storage capabilities. Access restrictions for the sixteen user zones are independentl y
configured, which any key can be used with any zone. Keys can also be used for stand-
alone authentication. This flexibility permits ATAES132 to be us ed i n a wide range of
applications.
The Atmel AES-128 cryptographi c engine operates in the AES-CCM mode to provide
authentication, stored data encryption/decryption, and mess age authenticat ion codes.
Both internally stored data and/or small external data can be protected by the ATAES132
device.
The ATAES 132 pi nout is compatible with the standard SPI and I2C Serial EEPROM to
allow placement on existing P C boards. The SPI and I2C instruction sets are identical t o
the Atmel Serial EEPROM. The extended security functio ns are accessed b y sending
command pack ets to the ATAES132 using standard write instructions, and reading
8760A−CRYPTO−5/11
Atmel ATAES132 Preliminary Datasheet 2
8760A−CRYPTO−5/11
responses using standard read i ns tructions. The ATAES132 Secure Serial EEPROM
architecture allows it to be ins er ted into existing applications.
The ATAES 132 chip incorporat es multiple physic al security mechanisms to prevent
release of the internally stored secrets. Secure per sonalization features are provided to
facilitate third-party product manufacturing.
Atmel ATAES132 Preliminary Datasheet 3
8760A−CRYPTO−5/11
Table of Contents
1. Introduction ....................................................................................................... 5
1.1. Scope ............................................................................................................... 5
1.2. Conventions .......................................................................................................... 5
1.3. Abbreviations ........................................................................................................ 6
1.4. Communication ..................................................................................................... 7
2. Memory ........................................................................................................ 9
2.1. User Memory ........................................................................................................ 9
2.2. Key Memory ......................................................................................................... 9
2.3. Configurat i on Mem or y .......................................................................................... 9
2.4. SRAM Memory ................................................................................................... 10
3. Security Features ............................................................................................ 13
3.1. Architecture ........................................................................................................ 13
3.2. Authentication ..................................................................................................... 13
3.3. Encrypted Memory Read/W r i te ........................................................................... 13
3.4. Data Encryption/Decrypt ion ................................................................................ 14
3.5. Keys ............................................................................................................. 14
3.6. Random Numbers ............................................................................................... 15
4. Security Configuration Regi st ers .................................................................... 16
4.1. User Zone Configuration ..................................................................................... 16
4.2. Key Configuration ............................................................................................... 17
4.3. Volatil eK ey Configurat ion ................................................................................... 19
4.4. Monontonic Counter Configuration ..................................................................... 20
5. Standard Seri al E EPROM Read and Write Commands ................................. 21
5.2. Read ............................................................................................................. 21
5.3. Write ............................................................................................................. 22
6. Atmel ATAES132 C om m ands ......................................................................... 23
6.1. Command Bl ock and Packet .............................................................................. 23
6.2. Command Summary ........................................................................................... 24
6.3. ReturnCode ........................................................................................................ 26
7. Command Defini tions ...................................................................................... 27
7.1. Auth Command ................................................................................................... 27
7.2. AuthChec k Command ......................................................................................... 30
7.3. AuthCom pute Com man d .................................................................................... 31
7.4. BlockR ead Command ......................................................................................... 32
7.5. Counter Command ............................................................................................. 33
7.6. Crunch Com mand ............................................................................................... 35
7.7. DecRead Command ........................................................................................... 36
7.8. Decrypt Com mand .............................................................................................. 37
7.9. EncRead Command ........................................................................................... 39
7.10. Encrypt Command .............................................................................................. 41
7.11. EncWrite Command ............................................................................................ 42
7.12. Info Command .................................................................................................... 44
7.13. KeyCompute Com m and ..................................................................................... 46
7.14. KeyExpor t Command .......................................................................................... 48
7.15. KeyImport Com mand .......................................................................................... 51
7.16. KeyLoad Command ............................................................................................ 53
7.17. KeyTransfer Command ....................................................................................... 54
7.18. Legacy Command ............................................................................................... 55
7.19. Lock Command................................................................................................... 56
7.20. Nonce Command ................................................................................................ 58
7.21. NonceComput e C om mand ................................................................................. 60
Atmel ATAES132 Preliminary Datasheet 4
8760A−CRYPTO−5/11
7.22. Random Command ............................................................................................. 62
7.23. Reset Command ................................................................................................. 64
7.24. Sleep Command ................................................................................................. 65
7.25. TempSense Command ....................................................................................... 66
7.26. WriteCompute Command ................................................................................... 67
8. Pin Lists 68
8.1. Package Pin List [SOIC, TSSOP, UDFN] ........................................................... 68
9. Electrical Characteristics ................................................................................. 69
9.1. Absolut e Maximum Ratings* ............................................................................... 69
9.2. Reliability ............................................................................................................ 69
9.3. DC Characteristics .............................................................................................. 70
9.4. AC Characteristics .............................................................................................. 71
9.5. Temper ature Sensor Characteristics .................................................................. 75
Appendix A. Standards and Reference Documents .......................................... 76
Appendix B. Memory Map ................................................................................. 77
Appendix C. User Memory Map ........................................................................ 79
Appendix D. Comm and Memory Map ............................................................... 80
Appendix E. Configuration Memory Map ........................................................... 83
Appendix F. Key Memory Map .......................................................................... 94
Appendix G. Und erstanding the STATUS Register ........................................... 95
Appendix H. Understanding the Non-R e versibl e Monot onic Count ers ........... 103
Appendix I. Cryptographic Computations ...................................................... 105
Appendix J. I2C Interface ................................................................................ 122
Appendix K. SPI Interface ............................................................................... 131
Appendix L. Power Management .................................................................... 138
Appendix M. Bl ock Checks um ......................................................................... 144
Appendix N. Atm el ATAES132 Command Response Time ............................ 146
Appendix O. Default Configuration .................................................................. 149
Appendix P. Serial Memory Backward Comp atibility ...................................... 153
Appendix Q. Orde ring Information ................................................................... 157
Appendix R. Errata .......................................................................................... 161
Appendix S. Revision History .......................................................................... 165
Atmel ATAES132 Preliminary Datasheet 5
8760A−CRYPTO−5/11
1. Introduction
The Atmel® ATA ES132 is the first dev i c e i n a family of high security Serial EEPROM using the advanced encryption standard
(AES) cryptographic algorithm to add authenticati on capability to a standard Serial EEPROM. The ATAES132 provides
32Kbits of EEPROM user data memory, sixteen 128 bit key register s , sixteen non-reversible monotonic counters, factory
unique die identification n um bers, and a configuration memory. The configuration memory registers control access to the
user memory, as well as the restric tions on key and counter functionality.
The user memory can be ac cessed directly with the standard SPI or I2C commands if a user zone is conf i gured for open or
read-only access. If the user zone security is activated, t hen the extended ATAES132 command set is used to access th e
contents of a user zone. The extended ATAES132 commands are executed by writing the command packet to the virtual
memory using standard SPI or I2C write commands. The response packet is retrieved by reading it from the virtual memory
using standar d SPI or I2C read comman ds .
The ATAE S132 packages are compat ible with the standard SPI and I2C EEPROM footprints. This allows the ATAES132 to be
inserted into many existing Serial EEPROM applications.
1.1. Scope
This ATA ES132 Specification provides all sp ecifications for its configuration and operation.
1.2. Conventions
The following nomenclature is used througho ut this specification.
• Host (The SPI or I2C master device)
The host initiates all communications with slave devices on the serial interface bus
• Client (The ATAES132 Secure Serial EEPROM defined by this specification)
Operates as a SPI or I2C slave
• Nnb (Binary number)
Denotes a binary number "nn" (Most significant bit on the left)
• 0xZZZZ ( Hexadecimal number)
Denotes a hex number "ZZZZ" (Most significant bit on the lef t)
• ZZZZh (Hexadecimal number)
Denotes a hex number "ZZZZ" (Most Significant Bit on the left)
• RegName.FieldName (Field name)
Reference to bit field "FieldName" in register "RegName"
• RegArray[xx].FieldName (Field name)
Reference to bit field "FieldName" in register "RegArray[xx]" where "xx" is the array index
• UZ (User zone)
Reference to a user zone number
• CntID (Counter ID)
Reference to a counter number
• KeyID (Key ID)
References to a key register number
Atmel ATAES132 Preliminary Datasheet 6
8760A−CRYPTO−5/11
1.2.1. Byte Order
The ATAES 132 device uses a “big-endian” coding scheme and utilizes t he same bit and b yte orders as the standard Serial
EEPROM. The byte order is identical to the NIST AES specifications (see Appendix A):
• The most significant bit of each byte is transmitted first on the bus
• The most significant byte of multi-byte integers is transmitted prior to the least significant byte. This applies to the
CRC, address and other 16 bit command parameters.
• All arrays are transmitted in index order, with byte index 0 first
• Configuration fields that are more than eight bits appear on the bus during a read or write in the index order in which
they appear in this specification – the top byte in the input parameters table is byte[0] and appears first on the bus.
These fields are arrays of bytes, not multi-byte integers.
1.3. Abbreviations
The following abbreviations are used throughout this specific ation.
• AES (Advanced encryption standard)
Block cipher algorithm standardized by NIST, with 128 bit block size
• AES-CCM
AES mode using the “Counter with Cipher Block Chaining-Message Authentication Code” algorithm
• AES-ECB
AES mode using the “Electronic Code Book” algorithm
• Ciphertext
Data communicated after it has been encrypted
• Cleartext
Data communicated in a non-encrypted state
• MAC (Message authentication code)
A 128 bit value used to validate the authenticity of ciphertext
• Nonce (Number used once)
A value used in cryptographic operations
• Plaintext
Data which is either the input to encryption or the output of a decryption operation
• RFU (Reserved for future use)
Any feature, memory location, or bit that is held as reserved for future use by Atmel
• RNG (Random number generator)
Produces high-quality pseudo-random numbers
Atmel ATAES132 Preliminary Datasheet 7
8760A−CRYPTO−5/11
1.4. Communication
The ATAE S132 is designed to inter face directly with SPI and I2C microcontrollers. The read and write commands are identical
to the standard Atmel Serial EEPROM memory commands for ease of us e. Since the ATAES132 pinout is also simi lar to
standard Atm el Serial EEPROM, in some cases, it is possible to use the A TAES132 on exist ing PC boards.
When read and/ or write access to a user zone is unrestricted, then the memory is accessed using the standard I2C or SPI read
and write commands. Similar ly, if Authentica tion Only is required and the Authentication requirement has been satisfied, then
the memory is ac cessed directly by the host using standard I2C or SPI read and write commands.
If the host begins a read operation in an open user zone, but continues re ading until a prohi bited section of m em ory is
reached, the ATAES132 will continue to incr ement the address and will return 0xFF for each byte in the restricted user zone.
If the host begins a read operation in an open user zone, but continues r eading beyond the end of the user m emory, the
ATAES132 will return 0xFF for each byte request ed but will stop incrementing the addres s.
All other operations, including execution of the extended commands, are performed by using the standard I2C or SPI read and
write commands to exchange dat a packets via the c ommand and response memory buffers. The device status register
reports the state of the device and is used for handshaking between the hos t and the ATAES132.
1.4.1. Sending Atmel ATAES132 Commands
The ATAES 132 commands describ ed i n S ection 7 are exec uted by writing the c ommand block to virtual memory (Appen dix D)
using the standard SPI or I2C write commands. The respons e block is retrieved b y reading it from the virtual memory us ing
the standard SPI or I2C read commands.
1.4.1.1. Command Memory B uffer
The command memory buffer is a write-only mem or y buffer t hat i s used by writing a command block to the buffer at the base
address of 0xF E00. After the host c ompletes its write operation to the buffer, the ATAES132 verifies the integrity of t he bl oc k
by checking the 16-bit checksum , and then executes the requested oper ation. See Secti on 6.1 for a description of the
command pack et. See Appendix D for additional command memory buffer information.
Table 1-1. The command memory buffer map
Base
Address Base
+ 1
Base
+ 2
Base
+ 3 ...... ...... ...... ......
Base
+ N-2
Base
+ N-1
Count Opcode Mode Param1 Param1 Param2 ....... DataX CRC1 CRC2
1.4.1.2. Response Memory B uffer
The response memory buffer is a r ead-only memory buffer that is used by reading a response f rom the buffer at the base
address of 0xFE00. The base address of the response memory buffer c ontains the first byte of the response packet after an
ATAES132 command is processed. See Section 6.1 for a description of the response packet. See Appen dix D for additional
response memory buffer informat i on.
Table 1-2. Response memory buffer map following a crypto command
Base
Address Base
+ 1
Base
+ 2
Base
+ 3 ...... ...... ...... ......
Base
+ N-2
Base
+ N-1
Count ReturnCode Data1 Data2 Data3 ....... ....... DataX CRC1 CRC2
The response memory buffer is also used to report er r ors which occur during execution of s tandard I2C or SPI write
commands. When t he I2C or SPI command ex ec ution is complete ( as indicated by the STATUS registe r ), the response
memory buffer contains a bloc k containing an err or code (ReturnCo de) if an error occurred, other wise it contains a block with
ReturnCode = 0x00. See Section 6.3 for the error descriptions.
Atmel ATAES132 Preliminary Datasheet 8
8760A−CRYPTO−5/11
1.4.2. Device Status Register (STATUS)
The device status register is used for handshaking between the host microcontroller an d the AT A ES132. The host
microcontr oller is expected to read the STATUS Register before sending a command or reading a response.
The read-only device status register at address 0 xF FF0 reports the cur r ent status of the ATAES132 device. This register can
be read with th e standard I2C or SPI read memory commands. The SPI read status regist er command can also be us ed to
read the STATUS r egi s ter as described in Section K.3.6.
Reading the STATUS registe r does not increment the memory read addres s, so a host microcontroller can easily monitor the
ATAES132 device status by repeatedly reading the S TATUS register. See Appendix G for a detailed description of the
STATUS register bits and status bit behavior.
Table 1-3. Device status register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
EERR RRDY Reserved CRCE Reserved WAKEb WEN WIP
The device status register can always be read when the ATAES132 is configured for SPI interface mode even if the
ATAES132 is pr ocessing a command or writing the EEPROM. When the ATAES132 is configured for I2C interface mod e, the
host can read the S TATUS register on ly when the I2C device address is ACKed.
If the ATAES132 is in the sleep or standby power state, r eading the STATUS register forces the ATAES132 to wakeup; the
STATUS register is 0xFF until the wakeup process is complete.
Atmel ATAES132 Preliminary Datasheet 9
8760A−CRYPTO−5/11
2. Memory
The ATAES 132 EEPROM is a nonvol atile memory whic h is divided into several sections, with each secti on having a different
function. The user memory section contains 32Kbits for data storage. The configuration memory sect ion contains the
configuration information, security control registers, and co unters. The key memory stores the s ixteen secret keys used to
perform crypt ographic functions. The EEP R OM page length is 32 byt es . The ATAES132 S R A M buffers and regis ters are
located near the top of the memory address space, and are accessed using the standard EEPROM read/write commands.
The complete memory map is shown in Appendix B. Each port ion of the memory is described briefly in the following sections.
2.1. User Memory
The 32Kbit user memory is organized as 16 user zones of 2Kbits each. Each us er zone has an associated user zone
configuration register in the c onfiguration memory. A user zone can on ly be accessed when the security requirements
specified in the associated user zone configur ation register have been satisfied. A ll bytes wit hin a user zone have the same
access restrictions. Since the user zone access restrictions are independently configured, the security requirements for each
user zone can be uniq ue. Any key can be used with any user zone.
Each user zon e can be configured to require authentication, read encryption, write encryption, a combination of these, or no
security. T he user memory can be access ed directly with s tandard SPI or I2C commands if a user zone is configured for open
or read-only access . If the user zone security is activated, then the extended ATAES132 command set is used to access the
contents of a user zone.
2.1.1. Automatic Post-Write Data Verification
The write and EncWrite commands include an automatic data verificati on function. After the EEPROM write is complete, the
data verific ation logic reads the new EEPROM cont ents and compares it to the data received from the host. If the data does
not match the ATAES132 sets the EERR bit in the STATUS register and returns a DataMatch error code. If the data is correct ,
then the ReturnCode indicates success.
2.2. Key Memory
The Key Memory securely stores 16 keys which are each 128 bits long. Each key has an associated key configuration
register in t he configuration memory. Keys can only b e used for the cryptogr aphic functi ons enabled in the key configuration
register. Indi v idual keys can be configured to requi r e a successful auth entication prior to use. Key values can never be read
from the ATAES132 u nder any circumstances. See Appendix F for the k ey memory map.
The key memory can be written prior to locki ng with either enc rypted or cleartext data. Encrypte d writes are performed using
the EncWrit e command (see Sect i on 7.11). Cleartext writes are performed using the standard SPI or I2C write c ommands (see
Section 5.3). After locking, the ke y registers are managed with the Ke yCompute, KeyE x port, KeyImport, KeyLoad, and
KeyTransfer commands. The KeyTransfer command allows t he us er memory to be used as an extended key memory; eight
keys can be st or ed in each user zone (s ee Section 7.17).
2.3. Configuration Memory
The configuration memory cont ains all of the registers which contr ol the user zone acc ess requirements, the key usage
restrictions, and the counter usage restrictions. The device level configurat ion option registers are also loc ated in configuration
memory.
The ATAES132 configuration memory includ es a register programmed with unique read-only die identific ation data at the
factory. The configuration memory also contains several registers for customer information. The Configur ation memory
registers can always be read usi ng the BlockRead c om mand (see Section 7.4). The lock c ommand is used to permanently
lock the contents of the configuration memory after personalization (see Section 7.19).
See Table 2-1 f or a summary of the configuration memory registers sorted by register name. See Appendix E for the
configuration memory map.
Atmel ATAES132 Preliminary Datasheet 10
8760A−CRYPTO−5/11
2.3.1. Non-rev ersible Monotonic Counters
The ATAES 132 i nc ludes 16 monoto ni c nonvolatile (EEPROM) counters which can only be i nc remented. They can never be
decremente d or reset and are protected even if the power is interrupted during an increment operation. These monotonic
counters can be used to track system usage or to s t ore small values. Keys can also b e c onfigured to prevent exhaustive
attacks by limiting key usage with a counter. Each counter has an associated counter c onfiguration re gister in the confi guration
memory.
Each counter can increment up to a value of 2,097,134 using the count command; after which they can be no longer changed.
Counters att ached to keys are incremented each time the key is used – when the usage counter re aches its limit the key is
disabled.
On shipment f rom Atmel, the EEPROM locations are i nitialized to their lowest value. The initial value of each counter may be
written to a different value prior at personalization prior to lockin g the configuration. See Appendix H for additional information.
2.4. SRAM Memory
The ATAES 132 SRAM is used to stor e volatile data and status informatio n. The ATAES132 SRAM buffers and registers are
mapped into t he top of the memory address space, and are accessed using standard EEPROM read/write commands . The
command memory buffer is used to send extended commands to the device. The response memory buffer is used to read
responses to t he extended commands from the device. An IO address res et register is used to reset the buffer addr ess
pointers. T he STATUS register reports the state of the device.
The VolatileKey register and the authentication status register are stored in the SRAM and are manage d by the internal logic.
These registers can not be dir ec tly written or read by the user.
2.4.1. Nonce
The SRAM is us ed to store the nonce and the random number generator (RNG) seed. The RNG seed is generated
automatically by the ATAES132 as des cribed in Sect i on 3.6. The nonce i s generated using the nonce command or the
NonceCompute command. The nonce and RNG seed register are erased when the device loses power, enters the sleep state,
or is reset.
2.4.2. VolatileKey
The SRAM contains a session key register named VolatileKey. This key locat i on c an be written with the KeyCompute,
KeyImport, KeyLoad, or KeyTransfer commands. The V olatileKey regist er is erased when the device loses power, enters the
sleep state, or i s reset. Restrictions on the VolatileKey are establ ished when the register is created/loaded and persi s t until
the power is lo st or the key is reloaded.
The VolatileKey can never be used to read or write t he user memory or to authenticate increments of the monotonic counters.
VolatileKe y can only be used to perf or m authentication operations and to encrypt or decry pt external data. See Section 4.3
for the VolatileKey usage restrictions.
2.4.3. Command Memory Buffer
The host executes extended the ATAES132 commands b y writing a command block to the c om mand memory buffer using a
standard SPI or I2C write command. After the host compl etes its write ope r ation to the SRAM buffer, the ATAES132 verifies
the integrity of the block by checking the 16-bit checks um , and then executes the requested operation.
2.4.4. Response M em ory B uffer
The host receives responses to the extended ATAES132 commands by reading a respons e block from the response memory
buffer using a standard SPI or I2C read command. The bas e address of the response memory buffer contains the f irst byte of
the response p ac ket after an ATAES132 command is processed.
Atmel ATAES132 Preliminary Datasheet 11
8760A−CRYPTO−5/11
2.4.5. IO Addre ss Reset Register
Writing the IO address reset register causes the address pointers i n the command memory buffer and the response memory
buffer to be res et to the base address of the buffers. Writing the IO address reset register does not al ter the content s of the
response memory buffer, or the value of the STAT US register.
2.4.6. Device Status Register (STATUS)
The device status register is used for handshaking between the host micr ocontroller and the ATAES132. The host i s expected
to read the STATUS register before sending a command or reading a respons e. Reading the STATUS register does not alter
the contents of the command memory buffer, the response memory buffer, or the value of the STATUS register. See
Appendix G for the definition a nd behavior of the ST AT US register.
2.4.7. Authenticat i on Status Register
The ATAES 132 authentication status registe r stores the result of most recent authent ication attempt. The authentication
status register contains the authentication KeyID, the AuthComplete stat us flag, and the authentication usage res triction bits.
Prior to executing the Auth command, the AuthComplete sta tus flag is set to NoAut h. After successful inbound only or mutual
authentication, the AuthComplete status flag is set to YesAuth.
Atmel ATAES132 Preliminary Datasheet 12
8760A−CRYPTO−5/11
Table 2-4. Summary of the configuration memory registers sorted by register nam e(1)
Notes: 1. Changes to most of the configuration r egi s ters take effec t immediately, which allows the funct ionality to be tested
during the personalization process. Changes to the I2C Addr register take effect at the next r eset, power up, or
wakeup from the Sleep State.
2. The LockConf ig, LockKeys, a nd LockSmall bytes can only be changed with the Lock command (See Section
7.19). Warning: The Atmel ATAES 132 m ust always be locked by the customer prior to shipment to the end user
to protect the c ustomer secrets.
Name
Description
Write
Read
Bytes
Algorithm Algorithm ID Code (0x0000) Never
Always
2
ChipConfig Devic e level cryptographic and power up configuration
options If LockConfig = unlocked Always 1
Counters 16 monotonic counters , each capable of counting to 2M
See Appendi x H If LockConfig = unlocked Always 128
CounterConfig Configuration information for each Counter
See Section 4.4 If LockConfig = unlocked Always 32
DeviceNum Atm el dev i ce number code Never
Always
1
EEPageSize Length in bytes of physical EEPROM page, (32, 0x20)
Never
Always
1
EncReadSize Maximum data l ength in bytes for EncRead (32, 0x20) Never
Always
1
EncWriteSize Maximum data length in bytes for EncWrite (32, 0x20) Never Always 1
FreeSpace Free memory for customer data storage If LockConfig = unlocked
Always
96
Jedec Atmel J EDEC manufacturer c ode 0x001F Never
Always
2
KeyConfig Confi guration informat i on for each Key
See Section 4.2 If LockConfig = unlocked Always 64
LockConfig Controls configur ation memory write access, except
SmallZone. Default is the ‘unlocked’ state. (2) Via Lock command only Always 1
LockKeys Controls key memory write acces s
Default is t he ‘unlocked’ state (2) Via Lock command only Always 1
LockSmall Controls SmallZone register write access
Default is t he ‘unlocked’ state (2) Via Lock command only Always 1
LotHistory Atmel proprietary manufacturing i nformation Never
Always
8
ManufacturingID Two byte man ufacturing ID code
Never
Always
2
PermConfig Atmel factory device configuration options Never
Always
1
SerialNum Guaranteed unique die serial number . SerialNum is
optionall y inc luded in cryptographic calculat ions.
See Section E.2.1
Never Always 8
SmallZone 32 byte value. The first four bytes are optionally included
in cryptographic calculations .
See Section E.2.25
If LockSmall = unlocked Always 32
TempCal Indicates the source of t he TempOffset v al ue If LockConfig = unlocked
Always
1
TempOffset Temperature o ffset for calcula ting the die temperature
using the values returned by the temp sensor If LockConfig = unlocked Always 8
I2C Addr Selects t he s erial interface m ode and stores the I2C
device address If LockConfig = unlocked Always 1
ZoneConfig Access and usage perm issions for each user zone
See Section 4.1 If LockConfig = unlocked Always 64
Atmel ATAES132 Preliminary Datasheet 13
8760A−CRYPTO−5/11
3. Security Features
All ATAES 132 security featur es are optional. E ac h feature is enabled or disabled by progr am ming configuration bits in the
EEPROM configuration memory. Each user zone, ke y, and counter is separately and independently configur ed.
This secti on describes the AT A ES132 security features and crypto gr aphic capabilities. The funct ionality assoc i ated with each
portion of t he m emory is described i n S ection 2.
3.1. Architecture
The ATAE S132 contains all circuitry for performi ng authenticat ion, encryption and decryption using keys stored securely in the
internal EEPROM. Since the secret s are stored securely in the ATAES132, they do not have to be exchanged prior to
executing cryptographic operations.
The ATAES 132 has fixed cryptographic functionality; it is not a m i c rocontroller and cannot accept cust omer firmware. The
ATAES132 contains a hardware A ES cryptographic engine and has a f i x ed command set. Although the funct ionality is fixed, it
is also flexible because each feat ur e i s enabled or disabled by the customer by programmi ng r egisters in the EEPROM
configuratio n mem or y. After personalizati on is complete, f us es lock the configuration so that it cannot be changed.
3.1.1. AES
The ATAE S132 cryptographic functions are implement ed with a hardware cryptographic engine using AES in CCM mode with
a 128 bit key. A E S-CCM mode provides both confidentiality and integr i ty checking with a s i ngle key. The integr ity MAC
includes both the encrypted data and additional authenticate-only data bytes as descr ibed in each com m and definition. Each
MAC is unique due to inc lusion of a nonce a nd an incrementing MacCount register in the MAC calculation.
See Appendix I for information about how the AES computations are performed. Hyperlinks to the AES standard ar e provided
in Appendi x A.
3.1.2. Hardware S ecurity Features
The ATAES132 chip contains physical securi ty features to prevent an attacker f rom determining the i nternal secrets. The
ATAES132 inc ludes tamper det ectors for voltage, temperature, frequency, and li ght as well as an activ e metal shield over the
circuitry, internal memory e ncryption, and other various features. The ATAES132 physical design and cryptographic protocol
are designed to prevent or significantly complicate most algorit hm i c , timing, and side channel attacks.
3.2. Authentication
The authentication commands ut iliz e A E S-CCM to generate or validate a MAC value computed usin g an i nternally stored key.
The command set supports both one wa y an d mutual authentication. One ATA ES132 device can generate packets for
authentication of a second AT AES132 device containing the same key. The internal authentication status register remembers
only the most recent authentic ation attempt. A us er zone can be confi gured to require prior authentication of a designated key
before access to the user zone is per mitted.
3.2.1. Key Authentication
Individual k eys can be configured to require a successful authentic ation prior to use. This requirement can be used to prevent
some kinds of ex haustive attacks on the keys. The authentication requirement can be chained to require authentication of
several keys prior to allowing a particular oper ation. The internal authenticat ion status registers remember only th e m ost
recent authent ication attempt.
3.3. Encrypted Memory Read/Write
A user zone can be configured to requir e an AES-CCM encryption for the EEPROM read or write operations . If encryption is
required for write access, then the MAC is validated before the recei v ed (encrypted) dat a is written to the EEPROM. If
encryption is r equired for read ac c ess, then the A TAES132 encrypts data when it is read fr om the internal EEPROM and
generates an associated inte grity MAC.
Atmel ATAES132 Preliminary Datasheet 14
8760A−CRYPTO−5/11
3.4. Data Encryption/Decryption
A key can be conf igured to allow encryption/decryption of small pack ets of data using AE S-CCM with an internal ly stored key.
The encrypt command encrypts 16 or 32 bytes of plaintext data provided by the host; the encr ypted data and MAC are
returned to t he hos t. The decrypt command decrypts 16 or 32 bytes of encrypted dat a after verifying the MAC; the data i s
returned to t he hos t only if the MAC is valid. When these c ommands are used, none of the data is stored in the internal
EEPROM.
3.4.1. AES-ECB Encrypt i on/Decryption
A key can be conf igured to allow AES-ECB mode operations using the le gacy command. A s i ngle AES-ECB operation is
performed using an internally stored key and t he 16 byte input packet received with the AES-ECB command. The 16 byte
result is returned to the host. No inp ut or output format ting is performed by t his command, and no data is stored in the i nternal
EEPROM.
3.5. Keys
The ATAES 132 securely stores si xteen 128 bit keys in the EEPROM. Keys can only be used for the cryptographic functions
enabled in the ZoneConfig, CounterConfig or KeyConfig register bits in the configuration memory. Key values can never be
read from the ATAES132 under any circumstances. Any key can be used with any user zone.
A seventeenth key register in the internal SRAM c an be used for session keys.
See section 7.11 for the EncW r i te command. See sect ion 7.19 for the lock command.
3.5.1. Key Management
The key registers can be written with plaintext data or with encrypted data before the key memory is locked. After the key
memory is lock ed, a key register can only be updated if t he corresponding KeyConfig register allows updates.
Several key management commands are availabl e for updating or generating the keys:
1. An encrypted key provided by the host can be written to an internal key register after validating the MAC. The
KeyImport command and KeyLoad command perform this function.
2. Plaintext data provided by the host can be encrypted and returned to the host along with the MAC; this packet can
be used as the encrypted key input to another ATAES132 device. The KeyExport command performs this function.
3. The internal random number generator can be used to create a key for use as a session key or for storage in an
internal key register. The new key can also be encrypted and returned to the host for use as the encrypted key input
to another ATAES132 device. The KeyCompute command and KeyExport command perform this function.
4. The contents of the session key register can be encrypted and returned to the host along with the MAC. The
KeyExport command performs this function.
5. Keys stored in the user memory can be transferred to an internal key register or used as a session key. A user zone
configured as extended key memory can be used to store eight keys. The KeyTransfer command performs this
function.
3.5.2. Limited Use Key s
To prevent exhaustive attacks on the keys, the ATAES132 can be conf igured to limit the key usage with a monotonic counter.
If a key is configured with a usage co unter, then the following steps are performed for any command using t hat key:
1. Read the counter from memory to check if the count has reached the maximum count value
2. If the maximum count has been reached, then the command is not executed and an error code is returned
3. If the maximum count has not been reached, then the counter is incremented and the command is executed
By default, the counters are configur ed to allow two millio n counts, allo win g two m illion operati ons using a key with t he usage
limits enabl ed. Atmel recommends that the customer configure key usage counters at personalization to a smaller number;
the appropriate key usage limit is dependent on the application. See Appendix H for additional inform ation.
Atmel ATAES132 Preliminary Datasheet 15
8760A−CRYPTO−5/11
3.5.3. Secure Per sonalization
The ATAE S132 is designed to all ow personalizati on of keys using encryption, so the secret key values cannot be determined
by a third party. AES encryption of the keys prevents them from being determined by observatio n of data communicated to or
from the ATAES132.
A transport key is programmed i nto the KeyID 00 regi s ter by Atmel during the chip manufacturing process. This transport key
is securel y exchanged between the customer and Atm el. During personali z ation, the s ecret keys are encrypted using the
transport ke y before being written to the ATAE S132.
Atmel also offers a secure personalization service at additional cost which uses a hardware security module (HSM) t o store
the customer secrets.
3.5.3.1. Key Diversification
Atmel recommends that each unit should contain one or more unique key s to minimize the potential impact of c l oning. The
keys stored in the ATAES132 should be a cryptographi c combination of a root secret not stored in the chip al ong with the
unique ATA ES132 SerialNum r egi s ter value. The hos t must have a secure place to store the root s ec ret to protect the
integrit y of the diversified keys.
It may also be ben eficial for the ATAES132 devices to contain secrets for validating the au thenticity of the host. These secrets
may need to be the same on all ATAE S132 devices for a partic ular application to permit any client to validate an y host.
3.6. Random Numbers
The ATAE S132 includes a high qu al ity random number generator (RNG) for nonce generation, child key creat ion, and for the
general rand om number generation. The ATAES132 commands can generate random numbers for internal or external use.
Sixteen byte random numbers for external use are generated using the internal RNG and the AES engine as described in
NIST SP800-90.
The RNG can be used to generate the nonce for cryptographic operations. A mechanism is als o pr ovided to sync hr onize the
nonces in two ATAES132 devices using random number s generated b y both devices. A key can be configured to require that
cryptographic operations using the key use a nonce generated with the internal RNG.
3.6.1. Random Number Generat ion
The RNG architecture includes both a hardware random number generator and a store d r andom seed. On power up, the
stored seed is r ead from the EEPROM , cryptographica l ly combined with the hardware random number generator output, and
then stored in SRAM. Whenever a random number is requ i r ed, this SRAM seed is cryptographi cally combined with the
hardware random number generator output and the opt i onal input seed to create both a new SRAM seed and the random
number.
For highest security, the EEPRO M seed should be updated every power cycle in which the RNG i s used. However the
EEPROM seed register has a maximum life expectancy of 100,000 writes per unit. The host system is expected to manage
the EEPROM seed by using the command mode option to suppress automatic E E PROM seed updates.
Atmel ATAES132 Preliminary Datasheet 16
8760A−CRYPTO−5/11
4. Securit y Conf i gur at io n Regi st er s
4.1. User Zone Configuration
Access permissions t o each user zone are controlled by the ZoneConfig registers in the configuration memory. There is one
ZoneConfig re gi s ter for each user memory zone.
Table 4-5. Defini tion of the ZoneConfig Register bits(1)(2)
ZoneConfig Field Byte Bit Description
AuthRead 0 0 If 1b, then authentication is required to read data
If 0b, then authentication is not required to read dat a
AuthWrite 0 1 I f 1b, then authenticat ion is required to write data
If 0b, then authentication is not required to write data
EncRead 0 2 If 1b, then encryption is requir ed to read data
If 0b, then encryption is not required to read data
EncWrite 0 3 If 1b, then encryption is requir ed to write data
If 0b, then encryption is not required to write data
WriteMode 0 4 to 5 If 00b, then this zone is permanently read/write
If 01b, then this zone is permanently read-only
If 10b, then the ReadOnly byte deter mines if writes are permitted
If 11b, then the ReadOnly byte deter mines if writes are permitted and the Lock
command mus t include an authenticating MAC calc ulated using the KeyI D
stored in ZoneConfig[UZ]. WriteID.
UseSerial 0 6 If UseSerial = 1b and EncWrite = 1b, then the SerialNum must be included i n
EncWrite operations. If EncW rite = 0b, then this bit i s i gnored.
UseSmall 0 7 If UseSmall = 1b and EncWrite = 1b, the f i r st 4 bytes of SmallZone must be included
in EncWrite op erations. If EncW rite = 0b, this bit is ignored.
ReadID 1 0 to 3 KeyID which is used to encrypt data read from this zone
The same ke y is used to generate the MAC
AuthID 1 4 to 7 KeyID which is used for inbou nd authentication before access is permitted
Reserved 2 0 t o 3 Reserved for future us e. All bits must be 0b
WriteID 2 4 to7 KeyID which is used to decrypt data written to this zone
The same ke y is used to verify the MAC
ReadOnly 3 0 to 7 The contents of this byte are i gnored unless Wr i teMode contains 10 b or 11b
If 0x55, then t he User Zone is read/write
If any other value, then the User Z one i s R ead-Only
This byte can b e updated after the Configuration Memory is locked by using the Lock
command (See Section 7.19.)
Notes: 1. M ost changes to the ZoneConfig registers take effect imm ediately. Changes to the AuthRead and EncRead bits
do not affect t he S PI or I2C Read command unt i l the next reset or power up.
2. Warning: The Atmel ATAES132 must always be locked by the customer prior to shipment to the end user to
protect the customer secrets. See Section 7.19 for the lock command.
Atmel ATAES132 Preliminary Datasheet 17
8760A−CRYPTO−5/11
4.2. Key Configuration
Restrictions on key usage are controlled by the KeyC onfig registers in the configuration memory. Ther e is one KeyConfig
register for each key.
Table 4-6. Defini tion of the Ke yConfig register bit s(1)(2)(4)
KeyConfig Field Byte Bit Description
ExternalCrypto 0 0 If 1b, then the key can be us ed with the encrypt and decrypt comm ands(3)
If 0b, then the enc rypt and decrypt commands are prohibited
InboundAuth 0 1 If 1b, then the key can only be used by the Auth c ommand for Inboun d Only or
mutual authe ntication. The key can not be used by any other command, but
KeyID can be t he target of a key management command.
If 0b, then key can be used for any purpose not prohibited by another KeyConfig bit,
including Outbound Only auth entication
RandomNonce 0 2 If 1b, then operations using thi s key require a random nonce (see Sect i on 7.20)
If 0b, then the nonce is not required to be random
LegacyOK 0 3 If 1b, then this key can be used with the legacy command
If 0b, then the k ey cannot be used with the legacy comm and
AuthKey 0 4 If 1b, then this key requires prior authentication using the KeyID stored in LinkPointer
If 0b, then prior authentication is not required
Child 0 5 If 1b, then key is permitted to be the target of a KeyCompute or KeyLoad command
If 0b, then this use is prohibited
Parent 0 6 If 1b, then key may be use d as the VolatileKey parent by the KeyCompute or
KeyLoad comm ands. This key may als o be used as the decrypt key by the
KeyImport command when the tar get key is the VolatileKey. (see S ec tion 4.3)
If 0b, then this use is prohibited
ChangeKeys 0 7 If 1b, then key updates ar e permitted after locking. The new key is written using the
EncWrite command with a MAC generat ed with the current value of key.
(see Section 7.11)
If 0b, then key updates with EncW rite command are prohi bited
CounterLimit 1 0 If 1b, usage count lim its are enabled for t his key (see CounterNum)
If 0b, then there are no usage limits
ChildMac 1 1 If 1b, then an i nput MAC is required to modify this key us i ng the KeyCompute
command
If 0b, the KeyCompute command does not require an input MAC (it will be ignored if
provided)
AuthOut 1 2 If 1b, then I2C Auth signaling is enabled for this key (see Section J.5)
If 0b, then I2C Aut h s i gnaling is disabled for this key
AuthOutHold 1 3 I f 1b, the I
2
C AuthO output state is unchanged when an authentication reset is
executed usi ng this key
If 0b, then the I2C AuthO output is res et when an authentication reset is executed
using this key (see Section J.5)
ImportOK 1 4 If 1b, then this key is perm i tted to be the target of a KeyImport command
If 0b, then the K eyImport command is prohibited
ExportAuth 1 5 If 1b, then the KeyExport and KeyCompute c ommands require prior authenticat ion
using the KeyID stored in LinkPointer
If 0b, then prior authentication is not required
Atmel ATAES132 Preliminary Datasheet 18
8760A−CRYPTO−5/11
KeyConfig Field Byte Bit Description
TransferOK 1 6 If 1b, then this key is permitted to be the target of a KeyTransfer c ommand
(See Section 7.17)
If 0b, then the K eyTransfer command i s prohibited
AuthCompute 1 7 If 1b, then this k ey can be used with the AuthCompute command
If 0b, then the k ey cannot be used with the AuthComput e command
LinkPointer 2 0 to 3 For child keys, stores the ParentKeyID
For all other ke ys, the KeyID of the authorizing key (s ee A uthKey)
CounterNum 2 4 to 7 Stores the CntID of the monotonic counter attached to this key for us age limits or for
MAC calculati on. MAC calculati ons will include the counter if command mode bit 5 is
1b even if key usage limits are disabled.
Reserved 3 0 to 7 Reserved for future use. All bits must be 0b.
Notes: 1. Changes to the KeyConf ig registers take effect immediately, which allows the functionality to be verified dur ing
the personalization process
2. Warning: The Atmel AT A ES132 must always be lock ed by the customer prior to shipmen t to the end user to
protect the customer secrets. See Section 7.19 for the lock command.
3. Warning: Since the encrypt command does not include an input MAC, the encrypt command can exhaustively
be run with selected input data to attack the key. Requiring authentication prior to al l owing encryption makes
these attacks more difficult. To require prior authentication, the AuthKey and Random Nonce bits must be s et to
1b.
4. A key can be dis abled by setting KeyConfig[KeyN].AuthKey to 1b and KeyConfig[KeyN].LinkPointer t o c ontain
"KeyN", where KeyN = KeyID of the key being configured
Atmel ATAES132 Preliminary Datasheet 19
8760A−CRYPTO−5/11
4.3. VolatileKey Configuration
There is a seventeenth key regist er named VolatileKey that has a KeyID of 0xFF and is stored in the internal SRA M. This key
location can be written only wi th the KeyCompute command (see Section 7.13) or KeyLoad command (see Section 7.16). The
contents of the VolatileKey re gi s ter are erased when the device is powered down, enters the sleep state or is reset.
When the Vola tileKey register is loaded, restric tions are placed on its usage, which persist until the power is lost or the key is
reloaded. The definition of the VolUsage field i s shown in Table 4-3.
Table 4-7. Defini tion of the VolUsage field bits in the KeyCompute or KeyLoad command at VolatileKey creati on
VolUsage Field Name Byte Bit Description
AuthOK 0 0 If 1b, then the Auth command can be run using this key
If 0b, then the A uth command is prohibited
EncryptOK 0 1 to 2 If 00b, then the encrypt comm and i s prohibited
If 01b, then the encrypt command can be run using this k ey without a prior
authentication (1)
If 10b or 11b, then encrypt command can be run using this key only with a prior
authentication using this key (1)
DecryptOK 0 3 If 1b, then the decrypt com mand can be run us ing this key
If 0b, then the dec rypt command is pr ohibited
RandomNonce 0 4 If 1b, then operations using this ke y require a random nonc e (See Section 7.20).
If 0b, a fixed (i nput only) nonce is per mitted
AuthCompute 0 5 If 1b, then the AuthCompute command can be run using this ke y
If 0b, then the A uthCompute command is prohibited
LegacyOK 0 6 If 1b, then the legacy command can be run using this key
If 0b, then the legacy command is prohibited
ExportOK 0 7 If 1b, then the VolatileK ey can be encrypted and exported usin g the KeyExport
command
If 0b, then export of VolatileKey is prohibited
WriteCompute 1 0 If 1b, then the WriteCompute comm and can be run using this key
If 0b, then the WriteCompute command is prohibited
DecRead 1 1 If 1b, then the DecRead command can be run usi ng this key
If 0b, then the Dec R ead command is prohibited
Reserved 1 2 to 7 Reserved for future use. All bits must be 0b.
Note: 1. Warning: Since the encrypt command does not include an input MAC, the encrypt command can be
exhaustively run with selected input data to attack the VolatileKe y. R equiring authentication prior t o allowing
encryption makes these attacks more difficult. To implement this, the Auth, and RandomNonce bits must be set
to 1b, and the encrypt bits must be s et to 10b or 11b when the VolatileKey is created.
Atmel ATAES132 Preliminary Datasheet 20
8760A−CRYPTO−5/11
4.4. Monontonic Counter Configuration
The CounterC onfig register im pos es restrictions on the usage of the counter command with a counter (See Section 7.5). There
is one CounterConfig register for each counter. Each counter can increment up to a valu e of 2,097,134 usin g the count
command; aft er which they can be no longer changed. See Appendix H for addi tional counter i nformation.
The CounterC onfig bits have no impact on the functio nality of a Key Usa ge Counter. If a Counter i s identified in a KeyConfig
register (se e S ection 4.2) as a Key Usage Counter, the n the Counter will i ncrement each tim e the Key is used. The
CounterConfig[CntID].Increment OK bit is typicall y set to 0b to prohibit the Counter Command f r om incrementing a Key usage
Counter.
Table 4-8. Definition of t he CounterConfig register bits(1)(2)
CounterConfig Field Byte Bit Description
IncrementOK 0 0 If 1b, then increments using the count er command are perm itted
If 0b, then increments using the counter command are prohibited
RequireMAC 0 1 If 1b, then the increment operation requir es an input MAC
If 0b, then an i nput MAC is prohibit ed
Reserved 0 2 to 7 Reserved for future use. All bits must be 0b.
IncrID 1 0 to 3 Ke yID of the key used to gen er ate the counter command input MAC for increment
operations
MacID 1 4 to7 KeyID of the key used to generate the counter command output MA C for counter
read operations
Note: 1. Changes to the Counter C onfig registers take effect imm ediately, allowing the functionality to be verif ied during
the personalization process
2. Warning: The Atmel AT A ES132 must always be lock ed by the customer prior to shipmen t to the end user to
protect the customer secrets. See Section 7.19 f or the lock command.
Atmel ATAES132 Preliminary Datasheet 21
8760A−CRYPTO−5/11
5. Standard Serial EEPROM Read and Write Commands
This secti on pr ovides a summar y of the operations that c an be performed using the standard Serial EEPROM read and write
commands. For detailed inform ation see the specification sections that are referenced below.
Table 5-9. Standard Seri al EEPROM read and write commands
Name Description
Read The read command is used to read cleartext from the user zones, to retrieve a response by
reading the response memory buffer, or to read the STATUS register
Write The write command is used to write cleartext to unrestricted memory, or to send a command by
writing the command packet to the command memory buffer. The write command is also used to
write the IO addr ess reset register .
5.2. Read
The ATAE S132 supports the standard Serial EEPROM commands to read from the user mem ory. All bytes in the user
memory address space may be read, however, onl y bytes in the user zo nes in which neither authentication nor encryption is
required will r eturn the actual data from the memory. All other locations will return the value 0xFF. S ee A ppendix J for the I2C
read command and A ppen di x K for the SPI read command information.
When a read command is received, the device looks at the AuthRead and EncRead bits in t he ZoneConfig register for the user
zone to determine whether to ret urn 0xFF or the EEPRO M data. If the EncRea d bit is 1b or the AuthRe ad bi t is 1b, then 0xFF
will always be returned.
If the ZoneCon fig AuthRead bit is 1b and the EncRead is 0b, then the Block Read command must be used to read the user
zone (see Section 7.4). If the Enc Read bit is 1b, then t he E ncRead command mus t be used to read the user zone (see
Section 7.9).
The standard SPI and I2C Read commands can be used to read any number of bytes in a single operation. Read operations
can cross EEPROM page boundaries .
5.2.1. Read the Response Memory B uffer
The host sends ATAES132 comman ds to the device by writing the command packet to the command memory buffer us i ng a
standard SPI or I2C write command. The ATAES132 proces ses the command pack et and places the response in the
response memory buffer. The host retrieves the respo ns e by reading the res ponse packet using a standard SPI or I2C read
command. See Appendix D for additional i nformation. See Appendix G for examples.
When any erro r occurs the EERR bit of the STATUS register is set to 1b to indicate an error. See section G.1 for more
information.
5.2.2. Read the K ey Memory or Configuration Memory
Reading the key memory is never al lowed.
The read command can never be used t o read data from the c onfiguration memory. The BlockR ead command is used to
access the configuration memory (see Section 7.4).
If a standard SPI or I2C read command is used within the configuration memory or key memory address space, then 0xFF will
be returned for each byte. 0xFF is also returned for address locations which do not physically exist. The EERR bit of the
STATUS register is set to 1b if 0xFF was substituted for any byte returne d by a read command. See section G.1 for more
information.
5.2.3. Read the S TATUS Register
The host reads the STATUS regist er by reading address 0xFFF0. In SP I Interface mode the host can also read STATUS
using the RDSR c ommand. See Appendi x G for detailed information and examples.
Atmel ATAES132 Preliminary Datasheet 22
8760A−CRYPTO−5/11
5.3. Write
The ATAE S132 supports the standard Serial EEPROM commands to write to unrestricted user memory (AuthWrite and
EncWrite are both 0b). See Appendix J for the I2C write command and Appendix K for the SPI write command information.
The ATAES132 is capable of writing 1 to 32 bytes on a single physical page with each write operation.
The write command c an only write data t o a single user zone; the data can not span multiple user zones. The write command
can only write data to a single EE PROM page; the data can not cross page boundaries. The EERR bi t of the STATUS register
is set to 1b to indicate an error if a prohibited write is at tempted. See section G.1 for more inform ation.
5.3.1. Write the Command Memory B uffer
The host sends ATAES132 commands to the device by writing the comm and packet to the command memory buffer using a
standard SPI or I2C write command. The ATAES132 proces ses the command pack et and places the response in the
response memory buffer. The host retrieves the response by reading the response packet using a standard SP I or I2C read
command. See Appendix D for additional informati on. See Appendix G for examples.
When any erro r occurs, either t he EERR bit or the CRCE bit of the STATUS regis ter is set to 1b to indi c ate an error. See
section G.1 for more information.
5.3.2. Write the IO Addre ss Reset Register
The host can reset the pointer in the command memory buffer and the response memory buffer by writing to address 0xFFFE.
See Section D.4 for additional information.
5.3.3. Write the Key Memory or Configuration Memory
The ATAE S132 supports standard Serial EEPROM commands to write to the configuration memory or the key memory prior to
locking. The ATAES132 is capab le of writing 1 to 32 bytes on a single physical page with eac h write operation.
Note: Partial writes to key registers are prohibit ed
If LockKeys has a value of 0x55 (unl oc ked) and the address points to key memory, th en the starting addr ess must be the first
byte of a key register and 16 bytes of cleartext dat a m ust be sent. If thes e c onditions are not s atisfied, then an er ror response
will be gener ated and the EEPROM will remain unchanged.
If LockConfig has a value of 0x0 0 ( l oc ked) and the address points to the configuration memor y, then a write command will
generate an error and the EEPROM will be unchanged.
If LockConfig has a value of 0x55 (unlocked), then the user zone write rest rictions imposed by ZoneConfig are enfor ced, but
can be changed. Atmel does not recommend writing secret data int o the user zones prior to locking of the configuration
memory due to the fact that an attack er can change the ZoneConfig bits to allow read of the user zone if the configuration
memory is unlo cked.
When any erro r occurs, either t he E ERR bit or the CRCE bi t of the STATUS regist er is set to 1b to indicate an error. See
section G.1 for more information. See the lock command (Section 7.19) for additional information.
Atmel ATAES132 Preliminary Datasheet 23
8760A−CRYPTO−5/11
6. Atmel ATAES132 Commands
6.1. Command Block and Packet
The host sends ATAES132 extended commands to the device in a block of at least nine bytes. The ATAES132 responses are
returned to t he hos t in a block of at least four b ytes.
Table 6-10. The command and response blocks are constructed in the following mann er:
Byte # Name Meaning
0 Count Number of bytes to be transfer red to the device in t he block, includi ng c ount, packet, and
checksum. T hi s byte will always have a value of N.
1 to (N-3) Packet Command, parameter s and data, or response. Data is transmitted in the by te order
shown in the c om mand definitions .
N-2, N-1 Checksum Atmel CRC-16 v er i fication of the count and packet byt es. See Appendix M for additional
information and examples.
Table 6-11. The input command pack et within the comm and block is constr uc ted in the follo win g manner:
Byte # Name Meaning
1 Opcode T he c ommand code
2 Mode Command m odifier
3, 4 Param1 First c om mand parameter
5, 6 Param2 Second command parameter
7+ Data Opt i onal input data
Table 6-12. The response packet within the response block is constructed in the follo wi ng manner:
Byte # Name Meaning
1 ReturnCode The command return c ode (see Section 6.3)
2+ Data Opt i onal output data
Table 6-13. When an error occurs t he r esponse packet contains only an error code:
Byte # Name Meaning
1 ReturnCode The error code ( s ee Section 6.3)
The host sends ATAES132 commands to the device by writing the command b l oc k to the Command Memory Buffer using a
standard SPI or I2C write command. ATAES132 processes the command packet and places the response block in the
Response Memory Buffer. The host retrieves the respo nse by reading the r es ponse block using a standard SPI or I2C read
command. If the host reads beyond the end of the block, then 0xFF is returned.
Atmel ATAES132 Preliminary Datasheet 24
8760A−CRYPTO−5/11
6.2. Command Summary
Table 6-6 shows the command set in al phabetical order by command name. Table 6-5 shows the command set sorted by the
Opcode value. See Section 7 for the ATAES132 command definitions.
Table 6-14. Extended Atmel ATAES132 command set, sorted by Opcode value
Opcode
(1)
Name Description
0x00 Reset Resets the device, clearin g t he cryptographic status
0x01 Nonce Generates a 128 bit nonce using t he inter nal random number generator for use by the
cryptographic commands. This command can a lso be used to write a host nonce directly into the
Nonce register.
0x02 Random Returns a 128 bit random numb er f rom t he internal random nu m ber gener at or
0x03 Auth Performs one-way or m ut ual authentication usi ng the specified key
0x04 EncRead Encrypts 1 to 32 bytes of data from user memory and returns the encrypted data and integrity
MAC
0x05 EncWrite Writes 1 to 32 bytes of encry pt ed data into the user mem ory or key memory after verifying the
integrity MAC
0x06 Encrypt Encrypts 16 or 32 bytes of plaintext dat a provided by t he host
0x07 Decrypt Decrypts 16 or 32 bytes of data provided by t he host after ver ifying the integrity MAC
0x08 KeyCompute Generates a random number, stores it in key memory and r eturns the encrypted key to the host
0x09 KeyLoad Writes an encrypted key t o key memory af t er verifying the integrity MAC
0x0A Counter Increments a monotonic counte r and/ or r et urns the current count er value
0x0B Crunch Processes a seed value through the inter nal crunch engine. This function is used to det ect
clones.
0x0C Info Returns device information: the MacCount, aut hent ication status, or the hardware revision code
0x0D Lock Permanently locks the configuration memory or key memory. Locked memory can never be
unlocked.
0x0E TempSense Measures the die temperature
0x0F Legacy Performs a single AES-ECB mode operation on 16 bytes of data provided by the host
0x10 BlockRead Reads 1 to 32 bytes of data from user memory or the configuration memory. Returns cleartext
data.
0x11 Sleep Places the device in the sleep state or st andby st at e t o reduce power consumption
0x13 NonceCompute Generates a nonce in a manner which allows two ATAES132 devices to have i dentical nonce
values
0x14 AuthCompute Computes the input MAC required to execut e the Auth comm and or to increment a counter using
the counter command on a second ATAES132 d evice
0x15 AuthCheck Checks the output MAC generated by t he Auth command or by reading a counter using the
counter command on a second ATAES132 device
0x16 WriteCompute Encrypts data and generates the input MAC required to execute the EncWrite command
0x17 DecRead Checks the output MAC and decrypts data which was encrypted by the EncRead command
0x18 KeyExport Encrypts a key for export to an ATAES132 device. O pt ionally generates the key being exported.
0x19 KeyImport Decrypts and writes a key which was output by the KeyExport command or KeyCompute
command
0x1A KeyTransfer Transfers a key from user memory into the key memory or into the Volat ileKey register
Note: 1. The most significant three bits of the com mand Opcode may cont ain any value; these three bit s are ignored by
the Atmel ATAES132 command decoder
Atmel ATAES132 Preliminary Datasheet 25
8760A−CRYPTO−5/11
Table 6-15. Extended ATAES132 command set, sor ted by command name
Opcode(1) Name Description
0x03 Auth Performs one-way or mutual authentication using the specified key
0x15 AuthCheck Checks the output MAC generated b y the Auth command or by reading a counter us ing
the counter command on a second ATAES132 device
0x14 AuthCompute Computes t he input MAC required to execute the Auth command or to incr em ent a
counter usin g the counter comm and on a second ATAE S132 device
0x10 BlockRead Reads 1 to 32 b yt es of data from user memo ry or the configurat ion memory. Returns
cleartext data.
0x0A Counter Increments a m onontonic counter and/or returns the counter value
0x0B Crunch Processes a seed value through the internal crunch engine. This functi on is used to
detect clones.
0x17 DecRead Checks the output MAC and decr ypts data which was encrypted by the EncRead
command
0x07 Decrypt Decrypts 16 or 32 bytes of data provi ded by the host aft er verifying the integrity MAC
0x04 EncRead Encrypts 1 to 32 byt es of data from user mem ory and returns the encrypted data and
integrit y MAC
0x06 Encrypt Encrypts 16 or 32 bytes of plaintext data provided b y th e host
0x05 EncWrite Writes 1 to 32 bytes of encrypted data into the user memory or key memory after
verifying t he integrity MAC
0x0C Info Returns devic e information: the MacCount, authentication status , or the hardware rev i s ion
code
0x08 KeyCompute Generates a r andom number, stores it in key memory and returns t he enc rypted key to
the host
0x18 KeyExport Encrypts a ke y for export to an AT A ES132 device. Optionally generates the key being
exported.
0x19 KeyImport Decrypts an d writes a key which was output by the Ke yExport command or KeyCompute
command
0x09 KeyLoad Writes an encrypted key to key memor y after verifying the integrity MAC
0x1A KeyTransfer Transfers a key from user mem ory into the key memory or into the Vol atileKey register
0x0F Legacy Performs a single AES-ECB mode operation on 16 bytes of data provided by the host
0x0D Lock Permanently locks the configuration m emory or key memory. Locked memory can never
be unlocked.
0x01 Nonce Generates a 128 bit nonce using the int er nal random number generator for us e by the
cryptographic commands. This command can also be used to write a host nonce di r ectly
into the Nonce register.
0x13 NonceCompute Generates a nonce in a manner which allows t wo ATAES132 devices to have identical
nonce values
0x02 Random Returns a 128 bit random number from t he internal random number generat or
0x00 Reset R es ets the device, c l earing the cryptogr aphic status
0x11 Sleep Places the device i n the sleep state or standby state to redu c e power consumption
0x0E TempSense Measures t he die temperature
0x16 WriteCompute Encrypts data and generates the input MAC required to execute the EncWrite command
Note: 1. The most significant three bits of the com mand Opcode may cont ain any value; these three bit s are ignored by
the Atmel ATAES132 command decoder
Atmel ATAES132 Preliminary Datasheet 26
8760A−CRYPTO−5/11
6.3. ReturnCode
The response packet for each ATAE S 132 command includes a R eturnCode to report success or failure to the host. The first
four error cod es (0x01 through 0x08) may occur concurrently with other codes.
The reset command and the slee p command do not generate a ReturnCode because they do not generate a response packet.
All other AT A ES132 commands gen er ate a ReturnCode.
Table 6-16. R eturnCode field s or ted by Value
Value Name Notes
0x00 Success No errors
0x02 BoundaryError Crossed a page boundary for a write, BlockR ead or EncRead. Crossed a key register
boundary for a write or EncWrite
0x04 RWConfig Access to the specified user zone is not permitted due to the configuration or int ernal state
0x08 BadAddr Attempted to write locked memor y, or address is not implemented, or address is illegal for this
command
0x10 CountErr Counter limit reached, or count us age error, or restri c ted key error
0x20 NonceError Nonce invali d or not available. Nonce not generat ed with internal RN G. MacCount limit has
been reached.
0x40 MacError Missing input M AC, or MAC compare f ai led
0x50 ParseError Bad opcode, bad mod e, bad param, invalid length, or other encoding failure
0x60 DataMatch EEPROM post-write automatic data verification f ailed due to data mismat ch
0x70 LockError Lock command contained bad checksum or bad MAC
0x80 KeyErr Key not permitted to be used for this operation, or wrong key was used for operation. Prio r
authentication has not been per formed. Other authe ntication error or ot her key error .
0x90 TempSenseErr Temperature sensor timeout error
If ReturnCode has any value other than 0x00, no additional data will be returned by ATAES132. If the ReturnCode is greater
than zero for any command that perfor ms cryptographic operations, then the nonce will be invalidated.
Atmel ATAES132 Preliminary Datasheet 27
8760A−CRYPTO−5/11
7. Command Definitions
The ATAES 132 extended command definitions are desc r ibed in this section. The commands are listed in alph abetical order
by command name. The standard Serial E EPROM read and write commands are in Sec tion 5 which are not included in this
section. The cryptographic operat ions perform ed by the ATAES132 commands are descri bed in Appendix I.
7.1. Auth Command
The Auth comm and performs a one-way or m utual authenticati on using AES-CCM . The Auth command options are shown in
Table 7-1. The nonce r egister value is used as the CCM nonce f or all Auth command M AC calculations .
• Mutual authentication
The InMAC is verified, and upon success, an OutMAC is calculated and returned to the host. The AuthComplete
status flag is set to YesAuth if the I nMAC is verif ied.
• Outbound only authentication
The OutMAC is calculated and output to the host. The AuthComplete status flag is set to NoAuth. The Outbound
only authentication is also known as challenge-response authentication.
• Inbound only authentication
The InMAC value is verified, and the success or failure is reported to the host. The AuthComplete status flag is set
to YesAuth if the InMAC is verified.
• Authentication reset
The AuthComplete status flag is set to NoAuth.
Table 7-17. Auth command options
Mode bit 1 Mode bit 0 Description InMAC OutMAC
1b 1b Mutual authentication Required Generated
1b 0b Outbound only authentication Prohibited Generated
0b 1b Inbound only authentication Required No
0b 0b Authenti cation reset Prohibited No
If a MAC is required or will be generated by the Auth command, then a valid nonce is required. If the
KeyConfig[AK eyID].RandomNonce bit is 1b, then the nonce must be random.
The AuthCompute command can be used to generate the InM ac required for inbo und only authentic ation, or mutual
authentication (see Sectio n 7.3). The AuthCh eck command can be used t o validate the Out M ac (see Section 7.2).
In the I2C interface mode, the Auth command can also used for Auth signaling. See Section J.5 for the Auth signaling
specifications.
7.1.2. Authenticat i on Status Register
The authentication status regi ster contains the AKeyID, the AuthComplete status flag, and the usage bits. Prior to execu ting
the Auth comm and, the AuthComplete status flag is set to NoAuth. If the I nMAC i s successfully ver ified in the inbound only or
mutual authentication mode, then the AuthComplete status flag is set to YesAuth.
The ATAES 132 authentication status registe r only stores the result of the most recent authentication attempt. If there is a
parsing or execution error then the prior authent i c ation, status will be lost.
7.1.3. Authenticat i on Usage
The usage field (Param2) controls which operations are permitted with a successful inbound only or mutual authentication (see
Table 7-2). If Param2 is 0x0000 the AuthComplete flag is set to NoAuth but the authent ication outputs are generated. Param2
is ignored if the outbound onl y authentication is performed.
Atmel ATAES132 Preliminary Datasheet 28
8760A−CRYPTO−5/11
Table 7-18. D efinition of the A uth command usage field (Param2)
Byte # Bit # Name Notes
0 0 ReadOK If 1b, then the read a nd E ncRead commands are enabled for the us er zone reads
after success ful authentication.
If 0b, then the read and EncRead commands are prohibited for the user zone reads if
authentication is required in ZoneConfig[UZ ]. (see Section 4.1)
0 1 WriteOK If 1b, then the write and EncW rite commands are en abled for the user zone writes
after success ful authentication.
If 0b, then the write and EncWrite commands are prohibited for user zone writes if
authentication is required in ZoneConfig[UZ ]. (see Section 4.1)
0 2 KeyUse If 1b, then if a k ey requires authenti cation (KeyCo nfig[AKeyID].AuthKey is 1b), the
EncRead, EncWrite, encrypt, decrypt, legacy, KeyCompute, and KeyLoad
commands are enabled after succes sful authentication.
If 0b, then the EncRead, EncWrite, encrypt, decrypt, legacy, KeyCompute, and
KeyLoad commands using the authentic ated key are prohi bi ted after
authentication. (see Section 4.2)
0 3-7 Zero Reserv ed. Must be 0b
1 0:7 Zero Reserved. Must be 0x00
If the AKeyID is VolatileKey, then VolUsage.AuthOK m ust be 1b when the key is l oaded, or authent ication will fail .
Table 7-19. Input parameters
Name Size
(Bytes) Notes
Opcode Auth 1 0x03
Mode Mode 1 Bit 0 and 1: If 11b, then perform mut ual authentication
If 10b, then perform outbound only authentication
If 01b, then perform inbound onl y auth entic at i on
If 00b, then perform authentication reset
Bits 2, 3, 4: R es erved. Must be 0b
Bit 5: If 1b, include the associated usage counter in the authenti cation
Bit 6: If 1b, include the SerialNum in the authentication
Bit 7: If 1b, include the fir s t four bytes of t he S mallZone in the authentication
Param1 AKeyID 2 Upper byte is always 0x00. Lower byte is the pointer to the key. Legal values: 0x00 t o
0x0F, 0xFF.
Param2 Usage 2 A uthentication usage restrictions . Ignored if mode bit s 0 and 1 are 00b or 10b.
Data InMac 0 or 16 Input MAC to be verified (see Section I.3)
Atmel ATAES132 Preliminary Datasheet 29
8760A−CRYPTO−5/11
Table 7-20. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command execution or validation f ai lure generates a
non-zero error code, per Section 6.3.
OutMac 0 or 16 If an output MAC generation was required (and any optional input MAC verif ication succeeded),
then a 16 byte MAC will be returned.
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block format is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 30
8760A−CRYPTO−5/11
7.2. AuthCheck Command
The AuthCheck command is used to check the OutMAC generated by the Auth command or the c ounter command on a
second AT A ES132 device. This command can not check MACs created by other commands.
To use this command the nonce must be identical on both dev ices (see Section 7.21.1) and the MacCount must have the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the KeyID on the orig in device to
match the KeyI D on the destination device. In this sect i on the device which generates the M A C is referred to as the origin
device; the device checking th e MAC is referred to as the destination dev ice.
If mode bit 5, 6, or 7 is 1b, then the associated usage counter, Ser ialNum register value, or the firs t four bytes of the
SmallZone register in the SecondBlock field must match the values on the origin device. The ManufacturingID register must
be identical on both devices, sinc e it is always included in the MAC calc ulation.
A valid nonce is required to run the AuthCheck c ommand. If the KeyConfig[MacKeyID]. RandomNonce bit is 1b, then the nonce
must be rando m .
The AuthCheck command alwa ys s ets the AuthComplete status flag t o NoAuth.
Table 7-21. Input parameters
Name Size
(Bytes) Notes
Opcode AuthCheck 1 0x15
Mode Mode 1 The value of this field must mat ch the mode field val ue used when executing
the Auth comm and or the counter comman d whi c h generated the O utMAC on
the origin device
Param1 MacKeyID 2 Upper byte is always 0x00. Lower byte is the pointer to the key.
Legal values: 0x00 to 0x0F, 0xFF
Param2 Zero 2 Always 0x0000
Data1 FirstBlock 11 The value of t his field must match the first authenticate-only block use d to
calculate the MAC on the origin dev ice
Data2 SecondBlock 16 The value of this field must match the secon d authenticate-only bloc k used to
calculate the MAC being chec ked on the origin device. If mode bits 5, 6, and 7
are 0b, then this field must be pres ent, but is ignored.
Data3 InMac 16 MAC to be checked
Table 7-22. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any com m and execution or val i dation failure generates a
non-zero error code, per Section 6.3
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block format is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 31
8760A−CRYPTO−5/11
7.3. AuthCompute Command
The AuthCompute command is used to compute a MAC which will be used to execute the Auth command or the counter
command on a sec ond ATAES132 device.
To use this command, the nonce mus t be identical on both devices (see Section 7.21.1) and the MacCount must have the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the KeyID on the orig in device to
match the KeyI D on the destination device. In this sect i on, the device which generates the MAC is referred to as the origin
device, and the device checking t he MAC is referred to as the destination device.
If mode bit 5, 6, or 7 is 1b, then the associ ated usage counter , SerialNum register value, or the first four bytes of t he
SmallZone register in the SecondBlock field must match the values on the destination device. The ManufacturingID r egister
must be identical on both devi c es, since it is al ways i nc luded in the MAC cal c ulation.
A valid nonce is required to run the AuthComput e c ommand. If the KeyConf ig[MacKeyID].RandomNonce bit is 1b, then the
nonce must be r andom .
The AuthCompute command al ways sets the AuthComplete status flag to NoAuth.
Table 7-23. Input parameters
Name Size
(Bytes) Notes
Opcode AuthCompute 1 0x14
Mode Mode 1 The value of this field must match the mode field val ue to be used when
executing the Auth command or the counter command on the destination device
Param1 MacKeyID 2 Upper byte is always 0x00. Lower byte is the pointer to the k ey.
Legal values: 0x00 to 0x0F, 0xFF
Param2 Zero 2 Always 0x0000
Data1 FirstBlock 11 The value of this field must match the first authenticate-only block to be us ed
when executing the Auth command or the counter command on the destination
device
Data2 SecondBlock 16 The value of this field must match the secon d authenticate-only bloc k to be used
when executing the Auth command or the counter com mand on the destination
device. If mode bits 5, 6, and 7 are 0b, then this field must be present, but is
ignored.
Table 7-24. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x 00 will be returned. Any command execution or validation failure generates a
non-zero error code, per Section 6.3.
OutMac 16 The 16 byte MAC
The command and response packet is transmitt ed as a bl ock beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 32
8760A−CRYPTO−5/11
7.4. BlockRead Command
The BlockRead command reads 1 to 32 bytes of plaintext data from a user zone or the configuration memory. This c ommand
differs from the standard Serial E E PROM read commands, since it can re ad the configuration memory. In addition, this
command returns an error code if the read is unsucc es sful. No encryption is performed by t he BlockRead c ommand; the
EncRead command must be used for encrypted reads (see Section 7.9).
The BlockRead command can only read data from a singl e EEPROM page – the requested data can not cross page
boundaries (see Section B.2). A ll bytes within the configuration memory can be read with t he B l oc kRead command. If any
part of the requ es ted data lies in unimplemented or ill egal memory, the command will gene rate an error code. The key
memory can never be r ead under any circumstances – any att em pt to read the key memory will generate an error code.
The user zone access is depende nt upon the value of the EncRead and AuthRead bits of the ZoneConfig[UZ] register. If
ZoneConfig[UZ].AuthRead is 0b, then BlockR ead can read the user zone. If ZoneConfig[UZ].AuthRead is 1b, then BlockRead
can only be used to access the user zone if the authentication requirement has been satis fied. If ZoneConfig[U Z].EncRead is
1b, then BlockRead can never be used to access the user zone. A single BlockRead command ca n only read data from a
single user zone – the requested data can not span mul tiple user zones, or multiple EEPRO M pages.
Table 7-25. Input parameters
Name Size
(Bytes) Notes
Opcode BlockRead 1 0x10
Mode Mode 1 Must be 0x00
Param1 Address 2 The address of data to read
Param2 Count 2 Upper byte is always 0x00. Lower byte is the number of bytes to read.
Table 7-26. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be ret urned
Any command exec ution or validation failure gener ates a non-zero error code, per Section 6.3
OutData 0 - 32 Output data (cleartext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 33
8760A−CRYPTO−5/11
7.5. Counter Command
The counter command reads or inc rements the internal non-revers i ble monotonic counte rs. Each counter can increment up to
a value of 2,09 7,134 using the count command, after which they can be no longer changed. See Appendix H for additional
counter information.
Table 7-27. C ounter command options
Mode bit 1 Mode bit 0 Description InMAC OutMAC
1b 1b Read Counter with MAC Prohibited Generated
0b 1b Read Counter, no MAC Prohibited No
1b 0b Increm ent Counter with MAC Required No
0b 0b Increm ent Counter, no MAC Prohibited No
The CounterC onfig[CntID].RequireMAC register bi t determines if InMAC is required whe n incrementing the counter (see
Section 4.4). If CounterConfi g[CntID].RequireMAC = 1b, then InMAC is required, so mode bit 1 m us t be set to 1b when
incrementing the counter. If CounterConfig[CntID].RequireMAC = 0b, then InMAC is prohibited, so mode bit 1 m us t be set to
0b.
If a MAC is required or generated, then a valid nonce is r equired to run the counter command. If the
KeyConfig[K eyID].RandomNonce bit is set for t he authorizing key, then the nonce must be random.
The AuthCompute command can be used to generate the InMac (see Section 7.3). The AuthCheck c ommand can be used to
validate the OutMac (see Section 7.2).
Table 7-28. Input parameters
Name Size
(Bytes) Notes
Opcode Counter 1 0x0A
Mode Mode 1 Bit 0: If 1b, then read the counter
If 0b, then Inc r ement the counter
Bit 1: If 1b, then InMAC is included in the input packet if bi t 0 is 0b, or
OutMAC is gen er ated if bit 0 is 1b
If 0b, then neither the input nor output packets include a MAC.
Bits 2 to 4: Reser ved. Must be 0b.
Bit 5: If 1b, i nc l ude the usage counter as sociated with the key(1) used to
generate the MAC
Bit 6: If 1b, i nc l ude the SerialNum in the MAC
Bit 7: If 1b, include the first four bytes of the SmallZone in the MAC
Param1 CountID 2 Upper byte is always 0x00. Upper nibble of lower byte is always 0x0.
Lower nibbl e of lower byte is the counter to be queried.
Param2 Zero 2 Always 0x0000
Data InMac 0 or 16 Integrity MAC for the counter inc rement operation
Notes: 1. The MAC is generated us ing the key identified by the KeyID in CounterConfig[CountID]. IncrID for increment
operations, or the KeyID in Co unterConfig[CountID].MacID for counter read operat ions. The usage co unter
included in the MAC when mode bit five is 1b is identified by the CntID stored in KeyConfig[KeyID].CounterNum
for the key used to generate the MAC.
Atmel ATAES132 Preliminary Datasheet 34
8760A−CRYPTO−5/11
Table 7-29. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success , 0x00 will be returned
Any command exec ution or validation failure generates a non-zero err or code, per Secti on 6.3
CountValue 4 The current value of the counter
OutMac 0 or 16 Integrity MAC for the counter read operation
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in S ection 6.1.
Atmel ATAES132 Preliminary Datasheet 35
8760A−CRYPTO−5/11
7.6. Crunch Command
The crunch command processes a seed value and returns the result within a specified time. The command provides a 16 byte
input seed which is combined with the Manufacturin gID register and processed with the internal hardware c r unch calculator.
The calculation is performed within a specified t i m e period.
The host syste m should read the respo ns e within a few milliseconds after the response is speci fied to be available and
compare the returned value to the expected result to determine if authentic Atmel hardware is present. The crunch algorithm
is proprietary and is availabl e only in authentic Atmel hardware.
The crunch command does not use the AE S engine or the nonce. Executing the crunch command does not change the
authentication status or cryptographic state of the device.
7.6.1. Crunch Re sponse Time
The response to the crunch comman d i s available after a p eriod a time that is dependent on the count field value. A large
count value requires more tim e to process than a small count value. The expected respons e time for the crunch command is
computed usi ng the following equation:
((Count × 256) + 600)) × 1.25 microseconds
Table 7-30. Input parameters
Name Size
(Bytes) Notes
Opcode Crunch 1 0x0B
Mode Mode 1 Must be 0x00
Param1 Count 2 Upper byte is always 0x00
Lower byte is the iteration count for the crunch engine
Param2 Zero 2 Always 0x0000
Data Seed 16 Input seed
Table 7-31. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned
Any command exec ution or validation failure generates a non-zero err or code, per Secti on 6.3
Result 16 Res ult out
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block format is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 36
8760A−CRYPTO−5/11
7.7. DecRead Command
The DecRead command is used to check the OutMAC gene r ated by an EncRead command on a second ATAES132 device.
If the MAC matches , then the 1 to 16 bytes of data is returned to the host in the DecRead response.
To use this command, the nonce mus t be identical on both devices (see Section 7.21.1) and the MacCount must hav e the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the KeyID on the orig in device to
match the KeyI D on the destination device. In this section, the device which encrypts the data and generates the MAC is
referred to as the origin device – the device checking the MAC is referred to as the destination device.
If mode bit 5, 6, or 7 is 1b, then the associ ated usage counter , SerialNum register value, o r the first four bytes of the
SmallZone register in the SecondBlock field, must match the values on the origin device. The ManufacturingID register must
be identical on both devices, since it is always i nc l uded in the MAC calc ulation.
A valid nonce is required to run the DecRead com mand. If the KeyConfig[DKeyID].R andomNonce bit is 1b, then the nonce
must be rando m .
Table 7-32. Input parameters
Name Size
(Bytes) Notes
Opcode DecRead 1 0x17
Mode Mode 1 The value of t his field must match the mode field value used when executing
the EncRead c ommand on the origin device.
Param1 DKeyID 2 Upper byte is always 0x00. Lower byte is the pointer to the decrypt ke y.
Legal values: 0x00 to 0x0F, 0xFF.
Param2 Count 2 Upper byte is always 0x00. Lower byte is the num ber of data bytes to be
decrypted.
Data1 FirstBlock 6 The value of t his field must match the first authenticate-only block use d when
executing the EncRead command on the origin device.
Data2 SecondBlock 16 The value of this field must match the secon d authenticate-only bloc k used
when executing the EncRead com m and on the origin device. If mode bits 5, 6,
and 7 are 0b, then this field must be present, but is ignored
Data3 InMac 16 Integrity MAC f or the input data
Data4 InData 16 Input data (ciphertext) to be decrypted
Table 7-33. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be ret urned. Any command ex ecution or validation failure gener ates a
non-zero error code, per Section 6.3.
OutData 1 to 16 Decrypted (pl aintext) output data
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 37
8760A−CRYPTO−5/11
7.8. Decrypt Command
The decrypt command accepts 16 or 32 bytes of ciphertext, decrypts the d ata, verifies the M AC, and returns the decrypted
data if the MAC matches. If the MAC does not match, then an error code is returned.
The decrypt command has two operating modes, normal decryption mode and the client decryption mode. The cl ient
decryption mo de can decrypt packets which were encrypted by an AT AES132 device. The normal decryption mo de decrypts
packets generated by a cryptographic host. It cannot decrypt packet s encrypted by the ATAES132.
If the DKeyID is VolatileKey: (See Section 4.3)
The VolUsage.DecryptOK must be 1b when the VolatileK ey was loaded
If the DKeyID is not the VolatileKey, then:
The KeyConfig[DKeyID].ExternalCrypto bit must be 1b
If the KeyConfig[DKeyID].AuthKey bit is 1b, then:
Prior authentication must be perf ormed using the Ke yI D stored in KeyConfi g[DKeyID].LinkPointer
A valid nonce i s required to run the decrypt command. If KeyConfig[DKeyID].Random N once bit is 1b, then the nonce must be
random.
7.8.1. Client Dec ry ption Mode
In the client decryption mode, the decrypt command ca n be used to decrypt pac k ets encrypted by the ATAES 132 ( ei ther
another device, or by the same device at a later t ime), using the encrypt c ommand (see Section 7.10). All of the f ol lowing
requirement s must be satisfi ed:
4. The device performing the encrypt operation (the encrypt device) and the device performing the decrypt operation
(the decrypt device) must contain identical keys
5. The KeyID of the key used by the encrypt device (called EKeyID) must be known. EKeyID is passed to the decrypt
device in the upper byte of decrypt Param1 for use in the MAC calculation.
6. The nonce used by the encrypt device must be known. The nonce is passed to the decrypt device using the nonce
command with mode bit 0 = 0b (See Section 7.20), or is synchronized with the encrypt device using the procedure in
Section 7.21.1.
7. The lower byte of the count (Encrypt Param2) used by the encrypt device must identical to the value used in the
lower byte of decrypt Param2 by the decrypt device. [This is used in the MAC calculation].
8. The MacCount of the encrypt device (called EMacCount) must be known. EMacCount is passed to the decrypt
device in the upper byte of decrypt Param2 for use in the data decryption operation.
9. The encrypt/decrypt command mode bits on both devices must be identical. Mode bit 5 must be 0b. Mode bit 6
must be 0b unless a single device is performing both the encrypt and the decrypt operations. Mode bit 7 can be 1b if
the first four bytes of SmallZone are identical on both the encrypt and the encrypt devices.
10. The decrypt device KeyConfig[DKeyID] must have ExternalCrypto = 1b, and RandomNonce = 0b for the KeyID used
for decryption if the nonce is passed using the nonce command with mode bit 0 = 0b.
11. The encrypt device KeyConfig[EKeyID] must have ExternalCrypto = 1b, and RandomNonce = 1b for the KeyID used
for encryption (the EKeyID).
If these conditions are satisfi ed, then packets encrypted on the encrypt device can be decrypted on the decrypt device. If a
single ATAES132 will be used to encrypt packets for later decryption, then the same key value must be stored in two
appropriately configured k ey registers to allow all of the requirements above to be satis fied.
Atmel ATAES132 Preliminary Datasheet 38
8760A−CRYPTO−5/11
Table 7-34. Input parameters
Name Size
(Bytes) Notes
Opcode Decrypt 1 0x07
Mode Mode 1 B its 0 to 4: Reserved. Mus t be 0b.
Bit 5: If 1b, include the usage counter associated with the encryption key in
the MAC
Bit 6: If 1b, include the SerialNum in the MA C
Bit 7: If 1b, include the first 4 bytes of the SmallZone in t he M AC
Param1 DKeyID 2 Normal decryption mode: The upper byte is always 0x00, and the l ower byte
is the KeyID of the decrypt key
Client decryption mode: The upper byte is the EKeyID, and the lower byte is
the KeyID of t he dec rypt key
Param2 Count 2 Normal decryption mode: The Upper byte is always 0x00. Lower byte is the
number of bytes to be returned after decryption.
Client decrypti on m ode: The upper byte is the EMacCount. The lower byte is
the number of bytes to be returned after decryption. (s ee Section 7.8.1)
Data1 InMac 16 Integrity MAC f or the input data
Data2 InData 16 or 32 Input data (c iphertext) to be decrypted
Table 7-35. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3.
OutData 1 - 32 Decrypted (plaintext) output data
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 39
8760A−CRYPTO−5/11
7.9. EncRead Command
EncRead reads 1 to 32 bytes of encrypted data from user memory, along with an i ntegrity MAC. The EncRead comma nd only
performs encrypted reads; the BlockRead comm and is used for unencrypted reads (see S ection 7.4).
The ZoneConfig[UZ].EncRead bit determines if a user zone can be accessed with the EncRead command. If the
ZoneConfig[UZ].EncRead bit i s 1b, then the EncRead c ommand can read the user zone if the acces s requirements have been
satisfied. A s i ngle EncRead command reads data f rom a single user zone – the requeste d data can not span multiple user
zones. A single Enc R ead command reads data from a single EEPROM page – the requested dat a c an not cross page
boundaries (see Section B.2).
If ZoneConfig[UZ].Auth is 1b, then prior authentic ation is required with the following restrictions:
• The Auth command Usage.ReadOK bit must be 1b
• The authentication key AKeyID must match ZoneConfig[UZ].AuthID
• The Auth command must be run in Inbound Only Authentication or Mutual Authentication mode
• A valid Nonce is required to run the EncRead command. If KeyConfig[KeyID].RandomNonce for the Read key is 1b,
then the Nonce must be random.
The DecRead command can be used to validate the OutMac and decrypt up to 16 b yt es of data (see Section 7.7).
7.9.1. Configurati on Memory Sig nature
The EncRead c ommand cannot be used to read the configur ation memory – t he B lockRead command can be used to read t he
configuration memory. Any attempt to read any address in the configuration memory with the EncRead com mand will activate
the configurat ion memory signature generation mode.
The configurat ion memory signature is an AES -C CM MAC generated over the entire configuration memory as described in
Section I.17. A valid nonce is required to run the EncRead com m and in configuration memory signatur e generation mo de. If
KeyConfig[00].RandomNonce is 1b, then the nonce must be random. KeyID 00 is al wa ys used to generate the configuration
memory signature.
The configurat ion memory signature generation mode is intended t o be us ed during secure pers onalization of the ATAES132.
The signature can be used to validate the contents of the configuratio n memory prior to programming secret dat a i nto other
portions of t he EEPROM.
7.9.2. Key Memory S i gnature
The EncRead c ommand cannot be used to read the key memory. The key memory ca n never be read. Any attempt to read
any address in the key memory with the EncRead command will activate the key memory signature generation mo de;
however, this signature can only be generated once per unit.
The key memory signature is an AES -CC M MAC generated ov er all 16 key registers as described in Section I.18. A valid
nonce is required to run the EncRead command in key memory signature Generat ion mode. If KeyConfig[00].RandomNonce
is 1b, then the nonce must be random. KeyID 0 0 i s always used to generate the key mem ory signature.
The key memory signature generat ion mode is intended to be used during secure personaliz ation of the ATAES132. The
signature ca n be used to validate the c ontents of the k ey memory before locking the key memor y.
Atmel ATAES132 Preliminary Datasheet 40
8760A−CRYPTO−5/11
Table 7-36. Input parameters
Name Size
(Bytes) Notes
Opcode EncRead 1 0x04
Mode Mode 1 Bits 0 to 4: Res erved. Must be 0b.
Bit 5: If 1b, include the usage counter associated with the
ZoneConfig[UZ].ReadID ke y in the MAC
Bit 6: If 1b, include the SerialNum in the MAC
Bit 7: If 1b, include the first 4 bytes of the SmallZone in t he M AC
Param1 Address 2 The address of data to be read
Param2 Count 2 Upper byte is always 0x00. Lo wer byte is the number of b ytes to read.
Data - 0
Table 7-37. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon succes s , 0x00 will be returned. Any command e xecution or validat ion failure generates a
non-zero error code, per Section 6.3
OutMac 16 I ntegrity MAC for the output data
OutData 16 or 32 Encrypted output data (ciphertext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 41
8760A−CRYPTO−5/11
7.10. Encrypt Command
The encrypt command accepts 1 to 32 bytes of plaintext, encrypts the d ata and generates an integrity MAC . The encrypted
data and OutMAC are returned to the system.
The encrypt command can be used to encrypt packets for dec ryption by the s am e or by another ATAES132 if the
requirement s described in Sect ion 7.8.1 are satisfied.
If the EKe yID spec ifies a key in the key memory: the KeyConfig[EKeyID] .ExternalCrypto bit must be 1b.
If KeyConfig[EKeyID].AuthKey bit is 1b, then prior authentic ation is required us i ng the KeyID stored in
KeyConfig[EKeyID].LinkPointer.
If the EKe yID spec ifies the Volatil eKey: (See Section 4.3) The VolUsage.EncryptOK must be set to 01b, 10b, or 11b.
If the VolUsage.EncryptOK bits are set to 10b or 11b, the n prior authentication is required using VolatileK ey prior to execution
of the encrypt command.
A valid Nonce comman d is re qui red to run the Encrypt command. If the KeyConfig[EKeyID].RandomNonc e bit is set for the
encryption key, then the Nonce must be random.
Table 7-38. Input parameters
Name Size
(Bytes) Notes
Opcode Encrypt 1 0x06
Mode Mode 1 Bits 0 to 4: Res erved. Must be 0b.
Bit 5: If 1b, include the usa ge counter associat ed with the encryption key in
the MAC
Bit 6: If 1b, i nc l ude the SerialNum in the MAC
Bit 7: If 1b, include the first four bytes of the SmallZone in the MAC
Param1 EKeyID 2 Upper byte is always 0x00. Lower byte is the KeyID of the encrypt key
Param2 Count 2 Upper byt e is always 0x00. Lower byte is the number of byt es to be
encrypted
Data InData 1 – 32 Input data to b e encrypted (plaintext)
Table 7-39. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon succ es s, 0x00 will be re turned. Any command execution or validation failure generates
a non-zero error code, per Section 6.3.
OutMac 16 I ntegrity MAC for the output data
OutData 16 or 32 Encrypted data (ciphertext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 42
8760A−CRYPTO−5/11
7.11. EncWrite Command
The EncWri te command decrypts the ciphertext input data, verifies the input MAC, and then writes 1 to 32 bytes to a user
zone or 16 bytes to key memory.
The ZoneConfig[UZ].EncW rite bit determines if a user zone can be accessed with the EncWrite command. I f the
ZoneConfig[UZ].EncWrite bit is 1b, then the EncWrite command can write the user zone if the access requirements have been
satisfied. A s i ngle EncWrite command writes data to a single user zone – the data can not span mul tiple user zones. A single
EncWrite command writes data t o a single EEPROM page – the data can not cros s page boundaries (see Section B.2).
If ZoneConfig[UZ].Auth is 1b, then prior authentic ation is required with the following restrictions:
• The Auth command Usage.WriteOK bit must be 1b
• The authentication key AKeyID must match ZoneConfig[UZ].AuthID
• The Auth command must be run in Inbound Only Authentication or Mutual Authentication mode
• A valid Nonce is required to run the EncWrite command. If KeyConfig[KeyID].RandomNonce for the Write key is 1b,
then the Nonce must be random.
7.11.1. Encrypte d Key Writes
When EncWrite i s used to write the key memory prior to locking, then the key data must be encr ypted using KeyID 00. The
input MAC is also calculated using KeyID 00. Writes to key memory must be 16 bytes in length, and begin at the st arting
address of the k ey.
If LockKeys has a value of 0 x 55 and the EncWrit e address points to key memor y, then key personalization mode is s elected.
In the key personalization mode, the following requirements are in effect:
• The Count field value must be 16
• The Address must match the starting address of the key register
• The input data must be encrypted with the current value in KeyID 00. If KeyConfig[WriteID].RandomNonce is 1b
then the nonce must be random (See Section 7.20).
• The input MAC must be generated with the current value in KeyID 00. The input MAC will be verified.
If the key memor y is l ocked, then the new key data is encrypted with the current v alue of the key bei ng written. The key can
only be updated if all of the following requirements are satisf i ed:
• The corresponding KeyConfig[KeyID].ChangeKeys bit is set to 1b (see Section 4.2)
• The count field value must be 16
• The address must match the starting address of the key register.
• The input data must be encrypted with the current value of the key. If KeyConfig[WriteID].RandomNonce is 1b t hen
nonce be random (See Section 7.20).
• The input MAC must be generated with the current value of the key. The input MAC will be verified.
See section 7.19 for the lock command.
Atmel ATAES132 Preliminary Datasheet 43
8760A−CRYPTO−5/11
Table 7-40. Input parameters
Name Size
(Bytes) Notes
Opcode EncWrite 1 0x05
Mode Mode 1 Bits 0 to 4: Res erved. Must be 0b.
Bit 5: If 1b, include the usage counter as soci at ed wit h the encryption key in
the MAC
Bit 6: If 1b, i nc l ude the SerialNum in the MAC
Bit 7: If 1b, include the first four bytes of the SmallZone in the MAC
Param1 Address 2 The st arting address of memory to be written
Param2 Count 2 Upper byte is always 0x00. Lower byte is the number of bytes to be written.
Data1 InMac 16 Input MAC to be verif i ed
Data2 InData 16 or 32 Encrypted Data (ciphertext)
Table 7-41. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command execution or validat ion failure generates a
non-zero error code, per Section 6.3.
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block format i s described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 44
8760A−CRYPTO−5/11
7.12. Info Command
The Info com mand reads various information about the device from internal registers. Param1 selects the information to read.
Operation of this command does not require knowledge of any secrets.
Table 7-42. C oding of the selector field (Param1)
Selector Name Description
0x0000 MacCount Read the MacCount register. The first byte is always 0x00; the sec ond byte
is the MacCount value.
0x0005 AuthStatus Read the authentication st atus register. Ret urns 0xFFFF to indic ate that the
AuthComplete status flag = NoAuth. If the AuthComplete status flag =
YesAuth, then the info returns the AKeyID as 0x00KK , where KK is the
authenticati on K eyID.
0x0006 DeviceNum Read the Devic eNum register. The first byte is the At mel device code whic h
is unique to this Atmel catalog number. The second byte provides the device
revision num ber.
See Table 7-29 for Devic eNum codes
0x000C ChipState Read the ChipState device state register:
0x0000 indicates the ChipSta te = Active
0xFFFF indicates the ChipState = Power Up
0x5555 indicates the ChipState = "Wakeup from Sleep"
See Section L.3 for a detailed descri ption of ChipState
All Other Reserved Reserved f or future use
Table 7-43. Input parameters
Name Size
(Bytes) Notes
Opcode Info 1 0x0C
Mode Mode 1 Must be 0x00
Param1 Selector 2 Selects the regis ter to read
Param2 Zero 2 Always 0x0000
Data - 0
Table 7-44. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any comm and execution or val i dation failure generates
a non-zero error code, per Section 6.3.
Result 2 Current value of the register
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 46
8760A−CRYPTO−5/11
7.13. KeyCompute Command
The KeyCompute command generates a 16 byte random number and stores it in either the key memory or in the VolatileKey
register. The newly generated key is then encrypted with the parent key and returned to the host along with a MAC.
If Mode bit 0 is 1b, then the target key is in the key memory:
• KeyConfig[ChildKeyID].Child must be 1b
• The KeyCompute command KeyID field contains the ChildKeyID
• KeyConfig[ChildKeyID].LinkPointer contains the ParentKeyID
If Mode bit 0 is 0b, then the target ke y is VolatileKey:
• KeyConfig[ParentKeyID].Parent must be 1b
• The KeyCompute command KeyID field contains the ParentKeyID
• The VolUsage field specifies VolatileKey usage restrictions as defined in Section 4.3
If KeyConfig[ ParentKeyID].AuthKey bit is 1b or KeyConfig[EKeyID].ExportAuth bit is 1b, then prior authentication is required
using the KeyID stored in KeyConfig[ParentKeyID].LinkPointer.
The InMAC and OutMA C are both calculated using the parent key (ParentKeyID). If KeyConfig[ChildKeyID].ChildMac is 1b,
then an InMAC must be provided, otherwise the InMAC will be ignored.
A valid nonce is required to run the KeyCompute comm and. If the KeyConfig[ParentKeyID].RandomNonce bit is 1b, then the
nonce must be r andom .
If the LockConfig register is unlocked (0x55), then the random number generator is latched in test mode and the KeyCompute
command will generate non-random key values. If the LockConfig register is locked (0x00), then the RNG generates random
numbers and t he KeyCompute command functions normally.
The KeyImport command can be used to load a key generated by the KeyCompute command (se e S ection 7.15).
Warning: There is on e random num ber ge nerator (RNG) se ed regis ter in the EE PROM mem ory whic h is used b y the
KeyCompute, KeyEx port, no nce, and r andom c omma nds . The R NG se ed r egist er is subje ct to t he s ame
write en duranc e limitat ions as the other b ytes in t he EEPROM (s ee Sect ion 9.2 f or the EEPRO M
specifications) – the application developer must not exc eed the write endu rance li mit.
Atmel ATAES132 Preliminary Datasheet 47
8760A−CRYPTO−5/11
Table 7-46. Input parameters
Name Size
(Bytes) Notes
Opcode KeyCompute 1 0x08
Mode Mode 1 Bit 0: If 1b, the key load target is key memory
If 0b, then the target is Volatil eKey (see Section 4.3)
Bit 1: If 0b, update the EEPROM RNG seed register prior to key
generation(1)
If 1b, then generate Key using e xisting RNG seed
Bits 2: If 1b, A key equivalent t o what the KeyCompute InMac would be is
generated. Including an InMac with the KeyCompute comm and i s not
required.
Bits 3-4: Reserved. Must be 0.
Bit 5: If 1b, include the usage counter associated with the ParentKeyID in the
MAC
Bit 6: If 1b, i nc l ude the SerialNum in the MAC
Bit 7: If 1b, i nc l ude the first four bytes of the SmallZone in the MAC
Param1 KeyID 2 Upper byte is always 0x00. Lower byte is the ChildKeyI D for key memory
loads or the Pa rentKeyID for VolatileKey loads
Param2 VolUsage 2 Usage restrictions for V ol atileKey if mode bit 0 is 0b (see Section 4.3)
Data InMac 0 or 16 Optional input M AC (see above)
Notes: 1. The RNG seed register in the EEPROM will be updated autom atically if mode b it 1 = 0b unless the see d register
was previous ly updated after t he most recent power on reset, wake from the sleep state, reset command, or
tamper event. Updating the RNG s eed register increases the randomness of the keys generated by the
KeyCompute command, however , the EEPROM write endurance specific ation must be respected.
Table 7-47. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x 00 will be returned. Any command execution or validation failure generates a
non-zero error code, per Section 6.3.
OutMac 16 O utput MAC for the encrypted key
OutData 16 Encrypted key v al ue (ciphertext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 48
8760A−CRYPTO−5/11
7.14. KeyExport Command
The KeyExport command is used to encrypt a key for export to a second ATAES132 device. The source of the key can be the
internal random number generator, the VolatileK ey register, or external data. The r esulting encrypted key is used as the input
to the KeyImport command or KeyLoad command. T hi s command does not modify the stored keys.
If mode bits 2 and 3 are 00b, then a new key is generated for export:
• The internal random number generator is used to generate the key
If Mode bit 1 is 0b, then the EEPROM seed register will be updated prior to key generation.
If Mode bits 2 and 3 are 01b, then the key in the input packet will be exported:
• The KeyExport command InData field contains the key value
• Mode bit 1 is ignored
If Mode bits 2 and 3 are 10b or 11b, then the VolatileKey will be exported:
• Mode bit 1 is ignored
If KeyConfig[ EKeyID].AuthKey bit is 1b or KeyConfig[EKeyID].ExportAuth bit is 1b, then pr i or authentication is required using
the KeyID stor ed i n K eyConfig[EKeyID].LinkPointer.
To use this command the nonce must be identical on both dev ices (see Section 7.21.1) and the MacCount must have the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the encrypt KeyID on the origin
device to match the decrypt KeyID on the destination device. In this s ection, the device which encrypts the key is referred to as
the origin devi ce – the device r ec ei v ing the key is ref er red to as the desti nation device.
If mode bit 0 is 1b and mode bit 5, 6, or 7 is 1b, then the associat ed usage counter, SerialNum register value, or the f irst four
bytes of the Sm all Zone register must be identical on both devices. If mode bi t 0 is 0b and mode bit 5, 6, or 7 is 1b, t hen the
value of Secon dBlock must matc h the associated values on the destination device – t he v alue of mode bits 5, 6, and 7 of the
KeyExport command must also match the value in the FirstBlock field. The ManufacturingID register must be identical on both
devices, sinc e it is always included in the MAC calc ulation.
A valid nonce is required to run the KeyExport command. If the K eyConfig[EKeyID].RandomNonce bit is 1b, then the n once
must be rando m .
Warning: There is one random number generator (RNG) seed register in the EEPROM memory which is used by the
KeyCompute, KeyExport, nonc e, and rand om com mands . T he RNG s eed r egist er is subj ect t o the same
write en duranc e limitat ions as the other b ytes in t he EEPROM (s ee Sect ion 9.2 f or t he EEPROM
specifications) – the application developer must not exceed the write endurance limit.
Atmel ATAES132 Preliminary Datasheet 49
8760A−CRYPTO−5/11
Table 7-48. Input parameters
Name Size
(Bytes) Notes
Opcode KeyExport 1 0x18
Mode Mode 1 Bit 0: If 0b, then the key will be encrypted for use by the KeyImport
command. FirstBlock and Sec ondBlock field v al ues are not used.
If 1b, then the ke y will be encrypted for use by the KeyLoad c om mand
using the Firs tBlock and SecondBlock field values.
Mode bits 5, 6, and 7 must match the values in the FirstBlock.
Bit 1: If 0b, updat e the EEPROM RNG s eed register prior to key generation(1)
If 1b, then generate key using existing RNG seed
Bits 2 and 3: If 00b, then a new key will be generated for export using the
internal random number generator
If 01b, then the InData field va l ue will be exported
If 10b or 11b,the VolatileKe y will be exported
Bit 5: If 1b, include the usage counter associated with the encrypt k ey in the
MAC
Bit 6: If 1b, include the SerialNum in the MAC
Bit 7: If 1b, include the first four bytes of the SmallZ one in the MAC
Param1 EKeyID 2 Upper byt e i s always 0x00. Lower byte is the pointer to the encrypt ke y.
Legal values: 0x00 to 0x0F.
Param2 VolUsage 2 Usage restric tions for Volati l eKey if Mode bit 0 is 0b and the TargetKeyID is
intended to be the VolatileKe y register. (See Sec tion 4.3)
For all other ca s es this field must be 0x0000
Data1 FirstBlock 6 If mode bit 0 is 1b, then all bytes must be 0x00
If mode bit 0 is 0b, the value of this field must match the firs t authenticate-
only block to be used when execut ing the KeyLoad command on the
destinatio n device
Data2 SecondBlock 16 If mode bit 0 is 1b, then this field must be present, but is ignored
If mode bit 0 is 0b, the val ue of this field must match the second
authenticate-only block to be us ed when executing t he KeyLoad
command on the dest ination device. If mode bits 5, 6, and 7 are 0b,
then this fiel d must be present, but is ignored.
Data3 InData 0 or 16 If mode bits 2 and 3 are 01b, then this field contains the ke y (plaintext) to be
encrypted. For all other cases this field is ign or ed.
Note: 1. The RNG seed register in t he EEPROM will be updated automatically if mode bit 1 = 0b unless the seed register
was previous ly updated after t he most recent power on reset, wake from the sleep state, reset command, or
tamper event. Updating the RNG s eed register increases the randomness of the keys generated by the
KeyCompute command, however , the EEPROM write endurance specific ation must be respected.
Atmel ATAES132 Preliminary Datasheet 50
8760A−CRYPTO−5/11
Table 7-49. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be retur ned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3
OutMac 16 I ntegrity MAC for the encrypted key
OutData 16 Encrypted key ( ciphertext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 51
8760A−CRYPTO−5/11
7.15. KeyImport Command
The KeyImport command accepts 16 bytes of ciphertext, decrypts the key, verifies the MAC, and stores the key in the key
memory or in the VolatileKey regis ter. The source of the encrypted key can be the KeyEx por t command or the Ke yCompute
command.
If TargetKeyID spec ifies that the tar get key is stored in the Key Memory:
• KeyConfig[TargetKeyID].ImportOK bit must be 1b
• KeyConfig[TargetKeyID].LinkPointer contains the decrypt KeyID
• The KeyImport command DKeyID field value is ignored
If KeyConfig[decrypt KeyID].AuthKey is 1b, then prior authentication is required usi ng the KeyID stored in KeyConfig[decrypt
KeyID].LinkPointer.
If TargetKeyID spec ifies that the tar get key is Volatil eK ey: (See Section 4.3)
• KeyConfig[DKeyID].Parent must be 1b
• The KeyImport command DKeyID field contains the decrypt KeyID
If KeyConfig[DKeyID].AuthKey is 1b, then prior authentication is required using the KeyID stored in
KeyConfig[DKeyID].LinkPointer.
To use this command, the nonce mus t be identical on both devices (see Section 7.21.1) and the MacCount must hav e the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the encrypt KeyID on the origin
device to match the decrypt KeyID on the destination device. In this s ection, the device which encrypts the key and generates
the MAC is referred to as the origin device – the device checking the MAC i s referred to as the destination devic e.
If Mode bit 5, 6, or 7 is 1b, then the associ ated usage counter , SerialNum register value, or the first four bytes of t he
SmallZone register in the SecondBlock field must match the values on the origin device. The ManufacturingID register must
be identical on both devices, since it is alway s i nc l uded in the MAC calc ulation.
A valid nonce is required to run the KeyImport command. If the KeyC onfig[KeyID].RandomNonce bit is 1b for the decrypt ke y,
then the nonce must be random.
Atmel ATAES132 Preliminary Datasheet 52
8760A−CRYPTO−5/11
Table 7-50. Input parameters
Name Size
(Bytes) Notes
Opcode KeyImport 1 0x19
Mode Mode 1 Bit 0: If 1b, the key was encrypted with the KeyCompute comm and
If 0b, the key was encrypted with the KeyExport comm and
Bits 1 to 4: Reser ved. Must be 0b.
Bits 5 to 7: This value must match the mode bits 5, 6, and 7 value used when
executing the KeyCompute command or KeyExport command on the
origin device
Param1 TargetKeyID 2 Upper byte is always 0x00. Lower byte is the location where the decrypted
key will be stored. Legal value s: 0x00 to 0x0F (standard keys), 0xFF (volatile
key).
Param2 DKeyID 2 Upper byte is always 0x00. If TargetKeyID = 0xFF, then lower b yt e is the
pointer to the decrypt key. Leg al values: 0x00 to 0x0F. If TargetKeyID = 0x00
to 0x0F, then t his field must be present, but is ignored (s ee above).
Data1 FirstBlock 6 The value of this field mus t match the first authenticate-only block used when
executing the KeyCompute command or KeyExport command on the origin
device
Data2 SecondBlock 16 The value of this field must match the second authenticate-onl y block used
when executing the KeyCompute com mand or KeyExport command on the
origin device. If Mode bits 5, 6, and 7 are 0b, then this f iel d must be present,
but is ignored
Data3 InMac 16 MAC for the encrypted key
Data4 InData 16 Input key (ciphertext) to be decrypted
Table 7-51. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be retur ned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 53
8760A−CRYPTO−5/11
7.16. KeyLoad Command
The KeyLoad com m and decrypts 16 byt es of ciphertext dat a, verifies the MA C, and then writes t he key memor y or the
VolatileKey register.
If mode bit 0 specifies that the target key is stored in the key memory:
• KeyConfig[ChildKeyID].Child bit must be 1b
• The KeyLoad command KeyID field contains the ChildKeyID
• KeyConfig[ChildKeyID].LinkPointer contains the ParentKeyID
If KeyConfig[ParentKeyID].AuthKey is 1b, then pr ior authentication is required using the KeyID stor ed in
KeyConfig[ParentKeyID].LinkPointer.
If mode bit 0 specifies that the target key is V ol atileKey: (See Section 4.3)
• KeyConfig[ParentKeyID].Parent must be 1b
• The KeyLoad command KeyID field contains the ParentKeyID
• The VolUsage field specifies VolatileKey usage restrictions as defined in Section 4.3
If KeyConfig[ ParentKeyID].AuthKey bit is 1b, then prior authentic ation is required us ing the KeyID stored in
KeyConfig[ParentKeyID].LinkPointer.
A valid Nonce is required to run the KeyLoad command. If the appropriate KeyConfig[KeyI D ].RandomNonce bit is 1b, then the
nonce must be r andom .
Table 7-52. Input parameters
Name Size
(Bytes) Notes
Opcode KeyLoad 1 0x09
Mode Mode 1 Bit 0: If 1b, the key load target is Ke y Mem ory. If 0b, target is VolatileKey.
(See Section 4.3)
Bits 1 to 4: Reser ved. Must be 0b.
Bit 5: If 1b, include the usage counter associated with P ar entKeyID in the
MAC
Bit 6: If 1b, include the SerialNum in the MAC
Bit 7: If 1b, i nc l ude the first four bytes of the SmallZone in t he MAC
Param1 KeyID 2 Upper byte is al ways 0 x 00. Lower byte is the ChildKeyID for t he key
memory loads or the ParentKeyID for V olatileKey loads.
Param2 VolUsage 2 Usage restrictions for VolatileKey if mode bit 0 is 0b (See Section 4.3)
Data1 InMac 16 Integrity MAC f or the input data
Data2 InData 16 Encrypted ke y value (ciphertext)
Table 7-53. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upo n success, 0x00 will be returned. An y command execution or validation fail ur e generates
a non-zero error code, per Section 6.3.
The command and response packet is transmitted as a block beginning with Count and ending with a packet Checksum. This
block format is described in section 6.1.
Atmel ATAES132 Preliminary Datasheet 54
8760A−CRYPTO−5/11
7.17. KeyTransfer Command
The KeyTransfer command copies key data from the user memory into the V ol atileKey register or into a key register in the key
memory. The KeyTransfer command allows a user zone to be utilized as a n extended key memory.
Keys stored in the user memory cannot be utilized directly by the crypto gr aphic commands – the keys must be transferred into
either the VolatileKey register or into a key register in the key memor y EE PROM prior to us e. The usage restrictions for keys
transferred into the VolatileKey register are transferred from the key data structure when the KeyTrans fer command is
executed. Usage restrictions for keys transferred into the ke y mem ory are stored in the KeyConfig[TargetKeyID] register – the
KeyTransfer c ommand does not alter the KeyConfig[TargetKeyID] r egister.
If KeyConfig[ TargetKeyID].TransferOK is 0b t hen the key register cannot be updated with the KeyTransf er command.
If KeyConfig[T ar getKeyID].T ransferOK is 1b, then the KeyTransfer command can be used to upd ate the Key register – the
KeyConfig[TargetKeyID]. Li nkPointer contains the user zone num ber of the extended key memory.
If ZoneConfig[UZ].AuthRead is 1b for the user zone n um ber containing t he key data struc ture, then prior authentication is
required using the KeyID stored in Z oneConfig[UZ ].AuthID before a key can be transferred to either the VolatileKey register or
into a key register in the key memory EEPROM.
7.17.1. Extended K ey Memory Data S tructure
When a user zone is utilized as the e xtended key memory, the keys are stored in the 32 byte key dat a structure as shown in
Table 7-38. The first 16 bytes contain the key value, two bytes store t he VolUsage restric tions, and the remaining bytes
should contain all zeros. The starting address of each key data struc ture is required to be the first byte of a 32 byte phys ical
page (see Section B.2).
Table 7-54. Key data structure in user memory
Address 0h 1h 2h 3h 4h 5h 6h 7h 8h 9h Ah Bh Ch Dh Eh Fh
XX00h-XX0Fh Key
XX10h-XX1Fh VolUsage Reserved (All bytes 0x00)
Table 7-55. Input parameters
Name Size
(Bytes) Notes
Opcode KeyTransfer 1 0x1A
Mode Mode 1 Must be 0x00
Param1 TargetKeyID 2 Upper byte is always 0x00. Lower byte is the location where the key will be
stored. Legal values: 0x00 to 0x0F (standard k eys), 0xFF (volatile key).
Param2 Address 2 Star ting address of t he k ey data structure in user memory
Table 7-56. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be retur ned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3.
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 55
8760A−CRYPTO−5/11
7.18. Legacy Command
The legacy command executes a single block of the AES engine in the “Electronic Code Book” mode, with no i nput or output
formatting. This is known as AES-ECB mode and can be used to perform prim itive AES encrypt ion or decryptio n operations.
This command does not use the nonce register value in the computatio n s ince the entire 16 byte AES input value comes from
the input packet.
This command can only be executed if it is enabled for the device b y setting ChipConfig.LegacyE to 1b and for the key by
setting KeyC onfig[LKeyID]. LegacyOK is 1b.
Atmel recommends that any key with KeyConfig[LK eyID].LegacyO K = 1b should never be us ed with any other command – the
legacy comma nd c an be used to exhaust i v ely attack the key. If KeyConfig[LKeyID].AuthKey bit i s 1b, then prior authentication
is required us ing the KeyID stored in KeyConfig[LKeyID].LinkPointer.
Key usage limits are enforced if KeyConfig[LKeyID].CounterLimit is 1b, see Section 4.2. See Section E.2.16 for the
ChipConfig register defini tion.
Table 7-57. Input parameters
Name Size
(Bytes) Notes
Opcode Legacy 1 0x0F
Mode Mode 1 Must be 0x00
Param1 LKeyID 2 Upper byte is always 0x00
Lower byte is the KeyID for the AES key
Param2 Zero 2 Always 0x0000
Data InData 16 Input to the AES block (plaintext)
Table 7-58. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3.
OutData 16 The output of the AES block (ciphert ext)
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block format is described i n Section 6.1.
Atmel ATAES132 Preliminary Datasheet 56
8760A−CRYPTO−5/11
7.19. Lock Command
The lock comm and permanentl y loc k s various segments of the EEPROM memory, including the configuration memory, the
key mem ory, and the Small Zone register. Key, Counter, and User M emory access rest r i c tions are locked when the
configuration memory is locked. The SmallZone i s l ocked independently of the other c onfiguration memor y registers.
Three registers in the configuration memory control the lock /unlock status of the memory segments:
1. The configuration memory is controlled by the LockConfig register (see Section E.2.11)
2. The key memory is controlled by the LockKeys register (see Section E.2.9)
3. The SmallZone register is controlled by the LockSmall register (see Section E.2.10)
If the lock control register contains 0x55, then the memory segment is unlocked. The lock command writes the specified lock
register to 0x00 to lock the segment. The lock control r egisters can on ly be written with t he lock command, but they can always
be read with th e BlockRead command. (See Section 7.4)
The lock comm and Param2 is an opti onal checksum (CRC-16) generated over the memory segment being locked. The value
in the checksum field must match the CRC-16 calculat ed within the device for the lock operati on to succeed. If t he lock
command returns a LockError ReturnCode, then the host system should re-write the memory segment and try the lock
operation agai n.
The Atmel recommendation is the key memory be lock ed immediately after loading the keys. See Appen dix P for
personalization examples.
7.19.2. User Zone ReadOnly Activation
After the configuration memory is locked, the lock command can be used to activat e the ReadOnly sser zone feature on
appropriat ely configured user zones. The lock command changes the user zone from read/write to read-only if the fol lowing
requirement s are satisfied:
• ZoneConfig[Zone].WriteMode must be 10b or 11b
• Lock command mode bits 0 and 1 must be set to 11b
• The Lock command zone field contains the target user zone number (Zone)
If lock command mode bits 2 is 1b, t hen the checksum field contains the CRC-16 of t he user zone contents.
If ZoneConfig[Zone].WriteM ode is 11b, then t he command must inclu de an InMAC generat ed using the KeyID stored in
ZoneConfig[Z one].WriteID, otherwise, t he M AC is ignored.
The lock comm and changes the ZoneConfig[Zone]. R eadOnly byte from 0x55 (read/write) to 0x00 when the ReadOnly feature
is activated. It is not possible to change a read-only User Zone to read/write after Configuration Memory is locked.
Atmel ATAES132 Preliminary Datasheet 57
8760A−CRYPTO−5/11
Table 7-59. Input parameters
Name Size
(Bytes) Notes
Opcode Lock 1 0x0D
Mode Mode 1 Bit 0-1: If 00b, lock the Smal lZone register
If 01b, lock the key memory
If 10b, lock the configuration memory, excluding the SmallZone
If 11b, then set the ZoneConfig[Z one].ReadOnly byte to ReadOnly
Bit 2: If 1b, validate the memory checksum in Param2
If 0b, suppress the checksum validation (not rec om mended by Atmel)
Bits 3-4: Reserved. Must be 0x00
Bit 5: If 1b, incl ude the usage counter as sociated with the
ZoneConfig[Zone].WriteID key in the MAC
(Ignored unless Mode[0:1] is 11b)
Bit 6: If 1b, i nc l ude the SerialNum in the MAC
(Ignored unless Mode[0:1] is 11b)
Bit 7: If 1b, i nc l ude the first four bytes of the SmallZone in the MAC
(Ignored unless Mode[0:1] is 11b)
Param1 Zone 2 Upper byte is always 0x00. If Mode[0:1] is 11b the lower byte is the user
zone to be locked. (see Section 7.19.2) For any other values of Mode[0:1],
this field must be 0x0000.
Param2 Checksum 2 If mode bit 2 is 1b, contains the CRC-16 checksum gen erated of the memory
segment being locked. If mode bit 2 is 0b, t his parameter must be 0x0000.
Data InMAC 0 or 16 If M ode[0:1] is 11b, contains the MAC authorizing update of
ZoneConfig[Z one].ReadOnly as described in Section 7.19.2. For all other
modes this fie ld is ignored.
Table 7-60. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command execut ion or validation failure generates a
non-zero error code, per Section 6.3
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 58
8760A−CRYPTO−5/11
7.20. Nonce Command
The nonce com m and generates and/or stores a 96 bit nonce in the SRAM nonce register for use b y subsequent cryptogr aphic
commands. It is not neces sary to generate a new nonce before each cryptographic o peration because the ATAES132
includes the MacCount in the M AC calculations (see Section I.1) to guaran tee uniqueness.
There are two nonce command options :
1. Inbound nonce
The InSeed value is written directly to the nonce register. No random number generation or cryptographic nonce
calculation is performed.
Note: This option provides no defense against replay attacks or known plaintext attacks.
2. Random nonce
The InSeed value is cryptographically combined with the new output of the random number generator and stored in
the nonce register. The random number used for the nonce calculation is returned to the host in the response. See
Section I.31 f or the nonc e algorithm.
If the LockConfig register is unlocked (0x55), then the random number generator is latched in the test m ode and executing the
nonce command with mode bit 0 = 1b will generate non-random values. If the LockConfig r egister is locked (0 x0 0) then the
RNG generates r andom numbers and the nonce comman d functions normally.
The nonce rem ains valid until one of the following events occurs:
• A MAC compare operation fails
• The MacCount reaches the maximum count (See Section I.1)
• The cryptographic state machine is reset due to: receipt of a reset command, power cycling (POR), or activation of
the initialization sequence due to WakeUp from the sleep power state (see Section G.2.2)
• The execution of the nonce command resets the MacCount t o zero (s ee Section I.1)
If a cryptogra phic operation involves two ATAE S132 devices and a syn chronized nonce is required, then the nonce
synchronizat ion procedure i n Section 7.21.1 must be used. The nonce command cannot be used to generate a s ynchronized
random nonce.
Warning: There is one r andom num ber g enerat or ( RNG) s eed r egi ster i n the EE PROM memory which is used by the
KeyCompute, KeyExport, nonc e, and rand om com mands . T he RNG s eed r egist er is subj ect t o the same
write en duranc e limitat ions as the other b ytes in t he EEPROM (s ee Sect ion 9.2 f or the EEPRO M
specifications) – the application developer must not exceed the write endurance limit.
Atmel ATAES132 Preliminary Datasheet 59
8760A−CRYPTO−5/11
Table 7-61. Input parameters
Name Size
(Bytes) Notes
Opcode Nonce 1 0x01
Mode Mode 1 Bit 0: If 1b, generate a random nonce using the RNG
If 0b, use the I nS eed as the nonce (I nbou nd nonce mode), mode bi t 1
is ignored
Bit 1: If 0b, update the EEPROM RNG s eed prior to nonce generation(1)
If 1b, generate a random nonce us i ng the existing RNG seed
Bits 2-7: Reserved. Must be 0b
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data InSeed 12 Input seed (required)
Note: 1. The RNG seed register in t he EEPROM will be updated automat ically if mode bit 1 = 0b unless the seed regi s ter
was previous ly updated after t he most recent power on reset, wake from the sleep state, reset command, or
tamper event. Updating the RNG seed register increases the rand omness of the nonce, however, the EEPROM
write endura nce specification must be respect ed.
Table 7-62. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be retur ned. Any command exec ution failure or validation failure
generates a non-zero error code, per Section 6.3.
Random 0 or 16 In random nonce mode, the random number used to generate t he nonce is returned. In
inbound nonce mode, no data is ret urned.
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 60
8760A−CRYPTO−5/11
7.21. NonceCompute Command
The NonceCompute command generates the nonce in a manner which allows two ATAES132 devices to have identical
random nonces based on random num ber s generated b y both devices. The identical nonce values and identic al M acCount
values are requi r ed to encrypt data on one device for decryption by the other device.
The random co m mand must be execute d with mode bit 2 = 1b pri or to execution of the NonceCompute c ommand. The
random comm and generates a random number which the NonceComput e command combines with the RandomS eed
provided by th e second ATAES132 to generate the random nonce.
The nonce rem ains valid until one of the following events occurs:
• A MAC compare operation fails
• The MacCount reaches the maximum count (s ee Section I.1)
• Due to the WakeUp from the sleep power state, t he cryptographic state machine is reset due to either (see Section
G.2.2):
• Receipt of a reset command
• Power cycling (POR), or
• Activation of the initialization sequence
This command resets the MacCount to zero only if the operation succeeds (see Section I.1). If an error occurs,
the contents of the nonce register and the MacCount register remained unchanged – the NonceValid flag also
remains unchanged.
7.21.1. Nonce Sync hronization
The following procedure synchronizes the nonce and the MacCount on t wo ATAES132 devic es . In this procedure, the device
where the proc edure begins is ref erred to as “A” and the device it is synchronized with is ref erred to as “B”.
1. The random command is executed on Device A with mode bit 2 set to 1b. The first 12 bytes of the random field
value in the response are stored for use in step 2.
2. The nonce command is executed on Device B with mode bit 1 set to 1b. The 12 byte random number generated in
step 1 is used as the nonce command InSeed field value. The 12 byte random field value in the response is stored
for use in step 3.
3. The NonceCompute command is executed on Device A, using the 12 byte random number generated in step 2 as
the RandomSeed field value.
4. Successful execution of this procedure sets the nonce status flags on both devices to NonceValid = YesNonce,
NonceRandom = Random, and NonceCompute = No. The MacCount is zero on both devices.
Table 7-63. Input parameters
Name Size
(Bytes) Notes
Opcode NonceCompute 1 0x13
Mode Mode 1 The value of thi s field must match the mode field value use d when
executing the nonce command on the or igin device
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data RandomSeed 12 First 12 bytes output by the Nonc e command on the ori gin device
Atmel ATAES132 Preliminary Datasheet 61
8760A−CRYPTO−5/11
Table 7-64. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be retur ned. Any command exec ution failure or validation failure
generates a non-zero error code, per Section 6.3.
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 62
8760A−CRYPTO−5/11
7.22. Random Command
The random co mmand generates a random number using the internal high quality random number generat or and the random
number generation procedure r ecommended by NIST in SP800-90 (see Appendix A). The random command returns the
generated r andom number to the host.
There are two random command opti ons:
1. Random number generation:
If mode bit 2 is 0b, the 16 byte random number is only returned to the host, it is not stored internally. This option
does not affect the cryptographic state of the device.
2. Nonce synchronization:
If mode bit 2 is 1b, then the first 12 bytes of the random number are stored in the nonce register for later use by the
NonceCompute command. The 16 byte random number is returned to the host. The nonce status flags are changed
to NonceValid = YesNonce, NonceRandom = F ixed, and NonceCompute = Yes. See S ection 7.21 for the
NonceCompute command and the nonce synchronization procedure.
If the LockConfig register is unlocked (0x55), then the random number generator is latched in the t es t mode, and the random
command will always return 16 byt es of 0xA5. If the LockC onfig register is locked (0x00), then the RNG generates random
numbers.
Warning: There is on e random num ber ge nerator (RNG) se ed regis ter in the EE PROM mem ory, which is used by the
KeyCompute, KeyExpo rt, nonc e, and ra ndom c omma nds. The R NG se ed reg ister is s ubje ct to t he sam e
write endurance limitat ions as th e other byt es in the EE PROM (s ee Sectio n 9.2 for t he EEPROM
specifications) – the application developer must not exceed the write endurance limit.
Table 7-65. Input parameters
Name Size
(Bytes) Notes
Opcode Random 1 0x02
Mode Mode 1 Bit 0: Reserved. Must be 0b
Bit 1: If 0b, update t he EEPROM RNG seed register prior to random number
generation(1)
If 1b, generate random number us ing the existing RNG seed
Bit 2: If 0b, then return the random num ber. Do not change the
nonce.
If 1b, then store the first 12 bytes of the random number in
the nonce register and return the 16 byte random number
Bits 3 to 7: Reser ved. Must be 0b
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data - 0
Note: 1. The RNG seed register in t he EEPROM will be updated automat ically if mode bit 1 = 0b unless the seed regi s ter
was previous ly updated after t he most recent power on reset, wake from t he sleep state, reset command, or
tamper event. Updating the RNG s eed register increases the randomness of the random command output,
however, the E EPROM write endurance specification must be respected.
Atmel ATAES132 Preliminary Datasheet 63
8760A−CRYPTO−5/11
Table 7-66. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command exec ution failure or validation failure
generates a non-zero error code, per Section 6.3.
Random 16 The random number
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 64
8760A−CRYPTO−5/11
7.23. Reset Command
The reset com mand forces the ATAES132 to reset the logic, including t he AES engine, nonce, and authentication status flag.
This command does not return a response.
When a Reset com m and is received, the ATAES132 per forms the same power up reset sequence that occurs during wakeup
from the sleep state. The reset is c om pl ete after the WakeUp Ready time tWupSL.RDY. (see Section 9.4.2)
7.23.1. SPI Reset
During the reset of an ATAES132 c onfigured for S PI interface mode, the device will answer the SPI read status register
command with 0xFF to indicate it i s " busy". When reset is c omplete, the W IP status bit changes to 0b to indicate the dev i ce is
in the active state. The ATAES132 will only accept the SPI read status register comma nd while it is resetting – all other
commands will be ignored. The SPI read status register c ommand is described in Section K.3.6.
7.23.2. I2C Reset
During the reset of an ATAES132 c onfigured for I2C interface mode, the host is required to perform ACK polling using the
matching I2C devic e address. The ATAES132 will answer the ACK poll with an I2C NAK to indicate the device is "busy" dur ing
reset. The ACK poll r eply will chang e to ACK when the de v i c e i s i n the active state. The ATA E S132 will not accept any I2C
commands while it is "busy". ACK pol l ing is described in Section J.3.8.
Table 7-67. Input parameters
Name Size
(Bytes) Notes
Opcode Reset 1 0x00
Mode Mode 1 This byte can be any value
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data - 0
Table 7-68. Output parameters
Name Size
(Bytes) Notes
No response packet is returned by the reset command
The command packet is transmitted as a block beginning with the count and ending with a packet checksum. This bl ock
format is descr ibed in Section 6. 1.
Atmel ATAES132 Preliminary Datasheet 65
8760A−CRYPTO−5/11
7.24. Sleep Command
The sleep com mand forces the ATA ES132 into one of two low power states – sleep or standby. This command does not
return a response.
The sleep stat e can be used to extend b attery life in porta ble systems by powering down the ATAES132 internal circuitry when
the device is sleeping. The standby state put s the internal circuitry in a low power state to reduce power consumption while
preserving the volatile memor y contents and the security state.
A device in the sleep state will not retain any volatile memory contents or security states. A device in the sleep state goes thru
a full power up sequence upon wake up.
A device in the standby state will r etain all volat i le memory content s . A device in the standby state does not go thru a power up
sequence upon wakeup.
The ATAE S132 exits the sleep or standby state if a wakeup event occurs on the IO pins. Wakeup is discussed in Sec tion L.2.
See Appendi x L for a detailed description of the ATAES132 sleep, standby, wakeup, and power management functions .
Table 7-69. Input parameters
Name Size
(Bytes) Notes
Opcode Sleep 1 0x11
Mode Mode 1 Bit 0 to 5: Reserv ed. Must be 0b
Bit 6: If 0b, activate the sleep state
If 1b, activate the standby state
Bits7: Reserved. Must be 0b
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data - 0
Table 7-70. Output parameters
Name Size
(Bytes) Notes
No response packet is returned by the res et command
The command packet is transmitted as a block beginning with the count and ending with a packet checksum. This block
format is descr ibed in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 66
8760A−CRYPTO−5/11
7.25. TempSense Command
The TempSense c ommand activates and reads the die temperature sensor. The temperature sensor is powered on while the
command is bei ng processed and then powered off t o minimize power consumption. The temperature sensor s pecifications
are in Table 9-8.
This command returns two 16 bit num bers, THIGH & TLOW. The diff er ence between the two returned values is the temperatur e
code. The actual die temperatur e is calculated using a formula which is dependent upon the sensor calibration procedure.
The TempCal regis ter indicate s the sensor calibration procedure used to generate the TempOffset register value (see Section
E.2.17 and E.2.18). The default v al ue of TempCal is 0 x00, which indicates that the TempOffset is based on characterization.
When TempCa l = 0x00 calculate t he die temperature in degrees Celsius using the f ollowing formula:
TDIE=1.65* (THIGH – TLOW) + 67.2 - TOFFSET
The TOFFSET v al ue is stored in the firs t two bytes of the TempOffset register in the configuration memory. (see Sect i on E.2.18)
The ATAES 132 devices with a calibrated temperature sensor are ava il able at addition al cost. Contact A tmel for the die
temperature formula for calibrated temperature sensors.
Table 7-71. Input parameters
Name Size
(Bytes) Notes
Opcode TempSense 1 0x0E
Mode Mode 1 Must be 0x00
Param1 Zero 2 Always 0x0000
Param2 Zero 2 Always 0x0000
Data - 0
Table 7-72. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any com m and execution or val i dation failure generates a
non-zero error code(1), per Sec tion 6.3.
TempCodeH 2 Temperature code THIGH
TempCodeL 2 Tem perature code TLOW
Note: 1. I n the event of a temperature sensor timeout er ror, a ReturnCode = 0x90 will be output along with the
TempCodeH, a nd TempCodeL data fields. The TempCodeH and TempCodeL valu es are invalid when this error
occurs. For any other error , only the Return Code value will be r eturned.
The command and response packet is transmitted as a block beginning with the count and ending with a packet c hecksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 67
8760A−CRYPTO−5/11
7.26. WriteCompute Command
The WriteC om pute command encrypts data and computes the MAC requir ed to execute the EncW rite command on a second
ATAES132 device.
To use this command, the nonce mus t be identical on both devices (see Section 7.21.1) and the MacCount must hav e the
same value. Both devices must al s o contain identic al k ey values, but it i s not necessary for the KeyID on the orig in device to
match the Ke yI D on the destination d evice. In this sec tion, the device which encrypts data and generates the M A C is referred
to as the origin device. The device c hecking the MAC is referred to as the des tination devic e.
If mode bit 5, 6, or 7 is 1b, then the associated usage cou nter, SerialNum register value, or the first four bytes of the
SmallZone register must be identical on both devices. The ManufacturingID register must be identical on both devices, s i nc e it
is always included in the MAC c al c ulation.
A valid nonce is required to run the WriteCompute command. If the KeyConfi g[EKeyID].RandomNonce bit is 1b, then the
nonce must be r andom .
The value of Param2 in the FirstBloc k field must matc h the count field value.
Table 7-73. Input parameters
Name Size
(Bytes) Notes
Opcode WriteCompute 1 0x16
Mode Mode 1 The value of thi s field must match the mode field value to be used when
executing the EncWrite command on the destination device
Param1 EKeyID 2 Upper byte is always 0x00. Lo wer byte is the pointer to the encrypt key.
Legal values: 0x00 to 0x0F, 0xFF.
Param2 Count 2 Upp er byte is always 0x00. Lower byte is the num ber of Data bytes to be
encrypted.
Data1 FirstBlock 6 The value of thi s field must match the f irst authenticate-only block to be us ed
when executing the EncWrite command on the destination device
Data2 SecondBlock 16 The value of this field must match the secon d authenticate-only bloc k to be
used when exe c uting the EncWr ite command on the destination device. If
mode bits 5, 6, and 7 ar e 0b, then this fie ld must be present, but is ignored.
Data3 InData 1 to 32 Input data t o be encrypted (plai ntext)
Table 7-74. Output parameters
Name Size
(Bytes) Notes
ReturnCode 1 Upon success, 0x00 will be returned. Any command exec ution or validation failure generates a
non-zero error code, per Section 6.3.
OutMac 16 The input MAC for the EncWrite command on t he des tination devic e
OutData 16 or 32 The encrypte d data (cipherte xt) to be written to the destination device using the EncWrite
command
The command and response packet is transmitted as a block beginning with the count and ending with a packet checksum.
This block f or mat is described in Section 6.1.
Atmel ATAES132 Preliminary Datasheet 68
8760A−CRYPTO−5/11
8. Pin List s
8.1. Package Pin List [SOIC, TSSOP, UDFN]
Table 8-75. Package pin list
Pin Name Description Type
1 SPI mode / I2C mode not used Input
2 SO SPI serial data out / I2C mode not used or AuthO out Output
3 N.C. No connect N.C.
4 Vss Ground Ground
5 SI / SDA SPI serial data in / I2C mode serial data I/O Input / Output
6 SCK Serial data clock Input
7 N.C. No connect N.C.
8 Vcc Power supply Power
8.1.2. Pin Descriptions
8.1.2.1. [1]
SPI chip select bar input pin. In the SPI c om munication mode, this pin functions as the slave select input. In the I2C
communication mode, this pin is not used and should be tied t o VCC or VSS.
8.1.2.2. SO [2]
Serial data out pin. In the SPI communication mode, this pin funct ions as the serial data output. In the I2C communication
mode, this pin is not used in the default configuration. It is always in the high impedance stat e. If Auth signaling is enabled,
then this pin functions as the AuthO output. (See Section J.5)
8.1.2.3. N.C. [3]
No connect pin. This package pin is not used and can be left open by the us er.
8.1.2.4. VSS [4]
Ground
8.1.2.5. SI / SDA [5]
Serial data i n pin. In SPI communication mode this pin functions as the s erial data input. In I2C communication mode this pin
functions as the serial data I/O .
8.1.2.6. SCK [6]
Serial clock input pin. In both SPI and I2C serial communication modes this pin is used as t he s erial interface c lock.
8.1.2.7. N.C. [7]
No connect pin. This package pin is not used and can be left open by the us er.
8.1.2.8. VCC [8]
Supply Voltage
Atmel ATAES132 Preliminary Datasheet 69
8760A−CRYPTO−5/11
9. Electrical Characteristics
9.1. Absolute Maximum Ratings*
Operating temperature .................... −40°C to +85°C
Storage temperature .................... −65°C to + 150°C
Maximum operating voltage ............................. 6.0V
DC output current ......................................... 5.0mA
Voltage on any pin .................. -0.7V to (VCC + 0.7V)
HBM ESD ...................................... 2000V minimum
Notice*: Stress es beyond those listed under “Absolute
Maximum Ratings” may cause permanent damage
to the device. This is a stress rati ng only, and the
functional o peration of the de vice at these or any
other condition beyond those indi cated in the
operational sections of this specification is not
implied. Exposure to absolute m aximum rating
conditions for extended period s may affect device
reliability.
9.2. Reliability
The ATAE S132 is fabricated with the Atmel high r el iability CMOS EEPROM manufacturing technology. The reliabilit y ratings in
Table 9-1 appl y t o each byte of the EEPROM memory.
Table 9-76. E E P ROM Reliability(1)
Parameter Min Typical Max Units
Write endurance (each byte) 100,000 Write cycles
Data retenti on (at 55°C) 10 Years
Data retenti on (at 35° C) 30 50 Years
Read endurance Unlimited Read cycles
Note: 1. These specifications apply to every byte of the user m emory, configuration memor y, a nd key memory. The write
endurance spe cification also applies to the random number generator EEPROM seed register.
All values are preliminary and will be updated aft er characterization.
Atmel ATAES132 Preliminary Datasheet 70
8760A−CRYPTO−5/11
9.3. DC Characteristics
9.3.1. Supply Cha racteristics
Table 9-77. Supply voltage and current characteristics
Applicable over recommended operating range from TA = −40°C to +85° C , VCC = +2.5V t o +5.5V (unless otherwise noted) (1)
Symbol Parameter Test Conditions Min Typ Max Units
VCC (1) Supply voltage 2.5 5.5 V
ICC1 Supply current VCC = 3.3V at fmax
(4)
,
SO = Open, (3) Read, Write, or AES operation 6.0 mA
ICC2 Supply current VCC = 5.5V at fmax (4),
SO = Open, (3) Read, Write, or AES operation 10.0 mA
ICC3 Idle current VCC = 3.3 V or 5.5V at fmax (4),
SO = Open, (3) Waiting for a command 600 800 µA
ISL1 Sleep current VCC = 3.3V, = VCC (3)
Sleep State (5) 0.1 0.25 µA
ISL2 Sleep current VCC = 5.5V, = VCC (3)
Sleep State (5) 0.25 0.5 µA
ISB1 Standby current VCC = 3.3V, = VCC (3)
Standby State (5) 15.0 30.0 µA
ISB2 Standby current VCC = 5.5V, = VCC (3)
Standby State (5) 20.0 40.0 µA
ITEMP Temp sense
supply current Vcc = 5.5 V,
Additional Icc current during temperature sense (3) 2.0 mA
Note: 1. Typical values are at 25° C and are for referenc e only. Typical val ues are not tested or guaranteed.
2. On power up, Vcc must rise continuously from Vss to the oper ating voltage with a rise time no faster than 1V/µS.
3. All input pins must be held at either Vss or Vcc during this measurement. In SPI int er face mode, the pin must
be at Vcc. In I2C interface mode, the pin may be in either state.
4. Measurement is performed at the maximum serial clock frequency. In the I2C interface m ode, fmax is 1 MHz. In
the SPI inter face mode, fmax is 10 MHz.
5. See Appendi x L for sleep and standby st ate information. The s leep command is described in Section 7.24.
6. The AT A ES132 does not support hot swapping or hot pl ugging. Connecting or disconnec ting this device t o a
system whil e power is energized can cause permanent damage to the ATAES132.
All values are preliminary and will be updated aft er characterization.
Atmel ATAES132 Preliminary Datasheet 71
8760A−CRYPTO−5/11
9.3.2. IO Chara ct eristics
Table 9-78. DC c haracteristics
Applicable over recommended operating range from TA = −40°C to +85° C, VCC = +2.5V t o +5.5V (unless otherwise noted)
Symbol Parameter Test conditions Min Max Units
ILI Input current VIN = 0V or V CC −3.0 3.0 µA
ILO Output leakage VOUT = 0V or VCC −3.0 3.0 µA
VIL (1) Input low-voltage −0.5 VCC x 0.3 V
VIH (1) Input high-voltage VCC x 0.7 VCC + 0.5 V
VOL1 (2) Output low-voltage,
except SI/SD A i n I2C mode IOL = 3.0mA 0 0.4 V
VOH1 (2) Output high-voltage,
except SI/SD A i n I2C mode IOH = −3.0mA VCC −0.8 Vcc V
VOL2 Output low-voltage,
SI/SDA pin in the I2C mode only IOL = 3.0mA 0 0.4 V
Note: 1. VIL min and VIH max are for reference onl y and are not tested
2. In the I2C int er face mode, if Auth s i gnaling is enabled, the SO pin functions as the AuthO output. (See Section
J.5) When AuthO is high, the VOH1 specific ation applies. When A uthO is not high, the pin is in the high
impedance st ate – the VOL1 specification is not applicabl e.
All values are preliminary and will be updated aft er characterization.
9.4. AC Characteristics
Table 9-79. A C c haracteristics of the Atmel ATAES132
Applicable over recommended operating range from TA = −40°C to + 85° C, VCC = +2.5V to +5.5V
Symbol Parameter Min Max Units
tWC Write cycle time (1) 4.5 6.0 ms
tTEMP Temperatur e sensor read time See Table 9-8
Command response time See Appen di x N
Note: 1. T he write cycle time includes the EE P R OM erase, write, and automatic data write verification operations
All values are preliminary and will be updated aft er characterization.
Atmel ATAES132 Preliminary Datasheet 72
8760A−CRYPTO−5/11
9.4.2. Power Up, Sleep, Standby, and Wakeup Timing
Table 9-80. Power up, sleep, and wakeup timing characteristics (1)
Applicable over recommended operating range from TA = −40°C to + 85° C, VCC = +2.5V to +5.5V
Symbol Parameter Min Typ Max Units
tPU.STATUS PowerUp time, status 500 600 µs
tPU.RDY PowerUp ready time 1200 1500 µs
tSB Sleep time, entering the standby state 65 100 µs
tSL Sleep time, ent er i ng the sleep state 55 90 µs
tWupSB.STATUS WakeUp status time, standby state 50 100 ns
tWupSB.RDY WakeUp ready time, standby state 500 600 µs
tWupSL.STATUS WakeUp status, sleep state 50 100 ns
tWupSL.RDY WakeUp ready time, sleep state 1000 1200 µs
tCSS.Wup setup time at WakeUp (see Figure 9-1) 100 ns
Notes: 1. All values are base d on c haracterization and are not tested. Typical val ues are at 25° C and are for r eference
only.
2. See Appendi x L for power up, sleep, standby, and wakeup specific ations. The sleep command is describe d in
Section 7.24.
All values are preliminary and will be updated aft er characterization.
Figure 9-1. SPI interface timing, setup time at wakeup
Atmel ATAES132 Preliminary Datasheet 73
8760A−CRYPTO−5/11
9.4.3. I2C Interface Timing
Table 9-81. A C c haracteristics of I2C interface
Applicable over recommended operating range from TA = −40°C to + 85°C, VCC = +2.5V to +5. 5V ,
CL = 1 TTL Gate and 1 00 pF (unless otherwise noted)
Symbol Parameter Min Max Units
fSCK SCK clock frequency 0 1 MHz
SCK clock duty cycle 30 70 percent
tHIGH SCK high time 400 ns
tLOW SCK low time 400 ns
tSU.STA Start setup time 250 ns
tHD.STA Start hold time 250 ns
tSU.STO S top setup time 250 ns
tSU.DAT Data in setup time 100 ns
tHD.DAT Data in hold time 0 ns
tR Input rise time (1) 300 ns
tF Input fall time (1) 100 ns
tAA Clock low to data out valid 50 550 ns
tDH Data out hold time 50 ns
tBUF Time bus mus t be free before a new transmission can start (1) 500 ns
Notes: 1. Values are based on characterization an d are not tested
2. AC measurement conditions :
RL (connects between SDA and Vc c ): 2.0 kΩ (for Vcc +2.5V to +5.0V)
Input pulse voltages: 0.3 Vcc to 0.7 Vcc
Input rise and fall times: ≤ 50ns
Input and outp ut timing reference v oltage: 0.5 Vcc
All values are preliminary and will be updated aft er characterization.
Figure 9-2. I2C synchronous data timing
SCL
SDA IN
SDA OUT
t
F
t
HIGH
t
LOW
t
LOW
t
R
t
AA
t
DH
t
BUF
t
SU.STO
t
SU.DAT
t
HD.DAT
t
HD.STA
t
SU.STA
Atmel ATAES132 Preliminary Datasheet 74
8760A−CRYPTO−5/11
9.4.4. SPI Interface Timing
Table 9-82. A C c haracteris t ics of SPI interface
Applicable over recommended operating range from TA = −40°C to + 85° C, VCC = +2.5V to +5.5V ,
CL = 1 TTL Gate and 3 0 pF (unless otherwise noted)
Symbol Parameter Min Max Units
fSCK SCK clock frequency 0 10 MHz
SCK clock duty cycle 30 70 percent
tWH SCK high time 40 ns
tWL SCK low time 40 ns
tCS high time 50 ns
tCSS setup time 50 ns
tCSH hold time 50 ns
tSU Data in setup time 10 ns
tH Data in hold time 10 ns
tRI Input rise time (1) 2 µs
tFI Input fall time (1) 2 µs
tV Output valid 0 40 ns
tHO Output hold time 0 ns
tDIS Output disable time 50 ns
Note: 1. Values are based on characterization and are not tested
All values are preliminary and will be updated aft er characterization.
Figure 9-3. SPI synchronous data timing
VOH
VOL
HI-ZHI-Z
tV
VALID IN
VIH
VIL
tH
tSU
tDIS
VIH
VIL
tWH
tCSH
VIH
VIL
tCSS
tCS
tWL
t
HO
SCK
SI
SO
CS
Atmel ATAES132 Preliminary Datasheet 75
8760A−CRYPTO−5/11
9.5. Temperature Sensor Characteristics
Table 9-83. Temperature sensor characteristics of the Atmel ATAES132
Applicable over recommended operating range from TA = −40°C to + 85° C, VCC = +2.5V to +5.5V (1)
Symbol Parameter Min Max Units
TDIE Die temperature -40 85 degrees C
TACCY Uncalibrat ed temperature sensor accuracy(2) 5 degrees C
TACCY.CAL1 Calibrated temperature sensor accuracy(2) 2 degrees C
tTEMP Temperature sensor read time 145 ms
Notes: 1. V al ues are based on ch aracterizatio n and are not tested
2. TACCY is the accuracy of the temperature s ensor over the TDIE temperature range when the temperature i s
calculated using the characterization value of the TempOff set register which is programmed at the factory. The
accuracy can be improved to TACCY.CAL1 b y performing a calibr ation procedure on each unit. See S ec tion E.2.17
for addition al information.
All values are preliminary and will be updated aft er characterization.
Atmel ATAES132 Preliminary Datasheet 76
8760A−CRYPTO−5/11
Appendix A . Standards and Reference Do c um ent s
A.1. National and International Standards
The Atmel ATAES132 is designed to comply with the r equirements of the AES standard.
FIPS-197 Specification for the Adv anced Encryption Standard (AES). 26 November 2001
Available at: http://csrc.nist.gov/groups/ST/toolkit/block_ciphers.html
A.2. References
SP800-38A NIST Special Publication 800-38A. Recomm endation for Block Ci pher Modes of Operat ion: Methods and
Techniques. December 2001
Available at: http://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html
SP800-38C NIST S pecial Publicatio n 800-38C. Recommendation for Block Cipher Modes of Operation: The CCM Mode
for Authentication and Confi dentiality. May 2004
Available at : http://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html
SP800-90 NIST Special Publication 800-90. Recommendation for Random Number Generation Using Deterministic
Random Bit Generators. (Revi s ed) March 2007
Available at : http://csrc.nist.gov/groups/ST/toolkit/random_number.html
JEP106xx JEDEC Standard. Standard Manufacturer 's Identificat ion Code. JEDEC S ol id State Technology Associat i on.
Updated periodically. (JEP106AA is dated April 2009)
Available at http://www.jedec.org
ISO/IEC7816-1:1998 Identific ation Cards - Integrated Circuit(s) Cards with Contacts - Part 1: Physical Characteristics
October 1998
Available at : http://www.iso.org or http://www.ansi.org or from your National Standards Body.
ISO/IEC7816-2:2007 Identification Cards - Integrated Circuit(s) Car ds with Contacts - Part 2: Dimension and Location of the
Contacts October 2007
Available at : http://www.iso.org or http://www.ansi.org or from your National Standards Body.
Atmel ATAES132 Preliminary Datasheet 77
8760A−CRYPTO−5/11
Appendix B . Memory Map
B.1. The Atmel ATAES132 Memory Map
Reserved memory cannot be written or read.
Table B-1. The Atmel ATAES132 memory map
Byte Address Description
0000h-0FFFh User memory
1000h-EFFFh Reserved
F000h-F05Fh Configuration memory – Device config
F060h-F07Fh Configuration memory – CounterConfig
F080h-F0BFh Configuration memory – KeyConfig
F0C0h-F0FFh Configurati on memory – ZoneConfig
F100h-F17Fh Confi gurat i on memory - Counters
F180h-F1DFh Configurati on memory – FreeSpace
F1E0h-F1FFh Configuration memory – SmallZone
F200h-F2FFh Key memory
F300h-FDFFh Reserved
FE00h Command / response memory buffer
FE01h-FFDFh Reserved
FFE0h IO address reset
FFE1h-FFEFh Reserved
FFF0h STATUS register
FFF1h-FFFFh Reserved
The user memory is described in Appen di x C. The configuration mem ory is described in Appendix E. The key memory is
described in A ppendix F. The v irtual command memory is described in A ppendix D.
Atmel ATAES132 Preliminary Datasheet 78
8760A−CRYPTO−5/11
B.2. EEPROM Page Boundary
The ATAES 132 EEPROM has 32 byte physical pages. A n EEPROM write can never cross the boundary between two
physical pages. BlockRead and EncRead operat ions cannot cross the boundary between two physical pages. Table B-2
illustrates the page boundary l ocations for ATAES132.
Table B-2. EEPROM page boundary locations for the Atmel ATAES132
Address 0h 1h 2h 3h 4h 5h 6h 7h 8h 9h Ah Bh Ch Dh Eh Fh
XX00h-XX0Fh 32 Byte E E PROM Page
XX10h-XX1Fh
XX20h-XX2Fh 32 Byte E E PROM Page
XX30h-XX3Fh
XX40h-XX4Fh 32 Byte E E PROM Page
XX50h-XX5Fh
XX60h-XX6Fh 32 Byte E E PROM Page
XX70h-XX7Fh
XX80h-XX8Fh 32 Byte E E PROM Page
XX90h-XX9Fh
XXA0h-XXAFh 32 B yt e E EPROM Page
XXB0h-XXBFh
XXC0h-XXCFh 32 Byte EEPROM Page
XXD0h-XXDFh
XXE0h-XXEFh 32 B yt e E EPROM Page
XXF0h-XXFFh
Atmel ATAES132 Preliminary Datasheet 79
8760A−CRYPTO−5/11
Appendix C . User Memory Map
The 32Kbit user memory consists of 16 user zones, each containing 2Kbits ( 256 bytes). The physic al page size is 32 byt es –
write operations c annot cross page boundaries.
Every memor y zone has an indepen dent set of access rest rictions, and all bytes within a zone have the same access
restrictions. The configuration memory (Appendix E) contains an access register for ea c h memory zone which defines the
access requirements for the user zone.
Table C-3. User memory map
Byte address Description
0000h-00FFh User Zone 0
0100h-01FFh User Zone 1
0200h-02FFh User Zone 2
0300h-03FFh User Zone 3
0400h-04FFh User Zone 4
0500h-05FFh User Zone 5
0600h-06FFh User Zone 6
0700h-07FFh User Zone 7
0800h-08FFh User Zone 8
0900h-09FFh User Zone 9
0A00h-0AFFh User Z one A
0B00h-0BFFh User Z one B
0C00
h
-0CFF
h
User Zone C
0D00
h
-0DFF
h
User Zone D
0E00h-0EFFh User Z one E
0F00h-0FFFh User Zone F
Atmel ATAES132 Preliminary Datasheet 80
8760A−CRYPTO−5/11
Appendix D . Command Memory Map
The ATAES 132 commands are executed by writing the command packet to the virtual memory using the standard SPI or I2C
write commands. The response pac k et is retrieved by reading it f r om the virtual memory using the standard S PI or I2C read
commands. The command/response memory buffer i s 64 bytes.
The ATAES 132 commands are executed by writing the command packet to virtual memor y at st arting address 0 xFE00 using
the standard write commands ( see Appendix J and Appendix K). T he response packet is retrieved by reading from the v irtual
memory at star ting address 0xFE 00 using the standard read commands. The device status register (S TATUS) is locat ed at
0xFFF0 (see Appendix G).
To reset t he addr ess pointer in the command/response memory buffer to the base addres s of the buffer, the host writes one or
more bytes to the IO address reset register at address 0xFFE0 using the st andard write command. Any value can be written
to the IO address reset register to reset the buffer address p oi nter.
Table D-4. Command/response virtual memory map
Byte address Description
FE00h Command/response memory buffer
FE01h-FFDFh Reserved
FFE0
h
IO address reset
FFE1
h
-FFEF
h
Reserved
FFF0h STATUS register
FFF1h-FFFFh Reserved
D.2. Command Memory Buffer
The command memory buffer is a write-only buffer memory t hat is used by writing a command block to the buffer at the base
address of 0xF E00. After the host c ompletes its write operation to the buffer, the ATAES132 verifies the integrity of t he block
by checking the 16-bit checksum , and then executes the requested oper ation. See Secti on 6.1 for a description of the crypto
command block.
Write operations which begin at any other location within the buffer are invalid and will not be processed by the ATAES132.
Table D-5. Comm and memory buffer map
Base
address
Base
+ 1
Base
+ 2
Base
+ 3 ...... ...... ...... ......
Base
+ N-2
Base
+ N-1
Count Opcode Mode Param1 Param1 Param2 ....... DataX CRC1 CRC2
Atmel ATAES132 Preliminary Datasheet 81
8760A−CRYPTO−5/11
D.2.2. Using the Command Me mory Buffer
The host should write a single byte to t he IO address reset register before writing a new command block to the comm and
memory buffer – this resets the buffer address pointer to the base address. The host then writes the ATAES132 com mand
block to the buf fer using one or more standard SPI or I2C write com m ands. After the entire command block is written by the
host microcontroller, the ATAES132 checks the 16-bit checksum and executes the command. The host should read the
STATUS register to determine if an error occurred or if the response is r eady to be read.
If a checksum er r or occurs, then the buffer address pointer must be reset by the host before the com mand block is
retransmitt ed. If no errors occur, then the response can be read from the response memory buffer as describe d i n Section
D.3.2 (See Appendix G f or examples).
The command memory buffer size is 64 bytes. If the host writes more than 64 bytes to the buffer, it will cause a b uffer
overflow error. If the host hardware must send more bytes to the A TAES132 than are req ui r ed to transmit a command block
(due to host hardware limitations), then all bytes transmitted after the block checksum must c ontain 0xFF.
D.3. Response Memory Buffer
The response memory buffer is a r ead-only memory buffer that is used by reading a response from the buffer at the base
address of 0xF E00. The base address of the response memory buffer c ontains the first byte of the response packet after a
crypto command is processed. See Section 6.1 for a descript i on of the crypto response packet.
Read operatio ns which begin at an y loc ation above the base address are invalid and will either be NAKed (in I2C mode) or be
ignored (output will tri-stat e i n SPI mode).
Table D-6. Response memory buffer map following a crypto command
Base
Address Base
+ 1
Base
+ 2
Base
+ 3 ...... ...... ...... ......
Base
+ N-2
Base
+ N-1
Count ReturnCode Data1 Data2 Data3 ....... ....... DataX CRC1 CRC2
The response memory buffer is also used to report er r ors that occur during execution of s tandard I2C or SPI write commands .
When the I2C or SPI c om mand execution is com plete (as indicated by the STATUS register), the response memory buffer
contains a block containing an error code (ReturnCode) if an error oc curred, otherwise it contains a block containing
ReturnCode = 0x00. Reading t he response memory buffer does not alter the contents of the response memory buffer or the
STATUS register (see Appendix G). See Section 6.3 for the error des criptions.
Table D-7. Response memory buffer map following a standard I2C or SPI write operation
Base
Address Base
+ 1
Base
+ N-2
Base
+ N-1 ...... ...... ...... ...... ...... ......
Count ReturnCode CRC1 CRC2 FFh FFh FFh FFh FFh FFh
D.3.2. Using the Response Memory Buffer
After an ATAES132 command is e xecuted, the RRDY bit of the STATU S regist er i s set to 1b to indicate that a new respons e is
available in the response memory buffer. The host reads t he response bloc k from the buffer using one or more standar d S PI
or I2C read commands. A fter the entire res ponse block is read, the host microcontroller checks the 16-bit checksum.
If a checksum er r or occurs, then the buffer address pointer must be reset by the host before the res ponse block is re-read. If
the host reads m ore bytes from the response buffer than necessary to retrieve the block, then all bytes after the block
checksum will contain 0xFF (See A pp endi x G for examples). The response memory buffer size is 64 bytes.
Atmel ATAES132 Preliminary Datasheet 82
8760A−CRYPTO−5/11
D.4. IO Address Reset Register
Writing the IO address reset regis ter (address 0xFF E0) with any value causes the address pointers in the c ommand memory
buffer and the response memory buffer to be reset to the base address of t he buffer. The IO address reset register can be
wri t t e n wi th 1 to 32 bytes of data without generating an error; the data bytes will be ign or ed.
Writing the IO address reset regis ter does not alt er the contents of the response memory buffer, or the value of the STATUS
register. Wr i ting the IO address reset register clears the command memory buffer ( S ee Appendix G for examples).
D.5. Device Status Register (STATUS)
The device status register is used for handshaking between the host micr ocontroller and the ATAES132. The host is expected
to read the STATUS register before sending a command or reading a response. See Appendix G for the definition and
behavior of the STATUS register . If the ATAES132 is c onfigured in SPI Interface mode, the STATUS register c an also be read
using the SPI RD S R c ommand as describ ed in Section K.3.6.
Reading the STATUS registe r does not alter t he contents of the c ommand memory buff er, the response memory buffer, or the
value of the ST ATUS register.
Atmel ATAES132 Preliminary Datasheet 83
8760A−CRYPTO−5/11
Appendix E . Configuration Memory Map
The ATAES 132 configuration memory is located fr om address 0xF000 to address 0xF1FF. The configuration memory can
always be read using the BlockR ead command (see Sect ion 7.4). See Se ction E.2 for des c riptions of each configuration
register. A memory map showing the default register val ues is in Appendix O.
E.1. Configuration Memory Map
Table E-8. The configuration memory map for the At mel ATAES132
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F000h-F007h SerialNum
F008h-F00Fh LotHistory
F010h-F017h Jedec Reserved Algorithm EEPageSize
F018h-F01Fh EncReadSize EncWrtSize DeviceNum Reserved
F020h-F027h LockKeys LockSmall LockConfig Reserved
F028h-F02Fh Reserved ManufacturingID PermConfig Reserved
F030h-F037h Reserved
F038h-F03Fh
F040h-F047h I2CAddr ChipConfig TempCal TempOffset
F048h-F04Fh TempOffset RFU
F050h-F057h RFU
F058h-F05Fh
F060h-F067h CounterConfig 00 CounterConfig 01 CounterConfig 02 CounterConfig 03
F068h-F06Fh CounterConfig 04 CounterConfig 05 CounterConfig 06 CounterConfig 07
F070h-F077h CounterConfig 08 CounterConfig 09 CounterConfig 0A CounterConfig 0B
F078h-F07Fh CounterConfig 0C CounterConfig 0D CounterConfig 0E CounterConfig 0F
F080h-F087h KeyConfig 00 KeyConfig 01
F088h-F08Fh KeyConfig 02 KeyConfig 03
F090h-F097h KeyConfig 04 KeyConfig 05
F098h-F09Fh KeyConfig 06 KeyConfig 07
F0A0h-F0A7h KeyConfig 08 KeyConfig 09
F0A8h-F0AFh KeyConfig 0A KeyConfig 0B
F0B0h-F0B7h KeyConfig 0C KeyConfig 0D
F0B8h-F0BFh KeyConfig 0E KeyConfig 0F
F0C0h-F0C7h ZoneConfig 00 ZoneConfig 01
F0C8h-F0CFh ZoneConfig 02 ZoneConfig 03
F0D0h-F0D7h ZoneConfig 04 ZoneConfig 05
F0D8h-F0DFh ZoneConfig 06 ZoneConfig 07
F0E0h-F0E7h ZoneConfig 08 ZoneConfig 09
F0E8h-F0EFh ZoneConfig 0A ZoneConfig 0B
F0F0h-F0F7h ZoneConfig 0C ZoneConfig 0D
F0F8h-F0FFh ZoneConfig 0E ZoneConfig 0F
Atmel ATAES132 Preliminary Datasheet 84
8760A−CRYPTO−5/11
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F100h-F107h Counter 00
F108h-F10Fh Counter 01
F110h-F117h Counter 02
F118h-F11Fh Counter 03
F120h-F127h Counter 04
F128h-F12Fh Counter 05
F130h-F137h Counter 06
F138h-F13Fh Counter 07
F140h-F147h Counter 08
F148h-F14Fh Counter 09
F150h-F157h Counter 0A
F158h-F15Fh Counter 0B
F160h-F167h Counter 0C
F168h-F16Fh Counter 0D
F170h-F177h Counter 0E
F178h-F17Fh Counter 0F
F180h-F187h
FreeSpace
F188h-F18Fh
F190h-F197h
F198h-F19Fh
F1A0h-F1A7h
F1A8h-F1AFh
F1B0h-F1B7h
F1B8h-F1BFh
F1C0h-F1C7h
F1C8h-F1CFh
F1D0h-F1D7h
F1D8h-F1DFh
F1E0h-F1E7h
SmallZone
F1E8h-F1EFh
F1F0h-F1F7h
F1F8h-F1FFh
The configuration memory map in Table E-1 is color coded. The registers shown in orange are loc ked at the fact ory and
cannot be changed by the customer. The contents of the lock registers (sho wn in blue) can only be changed by using the lock
command (see Section 7.19).
Configuration registers shaded with green can be written by the cus tomer prior to locking (by setting LockConfig to 0x 00 using
the lock comm and). The SmallZon e (shown in yellow) can be written by the customer prior to locking (by setting LockSm al l to
0x00 using the l ock command) – SmallZone is locked separately from t he remainder of the configuration memory.
Atmel ATAES132 Preliminary Datasheet 85
8760A−CRYPTO−5/11
E.2. Configuration Register Descriptions
Each register in the configuration memory is br iefly describe d i n this section. References are provided to detail i nformation in
other sections of this specific ation. The registers are described in the same order that they occur in the m emory map in
Section E.1.
E.2.1. SerialNum Register
SerialNum is an eight byte read-only register that is programmed b y Atmel at the factory. The contents of this register are
guaranteed to be unique on each un it over the production life of the ATA ES132 product famil y. The contents of this register
can optionally be included in t he cryptographi c calculations by setting mode bit 6 t o 1b as described in th e c ommand
definitions in Section 7. T his register cannot be changed by the customer.
It is recommended that the SerialNum register value be used to perform key diversific ation.
E.2.2. LotHistory Register
LotHistory is an eight byte re ad-only register that is programmed b y Atmel at the factory. This register c ontains proprietary
data which is n ot intended for customer use. This register cannot be changed by the customer.
E.2.3. Jedec Register
Jedec is a t wo byte read-only register that is programmed by Atm el at the factory. T he J edec register always contains
0x001F, which is the Jedec manufacturing identification code assigned to At m el . This register cannot be changed by the
customer.
E.2.4. Algorithm Register
Algorithm is a two byte read-only reg ister that is programmed by Atmel at t he factory. The default value 0x0000 indicates 128
bit AES-CCM. This register cannot be changed by the customer.
E.2.5. EEPageSize Register
EEPageSize is a one byte read-only register that is programmed by Atmel at the fac tory. The default value 0x20 indicates a 32
byte physical EEPROM page size. This register c annot be changed by the c ustomer.
E.2.6. EncReadSize Regist er
EncReadSiz e is a one byte read-only register that i s programmed by Atmel at the factory. The default value 0x20 indicates
that 32 bytes is the maximum data length which can be returned by the EncRead command. This register cannot be changed
by the customer.
E.2.7. EncWrtSize Register
EncWrtSize is a one byte read-only regis ter that is programmed by Atmel at the factory. The default value 0x20 indicates that
32 bytes is the maximum data length which can be writ ten using the EncWrite command. This register cannot be changed by
the customer.
Atmel ATAES132 Preliminary Datasheet 86
8760A−CRYPTO−5/11
E.2.8. DeviceNum Register
DeviceNum is a one byte read-only register that is programmed by Atmel at the factory. This byte indicates the device type
(32K bit, ATAES1xx family). The INFO command retur ns this byte, along with a hardware revisi on byte as shown in
Table E-2. This register cannot be c hanged by the customer.
Table E-9. DeviceNum coding for INFO response and Devi c eNum in configuration memory register
Description INFO DeviceNum DeviceNum register
Early Pre-Production Samples 0x0A02 0x0A
Pre-Production S amples 0x0A04 0x0A
See Section 7.12 for the INFO c om mand description.
E.2.9. LockKeys Register
LockKeys is a one byte regist er that controls write access to key memory. The default value of LockKeys is the unlocked st ate
(0x55). The LockKeys register can only be changed by using the lock command (s ee Section 7.19). A fter the lock command is
ran, this regist er will contain 0x00 and the key memory will be lock ed. It is impossible to unlock memory which has been
locked.
E.2.10. LockSmall Register
LockSmall is a one byte regist er that controls write access to the SmallZone register. The default value of LockSmall is the
unlocked state (0x55). The Lock Small register can only be changed by usi ng the lock command ( see Section 7.19). After the
lock command is ran, this register will c ontain 0x00 and the SmallZone will be locked. It is imposs ible to unlock mem ory which
has been locked.
E.2.11. LockConfig Register
LockConfig is a one byte register that controls writ e ac cess to configuration memory, except the SmallZ one register. The
default valu e of LockConfig is the unlocked state ( 0x55). The LockConfig register can only be changed by using the lock
command (see Section 7.19). After the lock command is ran, this regist er will contain 0x00 and the configuration memory will
be locked, except for the SmallZone register , which is controlled by the LockSmall register. It is impossible to unlock memory
which has bee n l oc ked.
If the LockConfig register is unlocked (0x55) then the random number generator is latched in test mode and the random
command will always return 16 byt es of 0xA5. The KeyCompute and nonce commands will create non-random results when
the RNG is in test mode. If the LockConf ig register is lock ed (0x00), then t he R NG generates rand om numbers and the
random, Ke yCompute, and nonce c om mands function normally.
E.2.12. Reserved Registers
Any configuration memory locations which are identified as reserved in Table E-1, memory map, are res erved by Atmel for
future use. All res erved registers are read-only regis ters that are programmed by Atmel at the factory. These memory
locations are p rogr amme d with Atmel propri etary data. T he cont ents of the reserved r egisters will vary and are not int ended for
any customer use. These registers cannot be changed by the customer.
E.2.13. ManufacturingID Register
ManufacturingID is a two byte read-only register that is programmed by Atmel at the factory. This regist er contains a customer
spicfic value. The default ManufacturingID r egister contains 0x0000. This register cannot be c hanged by the cust omer.
Atmel ATAES132 Preliminary Datasheet 87
8760A−CRYPTO−5/11
E.2.14. PermConfig Register
PermConfig is a one byte read-only register that i s programmed by Atmel at the factor y. This register cannot be changed by
the customer. The default value 0x01 enables all cr yptographic commands.
Table E-10. Per mConfig register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
Reserved for future use EncryptE
If the EncryptE bit is 1b, then the encrypt, decrypt and legac y com m and availability is determined by the ChipConfig.E ncDecrE
and ChipConf ig.LegacyE bits. If the EncryptE bit is 0b, then the encrypt, decrypt, and le gacy commands are disabled. See
the ChipConfi g register definition in Section E.2.16 for additional informatio n.
E.2.15. I2CAddr Register
I2CAddr is a one byte register that cont rols the ATAE S132 serial interface. The customer can write the I2CAddr register wit h
the standard I2C or S PI write commands unless the configuration memory has been locked (see the LockConfig register
definition i n S ection E.2.11).
Table E-11. I2CAddr register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
I2C device address SPI/I2C
Bit 0 selects the s er i al interface mode; 0b selects SPI interface mode, while 1b selects I2C interface mode. If bit 0 is 0b, then
the contents of bits 1 to 7 are ignored.
The default value of the I2CAddr register depends on the ordering code (see Appendix Q); I2CAddr is 0xA1 (I2C Device
Address is 0xA0) f or catalog numbers with an I2C interface configuration, I2CAddr is 0x00 for catalog numbers with a SPI
interface configuration. See Appendix J for the I2C interface specifications. See Appendix K for the SPI i nterface
specifications.
E.2.16. ChipConfig Register
ChipConfig is a one b yte register that c ontrols device l evel functional i ty of the ATA E S132. The customer can write the
ChipConfig register with the standard I2C or SPI write commands unless the configuration memory has been locked (see the
LockConfig register definition in Section E.2.11).
Table E-12. ChipConfig register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
PowerUpState Reserved for future use EncDecrE LegacyE
If the ChipConfig.LegacyE bit is 1b, then the l egacy command (Section 7.18) is enabled. If ChipConfig.LegacyE is 0b, then a
parse error ReturnCode will be returned in response to a legacy command. If the ChipConfig.EncDecrE bit is 1b, then the
encrypt command (Section 7.10) and decrypt com mand (Section 7.8) are enabled. If ChipConf ig.EncDecrE is 0b, then a parse
error ReturnCode will be returned in response to an enc rypt command or decrypt command.
The default configuration of the PermConfig regi s ter allows the cus tomer to control the availability of the encrypt, decrypt, an d
legacy comma nds using the ChipCo nfig register. H owever, the ChipConfig.EncDecrE bit and ChipConfig. LegacyE bit will b e
ignored if the ATAES132 is configured at the fac tory to disable exter nal encryption ( see the PermConfig Register defin i tion in
Section E.2.14).
Atmel ATAES132 Preliminary Datasheet 88
8760A−CRYPTO−5/11
Table E-13. Coding of the Po werUpS tate bits in the Ch ipConfig register
Bit 7 Bit 6 Description
1 1 Device goes to the Active State at Power Up
1 0
0 1 Device goes to the Standby State at Power Up
0 0 Device goes to the Sleep State at Power Up
The ChipConfig.PowerUpState bits are used to configure the behav ior of the ATAES132 at initial power up. Table E-6 shows
the definition of the ChipConfig.PowerUpState bits. See Appendix L for detailed information regardi ng the ATAES132 power
management functions.
The default value of the ChipConf ig register is 0xC3. In this configur ation, the ATAES132 goes to the active state at power up,
the encrypt, decrypt and legacy commands ar e enabled.
E.2.17. TempCal Register
The TempCal regis ter contains a value indicating the calibration procedure used to determine the T em pOffset register value at
the factor y. The temperature sensor calibration procedure deter m i nes the accuracy of t he die temperatur e measurement. The
default valu e of TempCal is 0x00.
Table E-14. TempCal register definition
TempCal Valu e Description Accuracy(1) TempOffset
0x00 Uncalibrated temperature sensor TACCY 2 bytes
0x01 Calibrat ed temperature sensor, procedur e 1 TACCY.CAL1
0xFF Temperature sensor Offset unkno wn N/A N/A
Note: 1. The die temperature accuracy specifi c ations are listed in Table 9-8
The customer can write the TempCal register with the standard I2C or SP I write commands unless the configuration memory
has been locked (see the LockConfig register defi nition in Section E.2.11).
E.2.18. TempOffset Register
TempOffset is an eight byte register that contains a temperature offset value which is used to calculate the die temperature
measured by the high-accuracy internal sensor. T he customer can write the TempOffset regi s ter with the standard I2C or SPI
write commands unless the configuration mem ory has been locked (see the LockConfig r egi s ter definition in Section E.2.11).
The default TempOffset regist er value programm ed by Atmel at the factory is determined by characterization, as indicated by a
TempCal register value of 0x00. Only the first two bytes of the TempOffset register ar e used to calculate the die temperat ure
when the TempCal register value is 0x00. See Section 7.25 for the tem perature calculation.
It is possible to substantiall y improve the accuracy of the temperature sensor by measuring the temperature offset for eac h
unit, and overwriting the TempO ffset register wit h the new offset v al ue during personali z ation. Contact At mel for calibrated
temperature s ensor information.
E.2.19. RFU Registers
Any configuration memory locations which are identified as RFU in Table E-1, memor y map, are registers in customer writable
memory that are reserved by Atm el for future use (in a future ATAES family product or a major pr oduct revision). The default
value of the RFU r egi s ters is 0xFF.
The customer can write the RFU regis ters with the standard I2C or SPI write commands unless the configuration memory has
been locked (see the LockConfi g r egister definiti on in Section E.2.11). The RFU registers should only b e pr ogrammed to
0xFF; all other v al ues are prohibited.
Atmel ATAES132 Preliminary Datasheet 89
8760A−CRYPTO−5/11
E.2.20. CounterConfig Regist ers
The 16 Counter Config registers are used to individual ly configure the 16 Counters. Each CounterConfig register controls one
counter. CounterConfig 00 cont rols Counter 00, CounterConfig 01 controls Counter 01, etc.
Each Counter C onfig register is a two byte array which is stored as shown in Table E-8. The customer can write the
CounterConf ig regis ters wit h the standard I2C or SPI write commands unless the configuration memory has been locked (see
the LockConfig register defi ni tion in Section E.2.11). See Appendix H for additional counter inf ormation.
Table E-15. Par tial configuration memory map showing CounterConfig register byte locations for four registers
Address 0h 1h 2h 3h 4h 5h 6h 7h
F060h-F067h Counter Co nfig 0 Cou nt erCo nfi g 1 Count erCo nf ig 2 Cou nter Co nfig 3
Byte 0 Byte 1 Byte 0 Byte 1 Byte 0 Byte 1 Byte 0 Byte 1
The CounterC onfig register im pos es restrictions on the usage of the counter command ( see Section 7.5) with a counter. The
CounterConf i g bits have no impac t on the functionali ty of a key usage counter. If a counter is identified in a KeyConfig r egister
(see Section E.2.21) as a Key Usage Counter, t hen the counter will increment each time the key is used. The
CounterConfig[CntID].Increment OK is typically set to 0b to prohibit the counter command from incrementing a key usage
counter.
Table E-16. Def i nition of the CounterConfig register bits(1)
CounterConf ig Fiel d Byte Bit Description
IncrementOK 0 0 If 1b, then increments using the Counter command are permitted
If 0b, then increments using the Count er command are pro hibi ted
RequireMAC 0 1 If 1b, then the increment oper ation requires an input MAC
If 0b, then an input MAC is pr ohibited
Reserved 0 2 to 7 Reserved for future use. All bits must be 0b
IncrID 1 0 to 3 Ke yID of the key used to generate the Counter command input MAC for
increment operations
MacID 1 4 to7 KeyID of the key used to gen er ate the Counter com m and output MAC for
counter read o per ations
Note: 1. Changes to the Counter C onfig registers take effect i m mediately, which al low the functionality to be verified
during the personalization process
E.2.21. KeyConfig Registers
The 16 KeyConfig registers are used to individual ly configure the 16 keys. Each KeyConfig register controls one k ey.
KeyConfig 00 controls Key 00, KeyConfig 01 contr ols Ke y 01, etc.
Each KeyConfig register is a four byte array which is stored as sho wn in T able E-10. The cust om er can write the Ke y C onfig
registers with the standard I2C or SPI write commands unless the Configur ation Memory has been locked (see the LockConfig
register defi nition in Section E.2.11).
Table E-17. Par tial configuration memory map showing KeyConfig register byte locations for two registers
Address 0h 1h 2h 3h 4h 5h 6h 7h
F080h-F087h KeyConfig 0 KeyConfig 1
Byte 0 Byte 1 Byte 2 Byte 3 Byte 0 Byte 1 Byte 2 Byte 3
Atmel ATAES132 Preliminary Datasheet 90
8760A−CRYPTO−5/11
A key can be disabled by setting Ke yConfig[KeyN].AuthKey to 1b and Key Config[KeyN].LinkPointer to cont ain "KeyN", wher e
the KeyN = KeyID of the key being conf i gured.
Table E-18. Definition of the KeyCo nfig register bits (1)(3)
CounterConf ig Fiel d Byte Bit Description
ExternalCrypto 0 0 If 1b, then the key can be used with the encrypt and decrypt comm ands (2)
If 0b, then the enc rypt and decrypt commands are prohibited
InboundAuth 0 1 If 1b, then the key can only be used by the Auth command for inbound only or
mutual authe ntication. Key can not be used by any oth er command, but
KeyID can be t he target of a key management command.
If 0b, then key can be used for any purpose not prohibited by another K eyConfig
bit, including Outbound Only authentication
RandomNonce 0 2 If 1b, then operations using this key require a Random Nonce. (see Section
7.20)
If 0b, then the nonce is not required to be random
LegacyOK 0 3 If 1b, then this key can be used with the legacy command
If 0b, then the k ey cannot be used with the legacy comm and
AuthKey 0 4 If 1b, then this key requires prior auth entication usi ng the KeyID stored in
LinkPointer
If 0b, then prior authentication is not required
Child 0 5 If 1b, then k ey is permitted to be the t ar get of a KeyCompute and/or KeyLoad
command
If 0b, then this use is prohibited
Parent 0 6 If 1b, then key may be used as the VolatileKey parent by the KeyCompute or
KeyLoad commands. This key may also be used as the decrypt key by the
KeyImport command when the tar get key is the Volatil eKey. (see Section
4.3)
If 0b, then this use is prohibited
ChangeKeys 0 7 If 1b, then key updates are per mitted after locking. The new ke y is written using
the EncWrite c ommand with a MAC generated with the current value of
key. (see Sect i on 7.11)
If 0b, then key updates with EncW rite command are prohibited
CounterLimit 1 0 If 1b, usage count limits are enabled for this k ey (see CounterNum)
If 0b, then ther e ar e no usage limits
ChildMac 1 1 If 1b, then an input MAC is r equired to modif y thi s key using the KeyCompute
command
If 0b, the KeyCompute command does not r equire an input MAC (it will be
ignored if provided)
AuthOut 1 2 If 1b, then I
2
C Auth signaling is enabled for this key (see Section J.5)
If 0b, then I2C Aut h s i gnaling is disabled for this key
AuthOutHold 1 3 If 1b, the I
2
C AuthO output state is unchanged when an Authentication Reset is
executed usi ng this key
If 0b, then the I2C AuthO output is res et when an Authentication Reset is
executed usi ng this key (see Sect i on J.5)
ImportOK 1 4 If 1b, t hen this key is permitted to be the target of a KeyImport command.
If 0b, then the K eyImport command is prohibited
ExportAuth 1 5 If 1b, then the Ke yExport and KeyCompute commands require prior
authenticati on us in g the KeyID stored in LinkPointer
If 0b, then prior authentication is not required
Atmel ATAES132 Preliminary Datasheet 91
8760A−CRYPTO−5/11
CounterConf ig Fiel d Byte Bit Description
TransferOK 1 6 If 1b, t hen this key is permitted to be the target of a KeyTransfer command. (See
Section 7.17)
If 0b, then the KeyTransfer com m and i s prohibited
AuthCompute 1 7 If 1b, t hen this key can be used with the AuthCompute command
If 0b, then the k ey cannot be used with the AuthComput e command
LinkPointer 2 0 to 3 For child keys, stores the ParentKeyID
For all other keys, the KeyID of the authorizing key (see AuthKey)
CounterNum 2 4 to 7 Stores the CntID of the counter attached to this key for usage limits and/or for
MAC calculati on. MAC calculati ons will include the counter if command
mode bit five is 1b even if key usage lim i ts are disabled
Reserved 3 0 to 7 Reserved for future us e. All bits must be 0b
Notes: 1. Changes to the KeyConf ig registers take effect immediately, which allows the functionality to be verified dur ing
the personalization process.
2. Warning: Since the encrypt comman d does not include an input MAC, the encrypt command can be
exhaustively ran with selected input data to att ack the key. Requiri ng authentication prior to allowing encryption
makes these at tacks more diffi c ul t. To require prior aut hentication, t he A uthKey, and Rand om N once bits must be
set to 1b.
3. A key can be dis abled by setting KeyConfig[KeyN].AuthKey to 1b and KeyConfig[KeyN].LinkPointer t o c ontain
"KeyN", where KeyN = KeyID of the key being conf igured
E.2.22. ZoneConfig Registers
The 16 ZoneConfig registers are used to individually configure the 16 user zones. Each ZoneConfig reg ister controls o ne user
zone. ZoneCo nfig 00 controls user zone 00, ZoneConfig 01 controls User Zone 01, etc.
Each ZoneConfig register is a four byte array which i s stored as shown in Table E-12. The customer can write the ZoneConfig
registers with the standard I2C or SPI write commands unless the configuration memory has been locked (see the LockConfig
register defi nition in Section E.2.11).
Table E-19. Partial configuration memory map showing ZoneConfig register byte locations for the t wo registers
Address 0h 1h 2h 3h 4h 5h 6h 7h
F0C0h-
ZoneConfig 0 ZoneC onf ig 1
Byte 0 Byte 1 Byte 2 Byte 3 Byte 0 Byte 1 Byte 2 Byte 3
Atmel ATAES132 Preliminary Datasheet 92
8760A−CRYPTO−5/11
Table E-20. Def i nition of the ZoneConfig register bits (1)
CounterConf ig Fiel d Byte Bit Description
AuthRead 0 0 If 1b, then authent ication is required to read data
If 0b, then authentication is not required to read data
AuthWrite 0 1 If 1b, then authentication is required to write data
If 0b, then authentication is not required to write data
EncRead 0 2 If 1b, then encryption is requir ed to read data.
If 0b, then encryption is not required to read data
EncWrite 0 3 If 1b, then encryption is required to write data
If 0b, then encryption is not required to write data
WriteMode 0 4 to 5 If 00b, then this zone is per manently read/write
If 01b, then this zone is permanently read-only
If 10b, then the ReadOnly byte deter mines if writes are permitted
If 11b, then the ReadOnly byte deter mines if writes are permitted and t he lock
command mus t include an authenticating MAC calculated using the
KeyID stored in ZoneConfig[UZ].WriteID.
UseSerial 0 6 If UseSerial = 1b and E nc Write = 1b, then the SerialNum must be included in
EncWrite operations. If EncW rite = 0b, then this bit i s i gnored.
UseSmall 0 7 If UseSmall = 1b and Enc Write = 1b, the first 4 bytes of SmallZ one must be
included in EncWrite operations. If EncWrite = 0b, then this bit is
ignored.
ReadID 1 0 to 3 KeyID which is used to encrypt data read from this zone
The same ke y is used to generate the MAC
AuthID 1 4 to 7 KeyID which is used for inbound authentication before access is permitted
Reserved 2 0 to 3 Reserved for future use. All bits must be 0b
WriteID 2 4 to 7 KeyID which is us ed to decrypt data written to this zone
The same ke y is used to verify the MAC
ReadOnly 3 0 to 7 The contents of this byte are ignored unless WriteMode contains 10b or 11b
If 0x55, then t he us er zone is read/write
If any other value, then the user zone is read-only
This byte can b e updated after the c onfiguration memory is locked by using
the lock comm and ( See Section 7.19.)
Note: 1. Most c hanges to the ZoneCo nfig registers take effect immedi ately. Changes to the AuthRead and EncRead bits
do not affect t he S PI or I2C read command until the next reset or power up.
Atmel ATAES132 Preliminary Datasheet 93
8760A−CRYPTO−5/11
E.2.23. Counter Registers
The 16 Counter r egi s ters are used to stor e the counter values. The default v al ue of the counters is equivalent to a c ount value
of zero. See Appendix H for Counter information.
The customer can write the counter regis ters with the st andard I2C or SPI write commands unless the configuration memory
has been locked (see the LockConfig register defi nition in Section E.2.11).
E.2.24. FreeSpace Register
The FreeSpace r egi s ter is 96 bytes of m emory for storage of customer data. The customer can write the FreeSpace register
with the standard I2C or SPI write commands unless the configuration memory has been locked (see the LockConfig register
definition i n S ection E.2.11).
The default value of the FreeSpace register is 0xFF in all bytes. The FreeSpace register can be programm ed with any v alue –
the contents will not change the behavior of the ATAES132.
E.2.25. SmallZone Register
The SmallZone register is 32 byt es of memory for stor age of customer data. Optionally, the first four bytes of the SmallZone
may be included in cryptographi c calculations by setting mode bit 7 t o 1b as described in th e command definitions in Section
7. The customer can write the SmallZone register with the standard I2C or SPI write commands unless the SmallZone r egi s ter
has been locke d ( see the LockSmall r egister definition in Section E.2.10).
The default value of the Small Zone register is 0xFF in all bytes. The SmallZone register can be programmed with any valu e –
the contents will not change the behavior of the ATAES132.
Atmel ATAES132 Preliminary Datasheet 94
8760A−CRYPTO−5/11
Appendix F. Key Memory Map
Table F-21. The key memory map.The ATAES132 key memory is located at address 0xF200.
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F200h-F207h Key 00
F208h-F20Fh
F210h-F217h Key 01
F218h-F21Fh
F220h-F227h Key 02
F228h-F22Fh
F230h-F237h Key 03
F238h-F23Fh
F240h-F247h Key 04
F248h-F24Fh
F250h-F257h Key 05
F258h-F25Fh
F260h-F267h Key 06
F268h-F26Fh
F270h-F277h Key 07
F278h-F27Fh
F280h-F287h Key 08
F288h-F28Fh
F290h-F297h Key 09
F298h-F29Fh
F2A0h-F2A7h Key 0A
F2A8h-F2AFh
F2B0h-F2B7h Key 0B
F2B8h-F2BFh
F2C0h-F2C7h Key 0C
F2C8h-F2CFh
F2D0h-F2D7h Key 0D
F2D8h-F2DFh
F2E0h-F2E7h Key 0E
F2E8h-F2EFh
F2F0h-F2F7h Key 0F
F2F8h-F2FFh
The VolatileKey (KeyID = 0xF F) does not exist in E E PROM. It is a temporary key that resides in the internal SRAM m emory.
The internal SRAM cannot be accessed directly. See section 4.3 for VolatileKey information.
Prior to locking the key memory, it can be written with either encrypted or clearte xt data. Encrypted writes are performed using
the EncWrite c ommand (see Section 7.11). Cleartext writes are perf or med using the standard SPI or I2C write commands (s ee
Section 5.3). The key memory can never be read with the B lockRead command, or the EncRead com m and, or with standar d
I2C or SPI read commands.
Atmel ATAES132 Preliminary Datasheet 95
8760A−CRYPTO−5/11
Appendix G . Understanding the STATUS Register
The device status register is used for handshaking between the host micr ocontroller and the ATAES132. The host
microcontr oller is expected to read the STATUS regis ter before sendin g a command or reading a response.
G.1. Device Status Register (STATUS) Definition
Address 0xFFF0 contains the read-only device status regis ter which indicates the current stat us of the ATAES132 device. The
SPI read status register command can be u s ed to read the STATUS register as described in Section K.3.6.
This regist er can also be read with the standard I2C or SPI read memory commands. Reading the STATUS register does not
increment the memory read address , so a host microcont roller can easily monitor the ATAES132 device st atus by repeatedly
reading the STATUS register.
Table G-22. Device status register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
EERR RRDY Reserved CRCE Reserved WAKEb WEN WIP
Table G-23. Dev i c e status register bit definitions(1)(2)
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
“1b” indicates a write cycle or a cryptographic oper ation is in progres s
Bit 1 (WEN) "0b" indicates the device is not SPI write enabled, or i s i n I2C i nterface mode
“1b” indicates the device is SPI write enabled
Bit 2 (WAKEb) "0b" indicates the device is not in the Sleep or Standby power state
“1b” indicates the device is in the Sleep or Standby power state
Bit 3 (Reserved) Always "0b". This bit is reserved for f uture use. (1)
Bit 4 (CRCE) "0b" i ndicates the most rec ent command bloc k contained a correct checksum (CRC)
“1b” indicates the most recent command block contained an error
Bit 5 (Reserved) Always "0b". This bit is reserved for f uture use. (1)
Bit 6 (RRDY) "0b" indicates the response memory buffer is empty
“1b” indicates the response m emory buffer is ready to read
Bit 7 (EERR) "0b" indicates the most recent command did not generate an error during execution
“1b” indicates the most recent command generated an execution error
Notes: 1. When the SPI RDSR command is used to read the STATUS register during an EEPROM write or during
execution of any ATAES132 comman d, then status bit s 0 - 7 are "1b"s (See Sec tion K.3.6). When the STATUS
register is re ad from address 0xFF F0 under the same cir cumstances, the res erved bits will read as 0b.
2. STAT US register bits 0 - 7 are "1b"s during wakeup. During the first phase of wakeup (tPU.STATUS), the SO pin is
tri-stated and any attempt to read it will be system-dependent. See Appendix L for addi tional information.
The device status register can always be read when the ATAES132 is configured for SPI interface mode, even when the
ATAES132 is pr ocessing a command or writing the EEPROM. When the ATAES132 is configured for I2C interface mode, the
random read command can only be used t o read the STATUS regi s ter when the devi c e address is ACKed.
If the ATAES132 is in the sleep or standby power state, r eading the STATUS register forces the ATAES132 to wakeup – the
STATUS register is 0xFF until the wakeup process is complete.
Atmel ATAES132 Preliminary Datasheet 96
8760A−CRYPTO−5/11
G.1.2. WIP Status Bit [0]
The WIP status bit is used to indicate the device is busy or a "W rite is In Progress". If WIP = 0b, then the ATAES132 is in the
active state and is waiting to receive a command. If WIP = 1b, then A TAES132 is in the active state and is perf orming an
EEPROM write, or is processing an ATAES132 command.
G.1.3. WEN Status Bit [1]
If the ATAES132 is conf igured in I2C interf ace mode, then the WEN status bit is always 0b (See Appendix J for I2C
information).
If the ATAES132 is c onfigured in SPI interface mode, t hen the WEN status bit is 0b after the device initially powers up or exits
the sleep state (See Appendix K for SPI interface information). When WEN = 0b the user memory is write protected, and any
attempt to write the user memory using the SPI WRITE command will fail. The host must send an SPI WREN command to the
device to set WEN = 1b prior to each SPI WRITE comm and.
If the ATAES132 is c onfigured in SPI interface mode, then the WEN status bit will return t o 0b when any write instruction is
received. The WEN status bit can be forced to 0b by sending a SPI WRDI comman d ( See Section K.3.3), or by sending a
RESET command (See Section 7.23), or by putting the device in the sleep state. Powering the device off will reset the WEN
bit to 0b. The SPI READ command and SPI RDSR command do not affect the stat e of the WEN bit.
It is not necess ary to set WEN = 1b pr i or to writing to the command memory buffer or the IO address reset register (See
Appendix D). Writing the command memory buff er or the IO address reset register forces WEN to 0b.
G.1.4. WAKEb Status Bit [2]
The WAKEb status bit is 0b when the ATAES132 has c ompleted a power up sequence and is in t he ACTIVE stat e. WAKEb is
1b when the ATAES132 is in t he sl eep or standby stat e, or is in the process of waking up.
Note: Reading the STATUS register will cause a device i n the sleep state or standby state to wakeup. (See Appendix
L for power state and power management information.)
G.1.5. CRCE Status Bit [4]
The CRCE status bit is set to 1b if a block is received with a s hort count, bad checks um, or if the block c aus es a buffer
overrun. If only the checksum (C RC ) was incorrect, t hen the block may be res ent without change. If the command memory
buffer contains a partial command block, then the CRCE status bit is 1b and all other status bits are 0b. This indicates that the
correct checksum has not yet been received.
The EERR bit wi ll r emain 0b when a chec k sum error occurs and the response memory buffer will remain empty because these
errors do not result in a ReturnCode being generated. If a buffer ov errun occurs, then t he CRCE and EERR bit s will be set to
1b.
G.1.6. RRDY Status Bit [6]
The RRDY status bi t is 0b when the response memory buff er is empty. If RRDY = 1b, then the response memory buffer
contains a response block or a ReturnCode resulting from the most recent command or command block received (See Section
D.3 for response memory buffer inf ormation).
G.1.7. EERR Status Bit [7]
If the command is pr ocessed without error, the EERR b it is set to 0b. When an y err or other than a checksum error occur s, the
EERR status bit is set to 1b to indicate an error. The host can read the error code (ReturnCode) from the response memory
buffer (addres s 0xFE00) using the READ command if the RRDY status bit is 1b.
Reading the STATUS registe r does not reset the status register bits or alter the r esponse memory buffer content s. Reading
the response memory buffer does not alter the contents of the response memory buffer or the STATUS register. R eading
beyond the en d of the response memory buffer will not cause the STATUS register bits t o change.
Atmel ATAES132 Preliminary Datasheet 97
8760A−CRYPTO−5/11
The EERR status bit will be set to 1b if an SPI or I2C read is attempted using an invalid address, or an address pointing t o a
protected portion of the memory. EERR will also be set to 1b if an SPI or I2C read begins at an authorized address, but
continues into protected memory. In both of these cases, the RRDY status bit is 0b and the response memory buf fer will
remain empt y because these errors do not generate a Retu r nC ode. Reading beyond the end of user zone F will not cause the
EERR bit to be s et to 1b.
Note: If an SPI or I2C read begins at an authorized address and continues into protec ted memory, the EERR b it will be
set to 1b.
G.1.8. Reserved Status Bits [3, 5]
The reserved status bits are always 0b when the AT AES132 is capable of accepting a command. The reserved st atus bits are
1b during power up and during wake up from the sleep stat e or the standby state.
G.2. STATUS Register Behavior in the I2C Interface Mode
The following sections describe the device behavi or and expected STATUS register values during commonly performed
operations. I n the I2C Interface mode, the ATAES132 will always NAK instructions containing a non-matching I2C device
address. The ATAES132 will ACK instructions with a matching I2C device address if the device is capable of ac c epting an
instructio n. See Appendix J for the I2C interface speci fications.
When the ATAES132 is busy or unable to respond for any reason, it will NAK a matching I2C device address. T he ACK/NAK
response to t he I2C device address oper ates similar to the way the WIP Status bit changes value in SPI Interface mode.
G.2.1. Power Up
The ATAE S132 will NAK all inst ructions receive d dur ing power up to indicate that it is not ready to accept a command from the
host. When the power up proc ess is complete ( after time tPU.RDY), then the ATAES132 will enter the state specified by
ChipConfig Register bits 6 and 7 – the active state, the standby state, or the sleep state (see Section L.2.1). In I2C Interface
mode, it is imp ossible to read the STATUS register unt il the completion of power up.
Upon completion of power up, the command memory buffer is empty, the response memory buffer are all 0xFF's, and the
ChipState = 0x FFFF. The default EEPROM address is set to 0x0000, and the command and response memor y buffer
pointers are set to the base address of the buffers. If the device is config ur ed to enter the active state at power up, then the
STATUS will be 0x00 as shown in Table G-3.
Table G-24. Aft er power up to the active stat e, the STATUS register c ontains:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
Bit 1 (WEN) "0b" indicates the device is in I2C interface mode
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "0b" indi cates no checksum error
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "0b" indicat es the response memory buffer is empty
Bit 7 (EERR) "0b" indicates no errors during execution
Atmel ATAES132 Preliminary Datasheet 98
8760A−CRYPTO−5/11
If the device is configured to enter the sleep state, then the ATAE S132 will NAK any attem pt to read the STAT U S at the
completion of power up as described in Section G.2.2. If the device is configured to enter the standby state, then the
ATAES132 will NAK any attempt to read the STATUS at the completion of power up as described in Section G.2.3 – ChipState
will remain 0xFFFF in the standby state.
Note: ACK polling or attempting to read the STATUS register after power up is completed will cause the dev ice to
WakeUp.
G.2.2. WakeUp from Sleep
The ATAE S132 will NAK all inst ructions receive d dur ing WakeUp from the sleep power state to indicate that it is not read y to
accept a command from the host. When the WakeUp proce s s is complete (aft er time tWupSL.RDY), then the ATAES132 will
enter the active state. In I2C interface mode, it is im possible to read the STATUS register until the completion of WakeUp.
Upon completion of WakeUp from sleep, the command memory buffer i s empty, the response memory buffer are all 0 xFF' s,
and the ChipSt ate = 0x5555. The default EEPROM address is set to 0x0000, and the command and response memor y b uffer
pointers are set to the base address of the buffers. Upon completion of WakeUp, the STATUS will be 0x00 as shown in Table
G-3.
G.2.3. WakeUp from Standby
The ATAE S132 will NAK all inst ructions receive d dur ing WakeUp from the standby power state to indi cate that it is not r eady
to accept a command from the host. When the WakeUp process is complete (after time tWupSB.RDY), then ATAES132 will enter
the active state. In I2C Interface mode, it is impossible to re ad the STATUS register until the completion of WakeUp.
Upon completion of WakeUp from standby the command memory buffer is empty, and the response memory buffer are all
0xFF's. The ChipS tate will be t he value it had prior to entering the standby state. Upon completion of WakeUp the STATUS
will be 0x00 as shown in Table G-3.
G.2.4. Read STATUS Register
To read the STATUS register the host sends a Random Read memory instruc tion (RREAD) with a starting address of 0xFFF0
when ATAES132 ACKs the I2C device address. Readi ng the STATUS register does not increment the read address, so the
host can poll the STATUS by read ing any number of bytes beginning with address 0xFFF0.
Reading the STATUS register does not change the command memory buffer contents or t he response memory buffer
contents. Rea di ng the STATUS register do es not change the command memory buffer pointer or the response memory buffer
pointer. Reading the STATUS register does not c hange the STATUS register.
G.2.5. Read User Memory
The ATAES 132 i ns tructions for dir ec tly reading the user memory are identical to the standard Atmel Serial EEPROM
instructio ns . The host can send a read memory instruction (READ, RREAD, SREAD) whenever the ATAES132 ACKs the I2C
device address. If the address being read is valid and access is not prohi bited, then the contents of that byte will be retur ned
to the host. I f the ad dress is invalid, or access is prohibited for any reason, then 0xFF will be returned to the host in place of
the prohibit ed byte.
A read operati on begins with an I2C s tart condition and ends with an I2C NAK by the host. If one or m ore bytes are acces sed
during the read operation at an invalid or protected address, then the EERR bit will be s et to 1b (see Table G-4). If all bytes
accessed by t he read operatio n ar e valid and the host s atisfied the required access cond itions, then the E ERR bit will be set to
0b. The contents of the command memory buffer and the response memory buff er will remain unchanged.
Note: If an I2C read begins at an aut horized address and c ontinues into pr otected memory, the EERR bit will be set to
1b.
Atmel ATAES132 Preliminary Datasheet 99
8760A−CRYPTO−5/11
Table G-25. Aft er an I2C read memory operation, the STATUS register contains:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a c ommand
Bit 1 (WEN) "0b" indicates the device is in I2C interface mode
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "0b" indi cates no checksum error
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "0b" indicates the response memory buffer is unchanged(1)
Bit 7 (EERR) "0b" indicates no errors during execution of the read operation
"1b" indicates 0xFF was returned in place of one or more invalid or prohibited byte s read
Note: 1. A read memory operation does not change the contents of the response memory buffer. The EERR status bit is
used to indicate success, or to indicate an error. N o ReturnCode is generated by a memory read error.
G.2.6. Write Us er Mem ory
The ATAES 132 i ns tructions for dir ec tly writing the user memory are identical to the standard Atmel Serial EEPROM. The host
can send a write memory instruction (BWRITE, P WRITE) whenever the ATAES132 ACKs the I2C device address. If the
address being written is valid, access requirements have been satisfied, and no pa ge boundaries are crossed, then the data
provided by th e host will be writt en after the host generates an I2C stop condition. If the address is i nv alid, or access is
prohibited f or any reason, then the ATAES132 will discard the data and no EEPROM write will occur.
A memory write operation begins with an I2C start condition and ends with a I2C stop c ondition by the host. If the host does
not provide a n I2C stop condition, then no write will occ ur , no ReturnCode wil l be generated, and t he STATUS is 0x00 to
indicate the ATAES132 is waiting for a command.
If the host prov i des the required I2C stop condition, then the ATAES132 will NA K the I2C device address during the EEPROM
write operation. When the write operation is complete, then ATA E S132 will ACK the I2C device a ddress.
Upon completion of a memory write operation, the command memory buf fer is empty, and the response memory buffer
contains a ReturnCode. The c ommand and the response memory buffer pointers are set to the base address of the buffers.
The STAT US will be as shown in Table G-5.
Table G-26. Aft er an I2C write memory operation, the STATUS register contai ns:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a command
Bit 1 (WEN) "0b" indicates the device is in I2C interface mode
Bit 2 (WAKEb) "0b" indicat es the device is no t in the sleep or st andby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "0b" indi cates no checksum error
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "1b" indicates the response memory buffer contains a respons e block
Bit 7 (EERR) "0b" indicates no errors during execution of the write operation
"1b" indicates the write operation generated an error; see the ReturnCode for the cause
Atmel ATAES132 Preliminary Datasheet 100
8760A−CRYPTO−5/11
G.2.7. Write Command Memory Buff er
To write the command memory buffer, the host sends a write memory instruction (BWRITE, PWRITE) wit h a s tarting address
of 0xFE00 whe n the ATAES132 ACKs the I2C device address. A s each byte is written, the command memory buf fer pointer
increments by one.
A command block begins with the COUNT byte and ends with the two byte Checksum (see Section 6.1). If the entire
command block is not received, then t he device will not att empt to process the command and will not generate a response
block. The STATUS register will h ave the CRCE bit = 1b unt il the entire command bl oc k is received (as shown in Table G-6).
Table G-27. If the command memory buffer contains a partial command bloc k , the STATUS Regi s ter contains:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
Bit 1 (WEN) "0b" indicates the device is in I2C interface mode
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "1b" i ndicates a checksum error (The checksum has not yet been r eceived)
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "0b" indicates the response memory buffer is unchanged
Bit 7 (EERR) "0b" indicates no errors during execution of the command block (It was not executed yet)
If the host provides a complete command block , then the AT AES 132 will NAK the I2C device ad dr ess during comman d
processing. When command processing is complet e, then the ATAES132 will ACK the I2C device address.
If the command block contains a bad checksum, a short COUNT, or the block causes a buffer overrun, then t he C RCE bit of
the STAT US register will be set to 1b as shown in Table G-7. The response memory buffer will be unchanged because no
ReturnCode is generated by these error conditions. The EERR Status bit is 1b if a buffer ov errun error occurs. The EERR bit
is 0b if a bad checks um or short count error occurs.
If the Comman d Block contains a good checksum, then A TAES132 will process the command and load the response in the
Response Memory Buffer. Upon com pl etion of command p rocessing the RRDY bi t of the STATUS register is set to 1b as
shown in 0.
Table G-28. Aft er an I2C write c ommand memory buffer resulting in CRCE = 1b, the STATUS register contai ns :
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
Bit 1 (WEN) "0b" indicates the device is in I
2
C interface mode
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "1b" i ndicates a checksum error, short count, or command buffer overrun error
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "0b" indicates the response memory buffer is unchanged
Bit 7 (EERR) "0b" indicates no errors during execution of the command block (It was not executed)
"1b" indicates a command buffer overrun error
Atmel ATAES132 Preliminary Datasheet 101
8760A−CRYPTO−5/11
Table G-29. Aft er an I2C write command memory buffer resulting in CRC E = 0b , the STATUS r egister contains:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
Bit 1 (WEN) "0b" indicates the device is in I2C interface mode
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "0b" indi cates no checksum error
Bit 5 (Reserved) Al ways "0b"
Bit 6 (RRDY) "1b" indicates the response memory buffer contains a respons e block
Bit 7 (EERR) "0b" indicates no errors during execution of the command block
"1b" indicates the command block generated an error; see the ReturnCode for the cause
Writing the command memory buffer resets the response memory buffer pointer to the base address. Writing t he command
memory buffer does not change the response memory buffer contents until the entire comm and block is received and
processed.
The host can re-write the contents of the command memory buf fer by resetting the b uffer pointer (by writing the IO address
reset register) and sending a write memory instruc tion (BWRITE, PWRITE) with a starting address of 0xF E00.
Note: If the host mus t write the command memory buffer with more bytes than is required to send the command block
due to hard ware limitations, then the host should t ransmit 0xFF bytes after the checksum. The extra bytes will be
discarded by the ATAES132 and will not result in a buffer overrun, or any other error.
G.2.8. Read Resp onse Memory Buffer
To read the Re s ponse Memory Buffer the host sends a Random Read memory instruction (RRE A D ) with a starting address of
0xFE00 when A TAES132 ACKs the I2C devi c e address. The host can r ead any number of bytes from the Response Memor y
Buffer without causing an error. As each byte is read, the R es ponse Memory Buffer pointer increm ents by 1. If the host r eads
beyond the en d of the Response Block, then 0xFF will be returned for any byte after the Checksum.
Reading the Response Memory Buffer does not chan ge the Command Mem ory Buffer contents or the Response Mem ory
Buffer content s. Reading the Res ponse Memory Buffer r esets the Command M emory Buffer pointer to the base addr ess.
Reading the R esponse Memory Buf fer does not change the STATUS register.
The host can re-r ead the contents of the Response Memory Buffer by resetting the buffer poi nter (by writing the IO Address
Reset regist er ) and sending a Random Read memor y instruction (RREAD) with a starting address of 0xFE00.
G.2.9. Write IO Address Reset Register
To reset t he pointer for the command memory buffer and the pointer for the response memory buffer, the host s ends a write
memory instruction (BWRITE, or PWRITE) with a starting address of 0xFFE0. The IO address reset register c an be written
with 1 to 32 bytes of data without gen er ating an error – the data bytes will be ignor ed. The command and the r esponse
memory buffer pointers are set to the base address of t he buffers. The command memory buffer is empty, and the response
memory buffer contents are unc hanged. Writing t he IO address reset register changes the CRCE status bit to 0b – all of the
other STATUS bits are unchanged.
Atmel ATAES132 Preliminary Datasheet 102
8760A−CRYPTO−5/11
G.3. STATUS Register Behavior in the SPI Interface Mode
The following sections describe the device behavior and expected STATUS register values during commonly performed
operations. See Appendix K for the SPI interface s pec i fications. In SPI Interface mode, there are two ways to read the
STATUS register:
• Using t he SP I RDSR command, or
• Reading STATUS from address 0xFFF0
When the ATAES132 is busy or unable to respond for any reason, the WIP status bit is 1b......
G.3.1. Power Up
The ATAES132 will .......... during power up to indicate that it is not ready to accept a c ommand from the host. When the
power up pr oc ess is complete (after time tPU.RDY), then the ATAES132 will enter the state specif ied by ChipConf i g Register bits
6 and 7 (see Section L.2.1): the active state, the standby state, or the sleep state.
Upon completion of power up, the command memory buffer is empty, the response memory buffer are all 0xFF's, and the
ChipState = 0x FFFF. The default EEPROM address is set to 0x0000, and the command and response memory buffer
pointers are set to the base address of the buffers. If the device is co nfigured to enter t he active state, then the STATUS will
be 0x00 as shown in Table G-9.
Table G-30. Aft er power up to the active state, the STATUS register contains:
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a command
Bit 1 (WEN) "0b" indicates the device is not write enabled
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
Bit 3 (Reserved) Always "0b"
Bit 4 (CRCE) "0b" indi cates no checksum error
Bit 5 (Reserved) Always "0b"
Bit 6 (RRDY) "0b" indicates the response memory buffer is empty
Bit 7 (EERR) "0b" indicates no errors during execution
If the device is configured to enter the sleep state, then the STAT U S will be 0xFF at the complet i on of power. If the device is
configured to enter the standby state, then the STATUS will be 0xFF?? at the completion of power up – ChipState will remain
0xFFFF in the standby state.
Note: Reading the STATUS register after power up is c ompleted will ca us e the device to Wak eU p
Atmel ATAES132 Preliminary Datasheet 103
8760A−CRYPTO−5/11
Appendix H . Understanding the Non-Reversi ble Monotonic Counters
Each monotonic counter can i nc rement up to a value of 2,097,134 using t he count command, af ter which, c an be no longer
changed. Counters attached t o k eys are also incremented each time the key is used – when the counter reaches its l imit the
key is disabled. The value in the c ounter can never be reset or lowered. The counters include a power interruption protection
feature to prevent corruption of the count value if power is removed duri ng the increment operation.
On shipment f rom Atmel, the counter r egisters are i nitialized to their lowest value. The initial value of each counter may be
written to a different value at per s onalization , prior to locking the configuration.
H.1.1. Monotonic Counter Registers
Each monoton ic counter register contains two count values to prevent the count value from being corrup ted if power is
interrupted during a counter increment operat ion. Each count value is stored as a combination of two count fields:
1. Counter A is stored in LinCountA and BinCountA
3. Counter B is stored in LinCountB and BinCountB
Table H-1 shows t he location of t he count fields within the counter register in configuration memory.
Table H-31. Partial configuration memory map showing counter register field locations
Address 0h 1h 2h 3h 4h 5h 6h 7h
F100h-F107h Counter 00
LinCountA LinCountB BinCountB BinCountA
The counter registers can alwa ys be r ead from the confi guration memory usi ng the Block Read command. However, the count
command is the pr eferred method of r eading the counters. When the counter is read using the c ount command, the
ATAES132 aut omatically selects the appropr i ate counter register fields and returns them to the host in the response packet.
See Section 7.5 for the counter command.
H.1.2. Reading the Monotonic Counters
The counter command is the recomm ended method for rea di ng a counter. The counter command returns a 4 byte
CountValue f i eld which is format ted as shown in T abl e H-2. Optionally, t he counter command can also return a MAC f or
cryptographic authentication of the CountValue. The definition of the CountVal ue field is shown in Table H-3. See Sect ion 7.5
for the counter command.
Table H-32. CountValue field
Byte 0 Byte 1 Byte 2 Byte 3
LinCount CountFlag BinCount
The CountVal ue contains a linear counter fiel d ( Li nCount), a binary counter field (BinCount), and the CountFlag field. The
CountFlag field indicates if the counter value wa s read from the Count er A or Counter B EEPRO M location. CountFlag also
indicates if the eight bit LinC ount field is the Mos t Significant Byte (MSB) or Least Significant Byte (LSB ) of the 16 bit LinCo unt
field in EEPROM. If the LSB of LinCou nt has been returne d, then the LinCount field value is one to ei ght; if the MSB of
LinCount has been returned, t hen the LinCount fiel d v alue is 9 to 16.
Atmel ATAES132 Preliminary Datasheet 104
8760A−CRYPTO−5/11
Table H-33. Definition of th e CountValue field in the response to the counter command
Byte Name Description
0 LinCount Contains t he eight bit linear c ounter value identified in the CountFlag field
1 CountFlag If 0x00 the n, LinCount contains the LSB of LinC ountA
BinCount contains the BinCo untA value
If 0x02 then, LinCount contain s the MSB of LinCountA
BinCount contains the BinCo untA value
If 0x04 then, LinCount contain s the LSB of LinCount B
BinCount contains the BinCo untB value
If 0x06 then, LinCount contain s the MSB of LinCountB
BinCount contains the BinCo untB value
All other values are reserved for future use
2 BinCount (LSB) Contains the Least Significant Byte of t he binary counter identified in the CountFlag
field
3 BinCount (MSB) Contains the Most S i gnificant Byte of the binary counter identified in the C ountFlag
field
The equivalent decimal value of the counter can be determined using the c ounter calculator in the Atmel Crypto Evaluation
Studio, (ACES) configuration environment. Sample code is also available for decodin g the counter value. B oth are available
as free downl oads at www.atmel.com.
H.2. Personalizing the Monontonic Counters
The counter registers are personalized with init ial values prior t o locking the configuration memory. The standard Serial
EEPROM write commands are used to write t he c onfiguration memory (see Section 5.3.3). The loc k command is used to loc k
the configurat ion memory (see Sec tion 7.19).
The initial values can be deter mined using the counter calculator in the ACES configur ation environment. ACES is available
for free download at www.atmel.com.
Atmel ATAES132 Preliminary Datasheet 105
8760A−CRYPTO−5/11
Appendix I. Cryptographic Computations
The ATAE S132 implements all its cryptographi c commands using A ES in CCM mode, with a 128 bit key length per NI ST
SP800-38C. CCM mode provides both c onfidentialit y and integrity checking with a single key. The integrity MAC includes both
the encrypted data and additi onal authenticate-only data byt es. The particular information authent i c ated with each c ommand is
described within the command desc r iptions in Section 7.
The device construction ensures that the nonce will be unique for each MAC calculated.
I.1. MacCount
The one byte MacC ount is stored in an internal regis ter and is used in the AES-CCM computations. Since MacCount changes,
it speeds up co mputation by eliminating the need to generate a new rand om nonce for every crypto computation. This register
is incremented prior to perform ing each MAC calculation.
The MacCount register is set to z er o when the nonce command is executed and is subsequently incremented prior to any
MAC computation being perform ed. Because of thi s , the value that will be used for calculating the first MAC of the first
command after the nonce command is MAC = 1.
There are two commands (Auth and KeyCompute) which can be configured to both verify a n i nput MAC and calcul ate an
output MAC. W hen either of these two commands is run i n dual authenticat ion mode, MacCount will be incremented twice.
The value of MacCount for a particular MAC calculation is always one gr eater than that us ed for the previous MAC c alculation.
After 255 MAC calculations, the device will invalidate the internal nonce and commands whi c h require a valid n once will fail. At
this point, a new nonce command m us t be run to generate a new nonce.
The MacCount is set to zero if an y of the following events occurs:
• The Nonce command is executed
• A MAC compare operation fails
• The MacCount reaches the maximum count
• A reset event occurs: power up (see Section L.3.2), WakeUp from sleep (see Section L.3.3), the reset command
(see Section 7.23), or a security tamper is activated, causing the hardware to reset
If there is a CRC er r or on the incoming command packet, then M ac Count will not be inc remented. If the device receives any
command that does not involve MA C c omputation the Mac Count will not be incremented.
If a cryptographic commands is received that involves MAC computation, then the MacCount will be incremente d regardless of
whether or not there is a subsequent success or failure of the command. The MacCount will als o be incremented r egardless of
whether or not the particular i nstance of the command uses the crypto gr aphic engine. If a command fails due to MAC
comparison failure then the nonce is invalidated and the MacCount register is s et to zero.
The current v al ue of this register should be known by the system; however, it may also be r ead out of the device us ing the Info
command at an y time ( See Section 7.12).
Atmel ATAES132 Preliminary Datasheet 106
8760A−CRYPTO−5/11
I.2. MacFlag
To prevent spoofing of the MAC val ue, a flag byte is included in each MAC calculation. MacFlag provid es information about
the state of t he device during the MAC c alculation.
Table I-34. Definition of the M ac Flag bits
Bit # Name Notes
0 Random I f 1b, then the nonce comm and was run with t he RN G enabled and the nonce is
guaranteed to be unique
If 0b, the nonce value has been sent to the device by the system and may not be unique
1 Input This bit is 1b for MAC v al ues that are sent to the device as inputs
This bit is 0b for MAC values output by the ATAES132
3-7 Zero All bit s must be 0b
I.3. MAC Generation
The following example sho ws how the integrity MAC is calculated for an authenticat i on operation requiring up to 14 bytes of
authenticate-only data. This oper ation involves three passes thr ough the AES crypto engine, all three using the same key. If
there are more than 14 bytes of authenticate-only data, then another pass through the AE S crypto engine is required.
There are two passes through the AES c rypto engine in CBC m ode to create the cl ear text MAC. The inputs to the crypto
engine for those blocks are labeled B0 and B1, and the o utputs are B’0 and B’1 respectivel y.
B0 is composed of the following 12 8 bits:
1 byte flag, fix ed value of b0111 1001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte length field – always 0x00 00 for authentication only
B1 is the XOR of B’0 with the follo win g 128 bits:
2 byte length field, size of authenticate-only data
14 byte data to be authenticated only
B’1 is the cleartext MAC, which must be encrypted befor e being sent to the system
There is one additional pass t hr ough the AES cr ypto e ngine in CTR mode to create the key block t hat is used to encry pt the
MAC. The input to the crypto engine for this block is labe l ed A0 and the output i s A’0. A’0 is the MAC s ent to the system as the
output paramet er of the Auth command.
A0 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by AT AES132 during nonc e command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 0 for A0
A’0 is XOR’d with the cleartext M AC (B’1) and sent to t he system
Input integrity MACs for Auth, counter, KeyCompute, and lock are als o calculated using this procedur e. If the input MAC does
not match A’0, then the command returns an AUTH error.
Atmel ATAES132 Preliminary Datasheet 107
8760A−CRYPTO−5/11
I.4. Data Encryption
The following example sho ws how the encrypted data and integrity MAC are calculated for a 128 bi t data read from the device
with up to 14 bytes of authenticate-only data. This operation involves five passes t hrough the AES crypto engine, all five using
the same key. If there are more than 14 bytes of authenticate-only data a nd/or more than 128 b i ts of data being read, then
one, two or thr ee more passes through the AES crypto engine are required.
There are three pas ses through the AES crypto engine in CBC mode to create the cleartext MAC. The inputs to the crypto
engine for those blocks are labeled B0, B1 and B2, and the outputs are B’0, B’1 and B’2 respectively.
B0 is composed of the following 12 8 bits:
1 byte flag, fix ed value of b0111 1001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte length field – max 0x00 20 if 256 bits of encrypted data, min 0x00 01 f or one byte
B1 is the XOR of B’0 with the follo win g 128 bits:
2 byte length field, size of authenticate-only data
14 byte data to be authenticated only
B2 is the XOR of B’1 with the follo win g 128 bits:
16 bytes cleartext data
B’2 is the cleartext MAC, which must be encrypted befor e being sent to the system
There are two passes through the AES c rypto engine in CTR mode to create the key block that is used t o enc rypt the data and
the MAC. The input s to the crypto engin e for those blocks a r e l abeled A0 and A1, and the outputs are A’0 and A’1
respectively. A’0 and A’1 are the blocks sent to the system as the output parameters of the EncRead and dec rypt commands.
A0 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by th e nonce command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 0 for A0
A’0 is XOR’d with the cleartext M AC and sent to the s ystem
A1 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by AT AES132 during no nc e command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 1 for A1
A’1 is XOR’d with the cleartext data and sent to the s ystem
This sequenc e i s al s o used for the Encrypt command, in addi tion to EncRead.
Atmel ATAES132 Preliminary Datasheet 108
8760A−CRYPTO−5/11
I.5. Data Decryption
The following example sho ws how the encrypted data and integrity MAC are calculated for a 128 bi t data block writ e to the
device with up to 14 byt es of authenticate-only data. This operation involves five passes throug h the AES crypto engine, all
five using the same key. If there ar e m ore than 14 bytes of authenticate-only data and/or more than 128 bits of data being
written, then 1, 2 or 3 more passes through the AES cr ypt o engine are required.
There are two passes through the AES cr ypt o engine in CTR mode to create the key bloc k that is used to decrypt the data and
the MAC. The input s to the crypto engin e for those blocks a r e l abeled A0 and A1, and the outputs are A’0 and A’1
respectively. A’0 & A’1 are the blocks sent to the s ystem as the output para m eters of the EncRead and decrypt commands.
A0 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC gen er ation
2 byte counter field – always 0x00 0 0 for A0
A’0 is XOR’d with the encrypted in put MAC and stored in the internal SRAM as the MAC T
A1 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by AT AES132 during nonce command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 1 for A1
A’1 is XOR’d with the encrypted in put data and stored in t he internal SRAM as the message M
There are three pas ses through the AE S crypto engine in CBC mode to create the expected MAC valu e. The inputs to the
crypto engine for those blocks are labeled B0, B 1 and B2, and the outputs are B’0, B’1 and B’2 res pectively.
B0 is composed of the following 12 8 bits:
1 byte flag, fix ed value of b0111 1001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte length field – max 0x00 20 if 256 bits of encrypted data, min 0x00 01 f or one byte
B1 is the XOR of B’0 with the follo win g 128 bits:
2 byte length f ield, size of authenticate-only data
14 byte data to be authenticated only
B2 is the XOR of B’1 with the follo win g 128 bits:
16 bytes of cleartext message M
B’2 is the cleartext MAC. If this m atches the stored T value, then the write to memory proceeds. If there is no match, the
device returns an error flag and does not modify memory.
This sequenc e i s al s o used for the Decrypt and KeyLoad com mands, in additio n to EncWrite.
Atmel ATAES132 Preliminary Datasheet 109
8760A−CRYPTO−5/11
I.6. Auth Command MAC
The MACs are c alculated using t he following 14 bytes in the default aut henticate-only bl ock:
2 bytes ManufacturingID
11 bytes FirstBlock field containing:
1 byte Auth O pcode (0x03)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes 0x00
1 byte P adding of value 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.7. AuthCheck Command – Auth MAC
The Auth com mand MAC is calculated using the following 14 bytes in the default authenticate-only block:
2 bytes ManufacturingID
11 bytes FirstBlock field containing:
1 byte A uth Opcode (0x03)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes 0x00
1 byte P adding of value 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block i s included
in the MAC calcul ations.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
Atmel ATAES132 Preliminary Datasheet 110
8760A−CRYPTO−5/11
I.8. AuthCheck Command – Counter MAC
The counter c ommand MAC is calcul ated using the following 14 bytes in the default authenticate-only block:
2 bytes ManufacturingID
11 bytes FirstBlock field containing:
1 byte Counter Opcode (0x0A )
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes Count V al ue, the output parameter
1 byte P adding of value 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
I.9. AuthCompute Command – Auth MAC
The Auth comm and MAC is calculated us i ng the follo win g 14 bytes in the default authenticate-on l y block:
2 bytes ManufacturingID
11 bytes FirstBlock field containing:
1 byte A uth Opcode (0x03)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes 0x00
1 byte P adding of value 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
Atmel ATAES132 Preliminary Datasheet 111
8760A−CRYPTO−5/11
I.10. AuthCompute Command – Counter MAC
The counter c ommand MAC is calcul ated using the following 14 bytes in t he default authenticate-only block:
2 bytes ManufacturingID
11 bytes FirstBlock field containing:
1 byte Counter Opcode (0x0A )
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes 0x00
1 byte P adding of value 0 x0 0
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
I.11. BlockRead Command
The BlockRead command does not perform a cryptographic operation and does not use or generate a MAC.
I.12. Counter Command MAC
The InMAC is calculated using the following 14 bytes in th e default authentic ate-only block:
2 bytes ManufacturingID
1 byte Counter Opcode (0x0A)
11 bytes FirstBlock field containing
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes CountValue
1 byte 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the InMAC calculation.
4 bytes Usage counter value for MAC generation ke y, or 0x00 if not selec ted
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
Atmel ATAES132 Preliminary Datasheet 112
8760A−CRYPTO−5/11
The OutMA C is cal c ulated using the following 14 bytes in the default authenticate-only blo ck:
2 bytes ManufacturingID
1 byte Counter Opcode (0x0A)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
4 bytes CountValue, the output parameter
1 byte 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the OutMAC calculation.
4 bytes Usage counter value for MAC generation ke y, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.13. Crunch Command
The Crunch co mmand does not perfor m a cryptographic operation and does not use or generate a MAC.
I.14. DecRead Command
The MAC is calculated using the following 14 b ytes in the default auth enticate-only block :
2 bytes ManufacturingID
1 byte EncRead Opcode (0x04)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
I.15. Decrypt Command MAC
In normal decr ypt ion mode, the InMA C i s calculated using the follo wing 14 bytes in the def aul t authenticate-only block:
2 bytes ManufacturingID
1 byte Decrypt Opcode (0x07)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
Atmel ATAES132 Preliminary Datasheet 113
8760A−CRYPTO−5/11
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-onl y block is include d
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected o r if KeyID is VolatileKey
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.15.1. Client Decrypt MAC
In Client Decryption mode, the InMAC is calculated using the following 14 bytes in the default authenticate-only block :
2 bytes ManufacturingID
1 byte E ncrypt Opcode (0x06)
1 byte Mode
2 bytes Upper Byte = 0x00, Lower Byte = EKeyID
2 bytes Upp er Byte = 0x00, Lower Byte = Lower Byte of Param2
1 byte M acFlag = 0x01
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
4 bytes 0x00 if Usage counter value is not selected, or 0x00 if KeyI D i s VolatileKey
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
The device MacCount will be changed to the EMacCou nt value when a decrypt command is received with the client decryption
mode is selected. The EMacCount will be used when dec rypting the data and the MacCount will be incremented by the
decrypt operat ion. (After processing the command, the device MacCount will equal EMacCount plus one)
I.16. EncRead Command MAC
The OutMA C is cal c ulated using the following 14 bytes in the default authenticate-only blo ck:
2 bytes ManufacturingID
1 byte EncRead Opcode (0x05)
6 bytes Fir s tBlock field containing
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
Atmel ATAES132 Preliminary Datasheet 114
8760A−CRYPTO−5/11
I.17. EncRead Command Configuration Memory Signature MAC
The following example sho ws how the integrity MAC is calculated for a 512 byte (32 block ) certification of the data from the
configuratio n memory. This operation involves multiple passes through the AES crypto engine, all using the same key, KeyID
00. If the mode parameter indicates that there is an addition al block of authentic ate-only data, then another pass thr ough the
AES crypto engine is required.
There are 35 passes through the A E S crypto engine in CBC mode to create t he c l ear text MAC. The inputs to the crypt o
engine for those blocks are labeled B0, B1 and B2 …, and the outputs are B’0, B’1 and B’2 … respectively.
B0 is composed of the following 128 bit s:
1 byte flag, fix ed value of b0111 1001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte length field – always 0x00 00
B1 is the XOR of B’0 with the follo win g 128 bits:
2 byte length field, value of 528 or 544
14 byte ManufacturingID, Opcode, etc.
B2 is the XOR of B’1 with the follo win g 128 bits:
16 bytes counter+serial+small, if mode indic ates, otherwise this block does not exist
B3 is the XOR of B’2 with the following 128 bits:
First 16 bytes of config – in the clear
B4 is the XOR of B’3 with the following 128 bits:
Second 16 bytes of config – in the c lear
… and so on …
B’34 is the clear text MAC, which must be encrypted befor e being sent to the system
There is one p ass through the AE S crypto engine in CT R m ode to encrypt the MAC.
A0 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 0
A’0 is XOR’d with the clear text M AC and sent to the system
Atmel ATAES132 Preliminary Datasheet 115
8760A−CRYPTO−5/11
I.18. EncRead Command Key Memory Signature MAC
The following example sho ws how the integrity MAC is calculated for a 256 byte (16 block ) certificat i on of the data from the
key memory. This operation involves multiple passes through t he AES crypto engine, all using the same k ey, KeyID 00. If the
mode paramet er i ndicates that t here is an additional bloc k of authenticate-only data, then another pass through t he A ES
crypto engine is required.
There are 19 pas s es through the AES c rypto engine in CBC mode to create the clear text MAC. The inputs to the crypt o
engine for those blocks are labeled B0, B1 and B2 …, and the outputs are B’0, B’1 and B’2 … respectively.
B0 is composed of the following 12 8 bits:
1 byte flag, fix ed value of b0111 1001
12 byte nonce, as generated by the Nonce command
1 byte MacCount, 1 for first MAC generation
2 byte length field – always 0x00 00
B1 is the XOR of B’0 with the follo wing 128 bits:
2 byte length field, value of 272 or 288
14 byte ManufacturingID, Opcode, etc.
B2 is the XOR of B’1 with the follo win g 128 bits:
16 bytes counter+serial+small, if mode indic ates, otherwise this block does not exist
B3 is the XOR of B’2 with the following 128 bits:
First 16 bytes of config – in the clear
B4 is the XOR of B’3 with the following 128 bits:
Second 16 bytes of config – in the c lear
… and so on …
B’18 is the clear text MAC, which must be encrypted before being sent to t he system
There is one p ass through the AE S crypto engine in CT R m ode to encrypt the MAC.
A0 is com posed of the following 128 bits:
1 byte flag, fix ed value of b0000 0001
12 byte nonce, as generated by the nonce command
1 byte MacCount, 1 for first MAC generation
2 byte counter field – always 0x00 0 0
A’0 is XOR’d with the clear text M AC and sent to the system
Atmel ATAES132 Preliminary Datasheet 116
8760A−CRYPTO−5/11
I.19. Encrypt Command MAC
The OutMA C is cal c ulated using the following 14 bytes in the default authenticate-only block
2 bytes ManufacturingID
1 byte Encrypt Opcode (0x06)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is included
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected o r if KeyID is VolatileKey
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.20. EncWrite Command MAC
The InMAC is calculated using the f ol lowing 14 bytes in the default authe nticate-only block:
2 bytes ManufacturingID
1 byte EncWrite Opcode (0x05)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optional authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes Small Zone[0:3], or 0x00 if not selected
I.21. Info Command
The Info com mand does not perform a cryptographic oper ation and does not use or generate a MAC .
Atmel ATAES132 Preliminary Datasheet 117
8760A−CRYPTO−5/11
I.22. KeyCompute Command MAC
The input and output MACs are both calculated using the parent key.
Both MACs are c al c ulated using the following 14 bytes in the default authenticate-only blo ck:
2 bytes ManufacturingID
1 byte KeyCompute Opcode (0x08)
6 bytes Fir s tBlock field containing
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.23. KeyExport Command – KeyImport MAC
The MAC is calculated using the following 14 b ytes in the default auth enticate-only block :
2 bytes ManufacturingID
1 byte KeyExport Opcode (0x18)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
I.24. KeyExport Command – KeyLoad MAC
The MAC is calculated using the following 14 b ytes in the default auth enticate-only block :
2 bytes ManufacturingID
1 byte KeyLoad Opcode (0x09)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
Atmel ATAES132 Preliminary Datasheet 118
8760A−CRYPTO−5/11
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
I.25. KeyImport Command – KeyCompute MAC
The MAC is calculat ed using the following 14 bytes in the default authenti c ate-only block:
2 bytes ManufacturingID
1 byte KeyCompute Opcode (0x08)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ations.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
I.26. KeyImport Command – KeyExport MAC
The MAC is calculated using the following 14 b ytes in the default auth enticate-only block :
2 bytes ManufacturingID
1 byte KeyExport Opcode (0x18)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-onl y block is include d
in the MAC calcul ation.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
Atmel ATAES132 Preliminary Datasheet 119
8760A−CRYPTO−5/11
I.27. KeyLoad Command MAC
The InMAC is calculated using the f ol lowing 14 bytes in the default authe nticate-only block:
2 bytes ManufacturingID
1 byte KeyLoad Opcode (0x09)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is include d
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not select ed
4 bytes SmallZone[0:3], or 0x00 if not selected
I.28. KeyTransfer Command
The KeyTransfer command does not perform a c ryptographic operat i on and does not use or generate a MAC.
I.29. Legacy Command
The legacy command executes a single block of the AES engine with no input or output for m atting. This is k nown as ECB
mode, and can be us ed to perform vari ous AES encryption and/or authenti c ation operations . This command does n ot use the
nonce regist er value in the computation since the entire 16 byte AES engine input value comes from the input packet.
I.30. Lock Command MAC
If required due to the value of the mode parameter and Zon eC onfig[UZ].W r i teMode, the MAC is cal c ulated using the following
14 bytes in the def ault authenticat e-only block:
2 bytes ManufacturingID
1 byte Lock Opcode (0x0D)
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is inc luded
in the MAC calcul ation.
4 bytes Usage counter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x00 if not selected
4 bytes SmallZone[0:3], or 0x00 if not selected
The AES key used f or the MAC calculation is that specifi ed in ZoneConfi g[Zone].WriteID
Atmel ATAES132 Preliminary Datasheet 120
8760A−CRYPTO−5/11
I.31. Nonce Command
If the random nonce option is selected, then the internal random nonce is generated using the following function:
Block A is:
1 byte Nonce Opcode (0x01)
1 byte Mode
2 bytes 0x00
12 bytes Input Seed
Block B is:
2 bytes ManufacturingID
2 bytes 0x00
12 bytes Internally gene rated random number
AES is executed in ECB mode with an input value of A and a key of B. The output of the AES crypto engine is XOR’d wit h
Block A and the first 12 bytes of the r esult are stored in the internal nonce r egi s ter.
If the LockConfig register is unlocked (0x55), then the random number generator is latched in the t es t mode and the nonce
command will generate non-random values. If the LockConfig register is locked (0x00), then the random number generator
generates ra ndom numbers and the Nonce command functions normally.
I.32. NonceCompute Command
The random nonce is generated usi ng the following function:
Block A is:
1 byte Nonce Opcode (0x01)
1 byte Mode
2 bytes 0x00
12 bytes N once Register
Block B is:
2 bytes ManufacturingID
2 bytes 0x00
12 bytes R andom Seed
AES is executed in ECB mode with an input value of A and a key of B. The output of the AES crypto engine is XOR’d wit h
Block A and the first 12 bytes of the r esult are stored in the internal nonce r egi s ter.
I.33. Random Command
Generates a random number usin g the internal high quality random num ber generator and t he r andom number gener ation
procedure rec ommended by NIST in SP800-90 (see Appendix A).
I.34. Reset Command
The reset command does not perfor m a cryptographic operation and does not use or generat e a M AC.
I.35. Sleep Command
The sleep command does not perform a cryptographic operation and does not use or generate a MAC.
I.36. TempSense Command
The TempSense c ommand does not perform a cryptographic operation a nd does not use or generate a MAC.
Atmel ATAES132 Preliminary Datasheet 121
8760A−CRYPTO−5/11
I.37. WriteCompute Command
The MAC is calculated using the following 14 b ytes in the default auth enticate-only block :
2 bytes ManufacturingID
1 byte EncWrite Opcode (0x05)
6 bytes Fir s tBlock field containing:
1 byte Mode
2 bytes Param1
2 bytes Param2
1 byte MacFlag
5 bytes 0x00
If any of the optiona l authenticate fiel ds are selected in the mode parameter, then a second authenticate-only block is included
in the MAC calcul ation.
16 bytes SecondBlock field c ontaining:
4 bytes Usage c ounter value, or 0x00 if not selected
8 bytes SerialNum[0:7], or 0x0 0 i f not selected
4 bytes SmallZ one[0:3], or 0x0 0 if not selected
Atmel ATAES132 Preliminary Datasheet 122
8760A−CRYPTO−5/11
Appendix J. I2C Interface
The ATAES 132 two-wire serial interface is designed to interf ac e di r ectly to microcontrollers with I2C interface ports. The s erial
interface and cleartext read/write operations operate similar to the Atmel I2C Serial EEPROM.
The host sends ATAES132 extended commands to the device by writing the command pac k et to the command memory buffer
at address 0xF E00. The ATAES132 processes the comm and packet and places the response in the response memory buffer.
The host ret r i ev es the response by reading the response packet from address 0xFE00.
See Section G.2 for additional inform ation regarding the ATAES132 b ehavior in I2C interface mode. See Section J.6 for I2C
compatibil ity information.
J.1. I2C Serial Interface Description
When the ATAES132 is configured in I2C serial communication mode, t he serial interface operates as an I2C c ompatible
standard-mode I2C slave device as described in t his appendix. I2C is a s ynchr onous serial interface protocol that is a defacto
industry standard which is not formally document ed or controlled. Multiple I2C devices can s hare the data bus; however, each
I2C slave must have a u nique I2C device addr ess to prevent bus cont ention. SCK c lock frequencies up t o 1MHz are supported
by the ATAES132.
The serial interface communication mode is selec ted by programming the I2CAddr register in the configuration memory as
described in S ec tion E.2.15. The I2C device address i s al s o located in the I2CAddr register. The ATAES132 will only respond
to I2C instructi ons which have a matching I2C device address.
J.1.1. I2C Master
The I2C master devi c e generates the s erial clock and sends instructions t o the I2C slave devices. I n this specification, the I2C
master is usually referred to as the Host or the Host microcontroller.
J.1.2. I2C Slave
I2C slave devices receive the serial clock as an input, and receive instruct ions from the I2C master. I2C slaves can never
generate traf fic on the I2C interface, slaves can onl y res pond to instruct ions provided by the I2C master. The ATAES132
always operates as a slave. In thi s specification the slave is usual ly referred to as the client or the device.
J.1.3. I2C Device Address
Each ATAES132 has a 7 bit I2C device addres s (stored in the I2CAddr register, as descri bed in Section E.2.15) which is used
by the Host to direct commands t o a s pecific device on t he I2C interface. I2C devices will only respond to inst ructions with a
matching I2C device address. When the A TAES132 is in the s tandby state or sleep state, a matchin g I2C device address will
cause the device to wakeup (See App endi x L for power management sp ecifications) .
The LSB of t he I2C device address byte is the read/write operation select bit – a "read" operation is initiated if the R /W bit is
high and a "write" operation is initiated if the R/W bi t is low.
J.1.4. Relationship of Clock to Data
Data on the SDA pin m ay change only during SCK low time periods. Data changes during SCK high periods i ndicate an I2C
START or I2C STOP condition. The SDA pin is pulled high by an external resistor when no devices are driving the I2C data
bus. The timing requirements f or the clock and data signals are illustrated in Section J.7.
Atmel ATAES132 Preliminary Datasheet 123
8760A−CRYPTO−5/11
J.1.5. I2C START Condition
A high-to-low transition of SDA with SC K hi gh is an I2C START conditi on. An I2C START condition m us t precede the I2C
device address for any instruction. I2C START conditions are only gener ated when the Host is driving the bus – slaves are not
allowed to generate an I2C START condition.
The slave will reset its serial i nterface immediately when an I2C START condition is received. An I2C STA RT c ondition cannot
be follo wed immediately with an I2C STOP condition. Fi gure J-1 illustrates an I2C START condition.
J.1.6. I2C STOP Conditi on
A low-to-high transit ion of SDA with SC K hi gh is an I2C STOP conditio n. I2C STOP conditions are only generated when the
Host is drivi ng the bus – slaves are not allowed to generate an I2C STOP condition. Figure J-1 illustrates an I2C STOP
condition.
Figure J-1. I2C START condition an d I2C STOP condition definitions
SDA
SCL
POTSTRATS
J.1.7. I2C ACK
All addresses and data words ar e serially transmit ted to and from the ATAES132 in 8-bit words. The receiving I2C device
sends a zero (ACK ) during the ninth clock cycle to acknowledge receipt of each byte.
An I2C Host can use ackn owledge polling to monitor the progres s of an EEPROM write and to determine if the slave is ready
to accept a new instruction. See Section J.3.8 for a discussion of ACK polling.
J.1.8. I2C NAK
When the receiving I2C device fails to send a zero during the ninth clock c ycle to acknowledge t hat it has received a byte, then
SDA remains high due to the exter nal pull-up resistor. This generates a NO ACK (NAK) signal to the device sending the byte.
J.1.9. Data Format
All instructions and data on th e I2C bus must be formatted as eight bit byte s , followed by a ninth bi t (ACK or NAK) generated
by the receiving device. The MSB i s the first bit of each byte transmitted and received.
Atmel ATAES132 Preliminary Datasheet 124
8760A−CRYPTO−5/11
J.2. Pin Descriptions
When the ATAES132 is configured in the I2C interface communication m ode, the package pins are assigned the functionalit y
described in this section.
Note: The pin numbe rs listed here are the SOIC, TSSOP, and UDFN package pin numbers.
J.2.1. [Pin 1]
In the I2C communication mode, this pin is not used and should be tied to VCC or VSS. The state of this pin do es not affect the
functionality or active state power consumption of the ATAES132 when I2C communicatio n mode is selected.
J.2.2. SO [Pin 2]
In the I2C communication mode, this pin is not used in the default configur ation. It is always in the high impedance state. In
this configuration, the pin can be tied to VCC or VSS. The state of this pin does not affect the functionality or active state power
consumption of the AT AES132 when I2C communication m ode is selected.
If Auth signaling is enabled, t hen the SO pin functions as the AuthO si gnal output. In this c onfiguration th e AuthO signal is high
after a specified key is authenticated. The AuthO output is in the high impedance state when the device has not authenticated.
See Section J.5 f or the Auth signaling s pecifications.
J.2.3. N.C. [Pin 3]
No connect pi n. This package pin is not used and can be left open by the user. The state of this pin does not affect the
functionality or power consumption of the ATAES132.
J.2.4. VSS [Pin 4]
Ground
J.2.5. SI / SDA [Pin 5]
Bidirectional serial sata I/O pin. In the I2C communication mode, this pin functions as the serial data I/O (SDA). This pin is an
open drain buffer and may be wire ORed with any numb er of other open drain or open collector devices. The SDA pin must
be pulled high with an external r esistor for the I2C bus to oper ate correctly.
Data on the SDA pin m ay change only during the SCK low time periods. Data c hanges during SCK high periods indicate a I2C
START or I2C STOP condition. Data transfer on the SDA line is half-duplex as described by the I2C command definitions in
Section J.3; the host and client cannot s i m ultaneously drive the SDA line.
J.2.6. SCK [Pin 6]
Serial Clock input pin. In the I2C communication mo de, this pin is used as the serial interface clock (SCK). The SCK input is
used to transfer data in to the A TAES132 on the rising edge of clock and to transfer data out on the falling edge of c lock. The
ATAES132 never drives SCK because it is a standard-mode I2C slave dev i c e – slave device clock stretching is not s upported.
The SCK line i s high when the bus is id le.
If the I2C master uses a normal totem pole output to dr ive SCK, then no pu l l-up resistor is required on the SCK line. If the I2C
master uses an open drain or open col lector output to drive SCK, then an external pull-up resis tor i s required.
J.2.7. N.C. [Pin 7]
No connect pin. This package pin is not used and can be l eft open by the user. The state of this pin does not affect the
functionality or power consumption of the ATAES132.
J.2.8. Vcc [Pin 8]
Supply voltage. Power cannot be r em oved from the ATAES132 when the I2C interface is active. The device m ay be
permanently d amaged if the requi r ements in Section 9.1 and Section 9.3 are exceeded.
Atmel ATAES132 Preliminary Datasheet 125
8760A−CRYPTO−5/11
J.3. I2C Instruction Set
The ATAES 132 utilizes the Atmel A T24C32C Serial EEPROM instruction set. The ATAES132 I2C Instruction Set is s hown in
Table J-1.
Table J-35. I2C Instruction Set for the Atmel ATAES132
Instruction Name Operation
BWRITE Byte write. Writes one b yte to memory
PWRITE Page write. Writes 2 to 32 bytes to memory
READ Read. Reads data from memory starting at the current address
RREAD Random read. Reads data from memory starting at the specified address
SREAD Sequential read. Reads additional data from memory
SRESET Software reset . Resets the internal memory addres s counter to 0000h
If the ATAES132 receives an invalid or undefined instruction code it will be ignored and the associated data bytes will be
discarded. When any error occurs, the EERR bit of the STATUS register is set to 1b to indicate an error. The host can read the
error code from the response memory buffer at address 0xFE00 using the READ command.
J.3.2. Byte Write (BWRITE)
A byte write operation requires two 8-bit data word addresses following the I2C device address byte. Up on receipt of the
START condition and device address, the ATAES132 will respo nd with I2C ACK and then c lock in the two address bytes
(ACKing each byte). The ATAES132 will ACK the recei pt of the data byte f rom the Host. The hos t microcontroller must
terminate the write sequence with a STOP condition t o initiate the write operation.
At this time, the EEPROM enter s an internally-timed write cycle to the nonvolatile memory. All inputs are disabled during this
write cycle a nd the EEPROM will NAK the device addres s until the write is complete.
If the Host t ransmits an invalid address, the EEPROM will NAK the second address byte and any data bytes .
When any erro r occurs, the RRDY and E E RR bits of the STATUS register are set to 1b to indicate a n error. The Host can
read the error code from the response memory buffer (address 0xFE00) u s i ng the RREAD command. If the command is
processed without error, the EERR bit is set to 0b. Reading the response memory buffer does not reset the error c ode or the
STATUS register .
Figure J-2. Byte write
S
T
A
R
T
W
R
I
T
E
S
T
O
P
DEVICE
ADDRESS FIRST
WORDADDRESS SECOND
WORDADDRESS DATA
SDA LINE
M
S
B
L
S
B
A
C
K
R
/
W
M
S
B
A
C
K
A
C
K
A
C
K
L
S
B
J.3.3. Page Write (PWRITE)
The ATAE S132 is capable of 32-byte page writes. A page write is initiated the same way as a byte write, but the host
microcontr oller does not send a STOP condition after the first dat a byte is clocked i n. Instead, after t he device ACKs receipt of
the first data byt e, the host microcontroller can trans mit up to 31 more dat a bytes (each byte will be ACKed by the ATAES132).
The EEPROM will respond with an I2C AC K after each data byte is received. The Host must terminate the page write
sequence with a STOP conditi on. The data address is internally incr em ented follo wing the receipt of eac h data byte.
Atmel ATAES132 Preliminary Datasheet 126
8760A−CRYPTO−5/11
If more than 32 bytes of data are transmi tted or the page boundary is crossed, then no data will b e written.
If the host transmits an invalid word address the EEPROM will NAK t he second address byte and all data bytes.
When any erro r occurs, the RRDY and E E RR bits of the STATUS register are set to 1b to indicate a n error. The host can r ead
the error code from the response memory buffer ( addr ess 0xFE00) using the RREAD command. I f the command is proces s ed
without error, the EERR bit is set to 0b. Reading the r esponse memory b uffer does not reset the error code or the STATUS
register.
Figure J-3. Page write
t
SDA LINE
S
T
A
R
T
W
R
I
T
E
DEVICE
ADDRESS FIRST
WORDADDRESS (n) SECOND
WORDADDRESS (n) DATA (n) DATA (n + x)
M
S
B
L
S
B
A
C
K
R
/
W
A
C
K
A
C
K
A
C
K
A
C
K
S
T
O
P
J.3.4. Current Address Read ( READ)
The internal d ata byte address counter maint ai ns the last address accessed during the last read or write operation,
incremented b y one. This address stays valid bet wee n operations as long as the device po wer is maintained.
To perform a current address read, the host sends the device address with the read/write select bit set to one (READ), this
byte is ACKed by the EEPROM. Then the host clocks out the data byte locat ed at the current address. After the byte is
received, the host responds with an I2C NAK and a following STOP c ondition to terminate t he read operation.
When any erro r occurs, the EERR bit of the STATUS register is set to 1b to indic ate an error. If the command is proces s ed
without error the EERR bit is set to 0b.
Figure J-4. Current address read of one data byte
SDA LINE
S
T
A
R
TDEVICE
ADDRESS
R
E
A
D
S
T
O
P
M
S
B
L
S
B
A
C
K
R
/
W
N
O
A
C
K
DATA
J.3.5. Random Read (RREAD)
A random read requires a “dummy” byte write sequence to load in the data byte address. Once t he device address and data
byte address are clocked in and ack nowledged by the ATAES132, the host microcontroller must generate another st art
condition. The microcontroller then initiates a current address read by sending the device address with the read/write select bit
high (READ). The ATAES132 I2C ACKs the device address and serially clocks out the data byte. After the byt e i s received, the
host responds with an I2C NAK and a following STO P condition to terminate the read operation.
If the host t r ansmits an invalid word address the EEP ROM will NAK the second address byte.
When any erro r occurs the EERR bit of the STATUS register is set to 1b to indicate an error. If the command is processed
without error the EERR bit is set to 0b.
Atmel ATAES132 Preliminary Datasheet 127
8760A−CRYPTO−5/11
Figure J-5. Random read
SDA LINE
S
T
A
R
T
S
T
A
R
T
W
R
I
T
E
DEVICE
ADDRESS DEVICE
ADDRESS
1st, 2nd WORD
ADDRESS n R
E
A
D
S
T
O
P
M
S
B
L
S
B
A
C
K
R
/
W
N
O
A
C
K
DATA n
DUMMY WRITE
A
C
K
A
C
K
J.3.6. Sequential Read (SREAD)
Sequential reads are initiate d by either a current address read or a random read. After the host microcontroller receives a data
byte, it responds with an I2C ACK. As l ong as the EEPROM recei v es an acknowled ge, it will continue to increment t he data
byte address and serially clock out sequential data bytes. The sequential read operat i on is terminated when the
microcontr oller responds with an I2C NAK and a following STOP c ondi tion.
When any erro r occurs, the EERR bit of the STATUS register is set to 1b to indic ate an error. If the command is proces s ed
without error the EERR bit is set to 0b.
Note: If an I2C read begins at an authorized address and continues into protected memory, the EERR bit will be set to
1b. Attempting to read protected memory will result in 0xFF data returned to the host for each protected byte
address.
Figure J-6. S equential read
SDA LINE
DEVICE
ADDRESS
R
E
A
D
A
C
K
A
C
K
A
C
K
S
T
O
P
A
C
K
R
/
W
N
O
A
C
K
DATA n DATA n + 1 DATA n + 2 DATA n + 3
J.3.7. Software Reset (SRESET)
After an interr uption in protocol , power loss or system reset, the ATAES132 in I2C interface mode can be protocol reset by
following t hese steps:
• Send a START condition
• Clock 9 cycles
• Send another START condition followed by STOP condition as shown below
The device is ready for next communication after these steps have been completed. The internal data address is also reset to
0000h by this pr ocedure.
Atmel ATAES132 Preliminary Datasheet 128
8760A−CRYPTO−5/11
Figure J-7. Software reset
Start bit Stop bitStart bitDummy Clock Cycles
SCL
SDA
98321
The ATAES 132 requires that t he c l oc k be pulled low between the START c ondition and the STOP condition at the end of the
sequence as illustrated in Figur e J-7, it will not res et if this clock trans i tion is omitted. See Section J.4 for detail ed I2C interface
resynchronization instruct ions.
J.3.8. Acknowledge Polling
The host can initiate an acknowledge (ACK) polling immediately after a write command or the ATAES132 extended Crypto
command is transmitted. Acknowledge polling involves sending a START condition followed by the I2C device address. The
read/write bit of the I2C device address is representative of the operation desired by the host.
During an EEPR OM write operation, the AT AES 132 will NAK the I2C device address, indicating the device is "busy". When the
internal write cycle has completed, then the ATAES132 will ACK the I2C device address, allowing the read or write sequence
to continue. The ATAES132 also NAKs during the proces s ing of Crypto commands, so Acknowledge polling can als o be used
to determine when processing of the ATAES132 extended commands is complet e.
Figure J-8. Output acknowledge (I2C ACK)
SCL
DATA IN
DATA OUT
EGDELWONKCATRATS
9
8
1
J.4. I2C Interface Synchronization Procedure
If the host and cli ent I2C interfaces lose synchronizat ion for any reason, the host should s end c locks until SDA goes high,
followed by the SRESET command to reset the ATA E S132 interface. See Section J.3.7 for a description of the SRESET
command.
J.5. I2C Auth Signaling
The Auth signaling option allows an authentication signal (AuthO ) to be output by the ATAES132. Auth signaling is available
only in the I2C Interface mode in standard plastic pac k ages.
Atmel ATAES132 Preliminary Datasheet 129
8760A−CRYPTO−5/11
The Auth signaling option is controlled by two bits in the KeyConfig registers – the KeyConfig[KeyID]. AuthOut bit and the
KeyConfig[K eyID].AuthOutHold bit (see Tabl e J-2). By default Ke yConfig[KeyID].AuthOut bit is 0b f or all keys, disabl ing the
Auth signali ng option.
Table J-36. Auth signaling KeyConfig bit functio ns
AuthOut Bit AuthOutHold Bit Operation
1b X First successful Auth command forces AuthO high. Additional Auth comma nds do not
change AuthO, AuthO output remains latched high.
0b X Successful or unsuccessful Auth commands cause no Aut hO change
X 1b Authentication reset does not change the Aut hO output state
X 0b Authentication reset f or ces AuthO to the high impedance stat e
If the KeyConf ig[AKeyID].AuthOut bit is 1b for the authentication k ey (AKeyID) then A uth signaling is enabled for that k ey, the
AuthO signal is output on the SO pin. AuthO is latched hi gh after a successful inbound on ly authentication, or mutual
authentication using the Auth command (see S ec tion 7.1). AuthO will remain high until the device is powered off unless an
authentication reset is received.
If the KeyConfig[AKeyID].AuthOutHold bit is 0b for the key (AKeyID) used to execute an authent ication reset, then the AuthO
signal latch will be latched in the high impedance st ate when the command is received (with a correct checks um ). If
KeyConfig[A K eyID].AuthOutHold bit is 1b then A uthO will be uncha nged by execution of an authentication reset sequence.
An authenticat ion reset is an Auth command with mode bits 0 and 1 set to 00b. Knowledge of the ke y value is not required to
execute an authentication reset (see Section 7.1). The ATAES132 does not memorize t he KeyID used to activate Auth
signaling. E ac h Auth command is processed using t he K eyConfig[AKeyID] bits of the AKeyID in the command packet.
Auth signali ng is not a security feature. The AuthO s ignal does not reflect the real-time state of the AuthCom plete status f l ag.
The reset com mand, the sleep comm and, and the tamper det ectors will not c hange the state of A uthO. The state of the AuthO
latch is determined only by suc c ess or failure of the Auth command and the configuration of the KeyConfig bits. The Info
command should be used to determine the authentication status of the device (see Section 7.12).
The KeyConfig[AKeyID].AuthOut bit and the KeyConfig[AKeyID].AuthOutHold bit are ignored when the ATAES132 is
configured in SPI Interface mode.
J.5.2. Using the AuthO Output
When Auth signaling is enabled, the AuthO signal output is either a logic high or in the high im pedance state. AuthO can be
used to drive a n LED, or as a control signal to other circui try. When AuthO is used as a control signal a pull down resistor
should be used to transform the hig h impedance state int o a logic low.
J.6. I2C Compatibility
The ATAES 132 i s design to operate on a bus with other I2C c ompatible devic es. The ATAES132 is a standard-mode client
device capable of operating at clock speeds up to 1MH z (with bus timing scaled accordingly). The ATAES132 is not a fast-
mode or high-speed mode device.
This secti on li sts the I2C options or features which are not supported b y t he ATAES132. Any fe ature which differs from the I2C
specificat ion i s also listed.
• The ATAES132 does not perform client clock stretching
• The ATAES132 will not respond to an I2C “general call” command
• The ATAES132 may be damaged if the clock or data signal levels are above VCC. The power supply to the
ATAES132 cannot be switched off while the bus is active. All of the voltage limits in Section 9.1 must be respected.
Atmel ATAES132 Preliminary Datasheet 130
8760A−CRYPTO−5/11
• The ATAES132 inputs include Schmitt triggers and spike suppression, however, the outputs do not include falling
edge slope control.
• On I2C devices a START condition followed immediately by a ST OP condition is never permitted. On ATAES132
this sequence is permitted only as part of the SRESET command sequence (see Section J.3.7).
J.7. Timing Diagrams
Figure J-9. I2C synchronous data tim i ng (see Section 9.4.3 for I2C timing specifications)
SCL
SDA IN
SDA OUT
t
F
t
HIGH
t
LOW
t
LOW
t
R
t
AA
t
DH
t
BUF
t
SU.STO
t
SU.DAT
t
HD.DAT
t
HD.STA
t
SU.STA
Figure J-10. I2C write cycle timing
t
wr
(1)
STOP
CONDITION START
CONDITION
WORDn
ACK
8th BIT
SCL
SDA
Atmel ATAES132 Preliminary Datasheet 131
8760A−CRYPTO−5/11
Appendix K . SPI Interface
The ATAES 132 serial peripheral interface (S P I) is designed to interface directly to the microcontrollers using SPI Mode 0 or
Mode 3. IO and clear -text read/writ e operations operat e similar to the At mel SPI serial EEPROM.
The host sends ATAES132 comman ds to the device by writing the command p ac ket to the command memory buffer at
address 0xFE00. The ATAES132 processes the command packet an d places the response in the response memory buffer.
The host ret r i ev es the response by reading the response packet from address 0xFE00.
See Section G.3 for additional inform ation on the ATAES132 behavior in SPI inter face mode.
K.1. SPI Serial Interface Description
When the ATAES132 is configured in the SPI com m uni c ation mode, the serial interface operates as a Mode 0 and Mode 3
slave device a s described in this appendix. Serial peripheral interface (SPI) is a s ynchronous serial interface protocol that is a
defacto indust ry standard whi ch is not formall y documented or controlled. Multiple SPI devices can shar e the data bus,
however, each S P I slave must have a separ ate control line to prevent bus c ontention.
The serial interface communication mode is selec ted by programming the I2CAddr register in the configuration memory as
described in S ec tion E.2.15.
K.1.1. SPI Master
The SPI bus master device generates the serial clock and sends instruc tions to the SPI s l av e devices. In t his specification, the
bus master is u s ual ly referred to as the host or the host microcontroller.
K.1.2. SPI Slave
SPI slave devices receive t he serial clock as an input and receiv e i ns tructions from the bus master. SP I slaves can never
generate traf fic on the SPI bus, slaves can only res pond to instructi ons provided by the bus master. The ATAES132 always
operates as a s l av e. In this specification the slav e is usually referre d to as the client.
K.1.3. Relationship of Clock t o Data
The ATAE S132 supports two of the four standard SPI i nterface modes, Mode 0 and Mode 3.
In Mode 0, the default state of SC K i s l ow, and the data is clocked in (SI) on t he r i s i ng edge of the clock. Data out (SO)
changes on the falling edge of the c l oc k.
In Mode 3, the default state of SC K i s hi gh, and data is clocked in (SI) on the rising edge of the clock. Data out (SO) chang es
on the falling edge of the clock.
K.1.4. SPI Instruction Code
Each SPI command begins with the SPI master bring the input low to select the device, f ol lowed by transmission of an
eight bit SPI instruction code t o the SI input of the S P I slave. Follo wing the instruction code, additional bytes may be clocked
into SI or out of SO as required by the SP I command (see Secti on K.3 for SPI command definitions). When the exchange of
data bytes related to the SPI instruction code is c omplete, then the input is brought high to deactivate t he SPI slave
interface.
If an invalid instruction code is received, then the ATAES 132 will ignore any data r eceived on the data i nput pin (SI), and the
data output pin (SO) will remain in a high impedance state.
K.1.5. Data Format
All instructions and data on the SPI bus must be for matted as eight bit bytes. The MSB is the first bit of each b yte transmitted
and received.
Atmel ATAES132 Preliminary Datasheet 132
8760A−CRYPTO−5/11
K.2. Pin Descriptions
When the ATAES132 is configured in SPI communication mode, the package pins are assi gned the function ali ty described in
this section.
K.2.1. [Pin 1]
SPI chip select bar input pin. In SP I communication mode, this pin functi ons as the slave select input. ATAES132 is selected
when the pin i s l ow, allowing instructions and data to be accepted on the serial data input pin (SI), and allowing data to be
transmitted on the serial data output pin (SO). When the device is not selected, data will not be accepted via the SI pin, and
the serial output pin (SO) will r emain in a high impedance state.
When the ATAES132 is in the standby state or sleep state, a high-to-low tr ansition on the pin will cause the device to
wakeup (See Appe ndi x L for power management s pec i fications). It is recommended that the pin be connected to VCC with
a pull-up resistor so the pin follows VCC during po wer up and power down.
K.2.2. SO [Pin 2]
Serial data out pi n. In the SPI communi cation mode, this pin functions as the serial data output. When the pin is high, the
SO pin will always be in a high impedance state because the SPI interface is disabled.
K.2.3. N.C. [Pin 3]
No connect pin. This package pin is not used and can be left open by the us er. The state of this pi n does not affect the
functionality or power consumption of the ATAES132.
K.2.4. VSS [Pin 4]
Ground
K.2.5. SI / SDA [Pin 5]
Serial data i n pin. In the SPI comm uni cation mode, this pin functions as the serial data in put. When the pin is high, the SI
pin will not accepted data because the SPI interface is disabled.
K.2.6. SCK [Pin 6]
Serial clock input pin. In the SP I communication mo de, this pin is used as the serial interface clock. All data on the SI and SO
pins is synchronized by SCK as descr ibed in Section K.1.3.
K.2.7. N.C. [Pin 7]
No connect pi n. This package pin is not used and can be l eft open by the user. The state of this pin does not affect the
functionality or power consumption of the ATAES132.
K.2.8. Vcc [Pin 8]
Supply voltage. Power cannot be removed from the ATAES132 whe n the SPI bus is active. The device may be permanently
damaged if the r equi rements in Sect ion 9.1 and Section 9.3 are exceeded.
K.3. SPI Instruction Set
The ATAE S132 utilizes an 8-bit SPI instruction register. The SPI instruction set is listed in Table K-1.
Atmel ATAES132 Preliminary Datasheet 133
8760A−CRYPTO−5/11
Table K-37. SPI instruction set for the Atmel ATAES132
Instruction name Instruction code Operation
WRITE 0000 0010 b Write data t o memory
READ 0000 0011 b Read data from memory
WRDI 0000 0100 b Reset write enable register
RDSR 0000 0101 b Read status register
WREN 0000 0110 b Set write enable latch
If the ATAES132 receives an invalid instruction code or an invalid memory address, then no response will be s ent – the SO
output will remain in the high im pedance state. When any error occurs, the EERR bit of the STATUS register is set to 1b to
indicate an error. The host can read the error code from the response memory buffer at address 0xFE00 using the READ
command. Reading the response memory buffer does not reset the error code or change the STATUS.
K.3.2. Write Enable Comm and (WREN):
The device will power up in the write disable state when VCC is applied. All EEPROM write instructions must therefore be
preceded by a write enable instruction. I t is not necessary to send the write enable instruction prior to sending command
packets to the command memory buffer.
Figure K-11. SPI write enable (WREN) timing
SCK
SI
SO
CS
WREN OP-CODE
HI-Z
Atmel ATAES132 Preliminary Datasheet 134
8760A−CRYPTO−5/11
K.3.3. Write Disable Command ( WRDI):
The write enab le flag can be disabled by sending the write disable instruct ion.
Figure K-12. SPI write disable (WRDI) timing
SCK
SI
SO
CS
WRDI OP-CODE
HI-Z
K.3.4. Read Memory Comm and (READ):
Reading data from the ATAES132 requires the following sequence. The host drives t he line lo w to select a device and then
transmits the read instruction code on the SI li ne followed by the address of the b yte to be read. The cli ent ignores any data on
the SI line which follows a read memor y instr uc tion.
The client shifts out the data at the specified address on the SO line. I f only one byte is to be read, the line must be driven
high after the data byte comes out. If multiple bytes are to be read, the hos t can sequentiall y clock the data out of the
ATAES132 si nc e the byte address is aut omatically incremented. The line must be driven high by the host aft er the last data
byte is read. If the highest address is reached, the address counter will not roll over.
Figure K-13. SPI READ memory timing
SCK
SI
SO
CS
HIGH IMPEDANCE
INSTRUCTION
BYTE ADDRESS
DATA OUT
MSB
0 1 2 3 4 5 6 7 8 9
10 11 20 21 22 23 24 25 26 27 28 29 30 31
15 14 13 ...3210
7 6 5 4 3 2 1 0
When any erro r occurs, the EERR bit of the STATUS register is set to 1b to indicate an error. If the command is process ed
without error the EERR bit is set to 0b.
Note: If an SPI read beg ins at an authorized address, but continues into protected memory the E E R R bi t will be set to
1b
Atmel ATAES132 Preliminary Datasheet 135
8760A−CRYPTO−5/11
K.3.5. Write Memor y Command (WRI T E):
In order to write to the ATAES132, two separate ins tructions mus t be executed. Firs t, the device must be write enabled via the
write enable (WREN) instruction. Then a write memory instruction may be executed. All com mands received while a write
cycle is in progress will be ignored except the read status register (RDSR) instruction.
A write memory command requires t he following sequ ence. The host drives the line low to selec t a device and then
transmits t he write instruction code on the SI line followed by the addr es s of the byte to write and the 1 to 32 data b yt es to be
written. The byte address is automaticall y incremented as each byte is clocked in. The line must be driven high by the host
during the SCK l ow time immediately after clocking in the last data bit. The low-to-high transition of the pin initiated the
EEPROM write process. The SO pin remains i n the high impedanc e state during the entire write seque nce.
The ready/bus y status of the device can be determined b y initiating a read status regist er (RDSR) instruction. If the WIP status
bit is 1b, the write cycle is still in progress. If the WIP status bit is 0b, the write cycle has ended and the ATAES132 is ready to
accept a new command. Only the read status register (RDSR) instructi on is enabled during the EEPROM write cycle.
The ATAES132 is capable of a 32-byte page write operation. Aft er each byte of data is received, the data address is int ernally
incremented b y one. If more than 32 bytes of data are transmitted or if the page boundary is cross ed, then no data will be
written. The ATAES132 is automatically returned to the write disable state at the completion of a write cycle.
Figure K-14. SPI WRITE memory timing
SCK
SI
SO
CS
0 1 2 3 4 5 6 7 8 9
10 11 20 21 22 23 24 25 26 27 28 29 30 31
HIGH IMPEDANCE
INSTRUCTION
BYTE ADDRESS DATA IN
When any erro r occurs, the RRDY and E E RR bits of the STATUS register are set to 1b to indicate a n error. The host can r ead
the error code f rom the response memory buffer (addr ess 0xFE00) using the READ command. I f the command is processed
without error, the EERR bit is set to 0b. Reading the r esponse memory buffer does not re s et the error code or the S TATUS
register .
If the device is not write enabled ( WREN), the device will ignore the write instruction and will return t o the waiting for a
command. A n ew falling edge is r equired prior to the new instruction code.
K.3.6. Read Status Register Command (RDSR):
The read status register instr uc tion provides ac cess to the STATUS register. The ready/busy status of the device can b e
determined using the RDSR instruction. Alternately, the STAT U S register can be read directly from memory as described in
Section G.2.4.
If the ATAES132 is per forming an EEPRO M memory write or is processing a command when the STATUS read is performed,
then all eight bits are ones if the RD SR command is us ed to read the STATUS register, emulating the behavior of Atmel Serial
EEPROM. See Appendix G for a detailed des c ription of the STATUS register bits and status bit behavior.
Atmel ATAES132 Preliminary Datasheet 136
8760A−CRYPTO−5/11
Table K-38. Device status register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
EERR RRDY Reserved CRCE Reserved WAKEb WEN WIP
The device status register can always be read, even if the the ATAES132 i s processing a command or writing th e EEPROM.
The SPI RDS R command is the preferr ed method for rea ding the STATUS in SPI interface mode.
If the ATAES132 is in the sleep or standby power state, r eading the STATUS register forces the ATAES132 to wakeup – the
STATUS register is 0xFF until the wakeup process is c omplete.
Table K-39. Read status register bit definition usi ng S PI RDSR command(1)(2)
Bit Definition
Bit 0 (WIP) “0b” indicates the device is ready, waiting for a com mand
“1b” indicates a write cycle or a cryptographic oper ation is in progres s
Bit 1 (WEN) "0b" indicates the device is not SPI write ena bl ed
“1b” indicates the device is SPI write enabled
Bit 2 (WAKEb) "0b" indicates the device is not in the sleep or standby power state
“1b” indicates the device is in the sleep or standb y power state
Bit 3 (Reserved) Always "0b". This bit is reserved for f uture use.
(1)
Bit 4 (CRCE) "0b" i ndicates the most rec ent command bloc k contained a correct checksum (CRC)
“1b” indicates the most recent command block contai ned an error
Bit 5 (Reserved) Always "0b". This bit is reserved for fut ure use.(1)
Bit 6 (RRDY) "0b" indicates the response memory buffer is empty
“1b” indicates the response mem ory buffer is ready to read
Bit 7 (EERR) "0b" indicates the most recent command did not generate an error during ex ecuti on
“1b” indicates the most recent command generated an execution error
Notes: 1. When the SPI RDSR command is used to read the STATUS register during an EEPROM write or during
execution of any ATAES132 comman d, then status bits 0 - 7 are "1b"s. T he reserved bits will re ad as 0b if the
STATUS register is read directly from memory during an EEPROM write or during execution of an ATAES132
command.
2. STAT US register bits 0 - 7 are "1b"s during wakeup. During the first phas e of wakeup (tPU.STATUS), the SO pin is
tri-stated and any attempt to read it will be system-dependent. See for Appendix L additional information.
Atmel ATAES132 Preliminary Datasheet 137
8760A−CRYPTO−5/11
Figure K-15. SPI read status register (RDSR) timing
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14
INSTRUCTION
7 6 5 4 3 2 1 0
DATA OUT
MSB
HIGH IMPEDANCE
15
SCK
SI
SO
CS
Reading the STATUS registe r does not change the c ontents STATUS register or the contents of the response memory buffer .
K.4. Timing Diagram
Figure K-16. SPI synchronous data timing (see Section 9.4.4 for SPI Timing Specifications)
VOH
VOL
HI-ZHI-Z
tV
VALID IN
VIH
VIL
tH
tSU
tDIS
VIH
VIL
tWH
tCSH
VIH
VIL
tCSS
tCS
tWL
t
HO
SCK
SI
SO
CS
Atmel ATAES132 Preliminary Datasheet 138
8760A−CRYPTO−5/11
Appendix L. Power Management
The ATAE S132 contains several features which facilitate power management. This appendix describes the various power
states and features.
L.1. Power State Descriptions
The ATAE S132 has three powere d states, and the off s tate. Two low power states are availa ble to reduce po wer c onsumption
when the syst em is not using the ATAES132.
L.1.1. Active State
The ATAE S132 is in the active state after it has completed the power up proces s and is fully powered. The WIP status bit is 0b
when the ATAES132 is in the active state and waiting for a command. T he WIP status bit is 1b when the ATAES132 is in the
active state and processing a command or p er forming an EEPRO M write. (See Section G.1.2 for WIP Status Bit i nformation)
The supply current of the ATAES132 in the active state is several milliamps. (See Sec tion 9.3.1 for Ic c specifications)
An ATAES132 i n the Active State is c apable of accepting a command immediately if the WIP Status Bit is 0b. The I2C Timing
Specificat ions for the Active State are in Section 9.4.3. The SPI T i m i ng S pecifications for the Active Stat e ar e i n S ection 9.4.4.
L.1.2. Standby State
ATAES132 can enter the Standby St ate in two ways: 1. T he host can send a Sle ep c ommand to place A TAES132 into
Standby. 2. ATAES132 will automatically enter the Standby State at power up if configured to do so. (See Section L.2.1) The
Standby State preserves the ATAES132 volatile memory contents and the security state.
All eight Status Bits are 1b when ATAES132 is in the Standby State and during the wakeup pr ocess. (See Appendix G for
Status Bit information)
The supply current of ATAE S132 in the Standby Stat e i s several microamps (See Section 9.3.1 for ISB specifications)
An ATAES132 i n the Standby State is capable of reporting the device STATUS immediately, but cannot accept a c om mand
until the Wake up pr ocess is complet e. The Timing Specifi cations for exiting the Standb y State are in Section 9.4.2.
L.1.3. Sleep State
The ATAE S132 can enter the sleep state in two ways:
1. The host can send a sleep command to place the ATAES132 into standby
4. The ATAES132 will automatically enter the sleep state at power up if configured to do so. (S ee Section L.2.1)
The sleep state clears the ATAE S 132 volatile memory contents and the security state.
All eight status bits are 1b when the ATAES132 is in the sleep state and dur ing the wakeup process. (See Appen dix G for
Status Bit information)
The supply current of the ATAES132 in the standby state is less than one microamp. (See Section 9.3.1 for ISB specifications)
An ATAES132 in the sleep state is capab l e of reporting the device STATUS i m mediately, but c annot accept a comm and until
the wakeup pr ocess is complet e. The timing speci fications for exit ing the sleep state are in Section 9.4.2.
L.1.4. Off State
When the ATAES 132 device is unpowered or when VCC is significantly b elow the minimum VCC voltage, then the d ev ic e is in
the off state. A device in the off state cannot respond t o any commands.
Atmel ATAES132 Preliminary Datasheet 139
8760A−CRYPTO−5/11
L.2. Power State Transitions
Power Up is a tr ans i tion from the Off State to one of the three powered states. Power Down is the tr ans ition from a powered
state to the O ff State. Wakeup is the transition from one of the two low po wer states to the Act i v e State.
L.2.1. Power Up
Power up begins when the power supply is tur ned on, causing the V CC voltage to rise continuously from VSS to the operating
voltage. Power up occ ur s in three stages.
1. First stage
The voltage regulator and other analog circuitry are activated
5. Second stage
The serial interface logic is activated so that the ATAES132 can report the device status to the host
6. Third stage
The ATAES132 enters the power state specified by the ChipConfig register
During the power up process, the dev ice is unable to accept commands. In the SPI interface mode, the device is re ady to
receive a read status register command aft er the power up time tPU.STATUS. The power up ready time of tPU.RDY specifies the
time required to complete the power up process. In the I2C interface mode, the device will NAK all instructions pr ior to the
completion of power up (time tPU.RDY).
The last st age of the power up procedure is to enter the active, standby, or sleep state specifie d by bit 6 and 7 of the
ChipConfig register. The ChipState register is set to 0xFFFF at power up. (see Sectio n L.3)
Table L-40. C oding of the ChipConfig.PowerUpState bits in the ChipConfig register
Bit 7 Bit 6 Description
1 1 Device goes to the Active Stat e at Power Up
1 0
0 1 Device goes to the Standby State at Power Up
0 0 Device goes to the Sleep State at Power Up
During power up, the SPI chip select should f ol low the VCC voltage. It is recommended t hat the pin be connected to VCC
with a pull-up resistor if the ATAES132 is configured in the SPI interface mode. The ATA ES132 does not support hot
swapping or hot plugging. Connecting or disconn ec ting this device to a system while power is energized can cause
permanent damage to the ATAES132.
L.2.2. Power Down
Before power down, the device mus t be deselected (if configured for SP I) and placed in the active, standby, or sleep state.
During power down, the SPI chip select should be allowed to follow the VCC voltage if the ATAES132 is configured in SPI
interface mode.
The ATAE S132 should not be po wered down when the WIP status bit indicat es that an EEPROM write or cryptographic
operation is i n progress. If the WIP status bit is 0b, then it is safe to power down the device.
L.2.3. Entering the Standby Stat e
If the ATAES132 is in the active state, the hos t can send a sleep com m and to place the ATAES132 in the standby state. (See
Section 7.24) It is not possible to transition the device directly from the sleep stat e to the standby state. The host must
wakeup the device and then must send a sleep c ommand to place the device in standby.
The device can also be configured to enter the standby state at power up as described in Section L.2.1.
The ATAES132 exits standby state only if a wakeup event occurs on the IO pins. Wakeup is discussed in Sectio ns L.2.5 and
L.2.6. The ChipState register does not change when the ATAES132 enters or leaves the standby state. (see Section L.3)
Atmel ATAES132 Preliminary Datasheet 140
8760A−CRYPTO−5/11
L.2.4. Entering the Sleep State
If the ATAES132 is in the active state, the host can send a sleep command to place the ATAES132 in the sleep state. (See
Section 7.24) It is not possible to transition the device directly from the standby state to the sleep state. The host must
wakeup the device and then must send a sl eep c ommand to place the device in sleep.
The device can also be configured t o enter the sleep st ate at power up as described in Section L.2.1.
The ATAES132 exits sleep mode only if a wakeup event occurs on the IO pins. Wak eup is discussed in Sections L.2.5 and
L.2.6. The ChipState register changes to 0x5555 when the ATAES132 leaves the sleep state. (see Section L.3)
L.2.5. SPI WakeUp
To wakeup the ATAES132 configur ed for SPI interf ac e mode, the host is r equired to read the s tatus register usi ng the SPI
read status register command. The ATAES132 will answer the SP I read status register command with the device "status" if the
host has not viol ated the 100nS mi nimum tCSS.Wup setup time requirement. The ATAES132 "st atus" will indicate the device is
"busy" (status = 0xFF) during wakeup. When wakeup is complete, the ATA ES132 "status" changes to indicate t he device is in
the active state.
The ATAES132 will only accept the SPI read status register command while it is "busy". All other commands will be ignored.
The SPI read status register command is described in Section K.3.6.
Figure L-17. SPI interface timing, setup time at wakeup
The wakeup process begins when a device in the standb y or sleep state experienc es a high-to-low transition of the pin.
The device is ready to receive a read status register command from the host after wakeup time tWupSB.STATUS for the standby
state, or tWupSL.STATUS for the sleep state. The wakeup is complet e after the wakeup ready time of tWupSB.RDY for the standby
state, or tWupSL.RDY for the sleep state – tWupSB.RDY / tWupSL.RDY begin when the pin high-to-lo w transition occurs and end
when the device enters the active state. The wakeup timing specifications are in Table 9-5.
Atmel ATAES132 Preliminary Datasheet 141
8760A−CRYPTO−5/11
L.2.6. I2C WakeUp
To wakeup an ATAES 132 c onfigured for I2C interface mode, the host is r equired to perform A C K polling using the matching
I2C device address. The ATAES132 will answer the ACK poll with an I2C NAK to indicate the devi ce is "busy" durin g wakeup.
The ACK poll reply will change to ACK when the device is in the active state.
The ATAE S132 will not accept any commands while it is "busy". The ATAES132 will NAK the I2C device address if it does
not match the i nternal I2C device addr ess, and will not wakeup if a non-matching I2C device addr ess is received.
The wakeup process begins when a device in the stan db y or sleep state receives an I2C start signal fol lowed immediately by a
I2C device address that matches the ATAES132 I2CAddr register. The device is ready to receive an ACK pol l from the host
after wakeup time tWupSB.STATUS for the standby state, or tWupSL.STATUS for the sleep st ate. The wakeup is complete after the
wakeup ready time of tWupSB.RDY for the standby state, or tWupSL.RDY for the sleep state – tWupSB.RDY / tWupSL.RDY begin when a
matching I2C addres s i s received, and end when the device enters the active state. The wakeup timing specifications are in
Table 9-5.
L.3. Understanding the ChipState Register
The info comm and ( see Section 7.12) provides access to the ChipState register. The ChipState register value indicates if the
device has recently experienced a power up ev ent or wakeup from the sleep power state. This information can be useful for
determining how to recover from an unexpected tr ans action error.
Table L-41. Description of the ChipState register value returned by the info command
ChipState Description
0x0000 ChipState = Active. Device has remained Active since the pr ev ious Crypto com m and was processed(1)
0x5555 ChipState = "Wakeup from sleep". Device has experienced a wakeup from the sleep power state
since the previous Crypto command was processed(1)
0xFFFF ChipState = Power up. Device has experi enced a power up event since the previous Crypto command
was processed(1)
Notes: 1. The following subsections descri be the events which cause ChipStat e to change values, and events that do not
change ChipState
L.3.2. ChipState = Power Up
The following events cause the C hipState regist er to be set to the power up state (0xFFFF). The events in this table cause the
device to be initialized and placed in the power stat e s pecified in the Chi pConfig register. (see Section L.2.1)
Table L-42. D es cription of events causing t he Chi pS tate register to be set to 0xFFFF
Event Event description
Power up Power up of the devic e (Section L.2.1)
Power interruption Power interruption or brownout r esulting in device reset
Atmel ATAES132 Preliminary Datasheet 142
8760A−CRYPTO−5/11
L.3.3. ChipState = "WakeUp from S l eep"
The following events cause the C hipState regist er to be set to the "Wak eUp from Sleep" st ate (0x5555). The ev ents in this
table cause the security registers to be cleared, the logic reinitialized, and the device returned to the active power state (ready
to receive a com m and).
Table L-43. D es cription of event s causing the C hipState register t o be set to 0x5555
Event Event description
WakeUp from Sleep WakeUp from t he Sleep Power State (Section L.1.3)
Reset Command Device receives a valid Reset command block. (Section 7.23)
Tamper Devic e reset initiated by the tamper sensors. (Section 3.1.2)
L.3.4. Events that Do Not Ch ange ChipState
The following events cause NO CHA NGE in the ChipState register value. These events do not modify the security state of the
ATAES132 and therefore do not cause the ChipSt ate to change.
Table L-44. D es cription of events causing NO CHA NGE in the ChipState register
Event Event description
WakeUp from St andby WakeUp from the Standby Power St ate (Section L.1.2)
Reading STATUS Reading the S TATUS register with SPI RDSR or standard read commands (Appendix G)
Writing IO A ddress
Reset Writing the IO address reset register (Sect i on D.4)
Reading a Response Reading t he response memory buffer (Section D.3)
Command CRC Error Device receives ANY command block which results in a CRCE Error
(1)
(Section G.1.5)
Command Inva l id Device receives a command block containing an undefined/invalid Opcode (Section 6.2)
ACK Polling I2C acknowledge polling (Section J.3.8)
I2C Read I2C standard read [READ, RREAD, SREAD instructions] (Section J.3)
Invalid I2C Write I2C standard write beginning at any address from 0x1 000 to 0xEFFF or abov e 0xF300, except
address 0xFE00 [BWRITE, PWRITE instructions] (2) (Section J.3)
I2C SRESET I2C SRESET instruction (Section J.3.7)
SPI Read SPI standard read [READ instruction] (Section K.3.4)
Invalid SPI Write SPI standard write beginning at any address from 0x1 000 to 0xEFFF or above 0xF300, except
address 0xFE00 [WREN, WRITE, WRDI instructions ] (2) (Section K.3)
Info Command Device receiv es a valid info comm and block (Section 7.12)
Notes: 1. A CRCE error results from a command block with a short count, bad checksum, or a buffer overrun
2. Writing the command memory buffer (address 0xFE00) may or may not change the ChipSt ate, depending on
which comman d is written to the buff er
Atmel ATAES132 Preliminary Datasheet 143
8760A−CRYPTO−5/11
L.3.5. ChipState = Active
The following events cause the C hipState regist er to be set to the acti v e state (0x0000). The events in this table may result in
a change in the security state of the device.
Table L-45. D es cription of events causing t he Chi pS tate register to be set to 0x0000
Event Event description
Auth Comman d D ev i c e receives a vali d A uth command block (Section 7.1)
AuthCheck Command Device receives a valid AuthCheck command block (Section 7.2)
AuthCompute Com man d Devic e receives a vali d A uthCompute command block (Section 7.3)
BlockRead Command Device r ec ei ves a valid BlockRead command block (Section 7.4)
Counter Command Device receives a valid Counter command block ( Section 7.5)
Crunch Comm and Device receives a valid Crunc h c ommand block (Section 7.6)
DecRead Command Device receives a valid DecRead command block (Section 7.7)
Decrypt Comm and Device receives a valid Decrypt command block (Section 7.8)
EncRead Comm and Device receiv es a valid EncRead c om mand block (Secti on 7.9)
Encrypt Command Device receives a valid Encrypt command block (Section 7.10)
EncWrite Command Device receives a valid EncWrite command block (Section 7.11)
KeyCompute Command Device receives a valid KeyCompute comm and block (Section 7.13)
KeyExport Command Device receives a valid KeyExport command block (Sect ion 7.14)
KeyImport Command Device rec ei ves a valid KeyImport command block (Section 7.15)
KeyLoad Command Device receives a valid KeyLoad command block (Sec tion 7.16)
KeyTransfer Command Device receives a valid KeyTransfer command block (Section 7.17)
Legacy Command Devic e receives a vali d Legacy command block (Section 7.18)
Lock Command D ev i c e receives a vali d Lock command bloc k (Section 7.19)
Nonce Command Device receiv es a valid Nonce command block (Secti on 7.20)
NonceCompute
Command Device receives a v al id NonceCompute command block (Section 7.21)
Random Command Device receiv es a valid Random com m and block (Section 7.22)
Sleep Command Device receiv es a valid Sleep command block (Section 7.24)
TempSense C ommand Device receives a valid TempSense command block (Section 7.25)
WriteCompute Command Device receives a valid WriteCompute c ommand block (Section 7.26)
I2C Write I2C standard write beginning at a ny user zone addr ess, any configuration mem or y addre ss , or
any key memory address [BWRITE, PW R ITE instructions] (Section J.3)
SPI Write SPI standard write beginning at a ny user zone ad dr ess, any configuration mem or y addre ss , or
any key memory address [WREN, WRITE, WRDI instructions] (Section K.3)
Atmel ATAES132 Preliminary Datasheet 144
8760A−CRYPTO−5/11
Appendix M . Block Checksum
An Atmel CRC-16 checksum is used to verify the integrit y of blocks communicated to and from the ATAES132.
The host sends ATAES132 extended commands to the device in a block of at least four bytes. The ATAES132 responses are
returned to the host in a block of at least four bytes. The command and response blocks are const ructed in the following
manner:
Byte # Name Meaning
0 Count Number of bytes to be transferred to the devic e i n the block, including count, packet and
checksum. This byte will always have a value of N.
1 to (N-3) Packet Comm and, parameters and data, or response. Data is transmitted in the byt e order shown in
command defi ni tions in Section 7.
N-2, N-1 Checksum Atmel CRC-16 ver ific ati on of the count and packet bytes.
The Atmel CRC-16 p olynomial is 0x8005. The initial regis ter value should be 0x0000. After the last bit of the count and packet
has been trans m i tted, the internal C RC register s hould have a value that m atches that in the block. The first checksum byte
transmitted ( N -2) is the most significant byte of the CRC v alue and last byt e of the block is the least significant byte of the
CRC.
M.1. Checksum Function
/** \This function calculates a 16-bit CRC.
* \param[in] count number of bytes in data buffer
* \param[in] data pointer to data
* \param[out] crc pointer to calculated CRC (high byte at crc[0])
*/
void CalculateCrc(uint8_t length, uint8_t *data, uint8_t *crc)
{
uint8_t counter;
uint8_t crcLow = 0, crcHigh = 0, crcCarry;
uint8_t polyLow = 0x05, polyHigh = 0x80;
uint8_t shiftRegister;
uint8_t dataBit, crcBit;
for (counter = 0; counter < length; counter++) {
for (shiftRegister = 0x80; shiftRegister > 0x00; shiftRegister >>= 1) {
dataBit = (data[counter] & shiftRegister) ? 1 : 0;
crcBit = crcHigh >> 7;
// Shift CRC to the left by 1.
crcCarry = crcLow >> 7;
crcLow <<= 1;
crcHigh <<= 1;
crcHigh |= crcCarry;
if ((dataBit ^ crcBit) != 0) {
crcLow ^= polyLow;
crcHigh ^= polyHigh;
}
}
}
crc[0] = crcHigh;
crc[1] = crcLow;
}
Atmel ATAES132 Preliminary Datasheet 146
8760A−CRYPTO−5/11
Appendix N . Atmel ATAES132 Command Response Time
The typical and maximum time r equi red for the ATAES132 to process an extended command is shown in Table N-1. The
response time is the time from sending the last bit of the last byte of the command block to the command memory buffer until
the STAT US register (or I2C ACK) indic ates the response block is available. The "Typical" response time is t he av erage time
required for a n error free comm and to be processed on a typical device at room temperature. The "Maximum" response time is
the worst case time for the command to be processed over the specified temperature range. (With or wit hout an error
condition, whichever result s i n the worst respons e time)
Table N-46. Typical and maximum response times for the Atmel ATAES132 extended commands (1)
Command description Typical tim e(2) Maximum time(3)
Auth, Reset (M ode [0:1] = 00b) 0. 4 m i ll iseconds
Auth, Inbound Only (Mode [5:7] = 000b) 1.5 milliseconds
Auth, Inbound Only (Mode [5:7] not 000b)
Auth, Inbound Only (Mode [5:7] not 000b), with Key Usage(5)
Auth, Outbound Only (Mode [5:7] = 000b)
Auth, Outbound Only (Mode [5:7] not 000b)
Auth, Outbound Only (Mode [5:7] not 000b), with Ke y Usage(5)
Auth, Mutual (Mode [5:7] = 000b) 2.4 milliseconds
Auth, Mutual (Mode [5:7] not 000b)
Auth, Mutual (Mode [5:7] not 000b) , with Key Usage(5) 14.4 m illiseconds
AuthCheck (M ode [5:7] = 000b)
AuthCheck (M ode [5:7] not 000b)
AuthCheck (M ode [5:7] not 000b), with Key Usage(5)
AuthCompute (Mode [5:7] = 000b)
AuthCompute (Mode [5:7] not 000b)
AuthCompute (Mode [5:7] not 000b), with Key Usa ge
(5)
BlockRead, 32 bytes 0.8 milliseconds 1.1 milli seconds
Counter, Rea d, without MAC 0. 5 m i ll iseconds
Counter, Rea d, with OutMAC (Mode [5:7] = 000b) 0. 7 m i ll iseconds
Counter, Rea d, with OutMAC (Mode [5:7] not 000b) 10 millisec onds
Counter, Rea d, with OutMAC (Mode [5:7] not 000b), with Key Usage(5)
Counter, Increm ent, without M AC 1.5 millisecond s
Counter, Inc rement, with InMAC ( M ode [5:7] = 000b) 1.7 milliseconds
Counter, Inc rement, with InMAC ( M ode [5:7] not 000 b) 10 millisec onds
Counter, Inc rement, with InMAC ( M ode [5:7] not 000b), with Key Usage(5)
Crunch, with Count 0x0001 0.85 milliseconds 1.14 milliseconds
DecRead (Mode [5:7] = 000b)
DecRead (Mode [5:7] not 000b)
DecRead (Mode [5:7] not 000b), with Key Usage
(5)
Decrypt, 1 to 16 bytes (Mode [5:7] = 000b) 2.2 millisec onds
Decrypt, 1 to 16 bytes (Mode [5:7] not 000b)
Decrypt, 1 to 16 bytes (Mode [5:7] not 000b), with Key Usage(5) 10 milliseconds
Atmel ATAES132 Preliminary Datasheet 147
8760A−CRYPTO−5/11
Command description Typical tim e
(2)
Maximum time
(3)
Decrypt, 17 to 32 bytes (Mode [5:7] = 000b) 2.9 milliseconds
Decrypt, 17 to 32 bytes (Mode [5:7] not 000b)
Decrypt, 17 to 32 bytes (Mode [5:7] not 000b), with Key Usage(5) 14.2 milliseconds
EncRead, 1 to 16 bytes (Mode [5:7] = 000b) 2.3 milliseconds
EncRead, 1 to 16 bytes (Mode [5:7] not 000b)
EncRead, 1 to 16 bytes (Mode [5:7] not 000b), with Key Usage(5)
EncRead, 17 to 32 bytes (Mode [5:7] = 000b)
EncRead, 17 to 32 bytes (Mode [5:7] not 000b)
EncRead, 17 to 32 bytes (Mode [5:7] not 000b), with Key Usage(5) 14.4 milliseconds
EncRead, Configuration Memory Signature Generation Mode
EncRead, Ke y Memory Signature Generation Mode
Encrypt, 1 to 16 bytes (Mode [5:7] = 000b) 2.3 millisec onds
Encrypt, 1 to 16 bytes (Mode [5:7] not 000b)
Encrypt, 1 to 16 bytes (Mode [5:7] not 000b), with Key Usag e (5)
Encrypt, 17 to 32 bytes (Mode [5:7] = 000b) 2.8 milliseconds
Encrypt, 17 to 32 bytes (Mode [5:7] not 000b)
Encrypt, 17 to 32 bytes (Mode [5:7] not 000b), with Key Usage(5)
EncWrite, 1 to 16 bytes (Mode [5:7] = 000b) 4.1 milliseconds
EncWrite, 1 to 16 bytes (Mode [5:7] not 000b)
EncWrite, 1 to 16 bytes (Mode [5:7] not 000b), with Key Usage(5)
EncWrite, 17 to 32 bytes (Mode [5:7] = 000b)
EncWrite, 17 to 32 bytes (Mode [5:7] not 000b)
EncWrite, 17 to 32 bytes (Mode [5:7] not 000b), with Key Usage(5)
Info
KeyCompute, without RNG Seed Update. (Mode [5:7] = 000b)
KeyCompute, without RNG Seed Update. (Mode [5:7] not 000b)
KeyCompute, without RNG Seed Update. (Mode [5:7] not 000b), with Key
Usage(5)
KeyCompute, with RNG Seed Update. (Mode [5:7] = 000b)
KeyCompute, with RNG Seed Update. (Mode [5:7] not 000b) 26 millis econds
KeyCompute, with RNG Seed Update. (Mode [5:7] not 000b) , with Key
Usage(5)
KeyExport, without RNG Seed Update. (Mode [5:7] = 000b)
KeyExport, without RNG Seed Update. (Mode [5:7] not 000b)
KeyExport, without RNG Seed Update. (Mode [5:7] not 000b), with Key
Usage(5)
KeyExport, with RNG Seed Update. ( Mode [5:7] = 000b)
KeyExport, with RNG Seed Update. ( Mode [5:7] not 000b)
KeyExport, with RNG Seed Update. ( Mode [5:7] not 000b) , with Key Usage(5)
KeyImport (M ode [5:7] = 000b)
KeyImport (M ode [5:7] not 000b)
KeyImport (M ode [5:7] not 000b), with Key Usage
(5)
Atmel ATAES132 Preliminary Datasheet 148
8760A−CRYPTO−5/11
Command description Typical tim e
(2)
Maximum time
(3)
KeyLoad (Mode [5:7] = 000b)
KeyLoad (Mode [ 5:7] not 000b)
KeyLoad (Mode [5:7] not 000b), with Key Usage (5)
KeyTransfer
Legacy
Legacy, with K ey Usage(5)
Lock, without MAC (Mode [5:7] = 000b)
Lock, without MAC (Mode [5:7] not 000b)
Lock, without MAC (Mode [5:7] not 000b), with Key Usage(5)
Lock, with MAC (Mode [5:7] = 000b)
Lock, with MAC (Mode [5:7] not 000b)
Lock, with MAC (Mode [5:7] not 000b) , with Key Usage(5)
Nonce, Inbou nd
Nonce, Random, without RNG S eed U pdate 0.5 millis econds
Nonce, Random, with RNG Seed Update 7.5 milliseconds 11 milliseconds
NonceCompute
Random, witho ut RNG Seed Update 0.5 milliseconds
Random, witho ut RNG Seed Update 7.0 milliseconds 11 milliseconds
Reset (4)
Sleep, enter Standby State (4)
Sleep, enter Sleep State (4)
TempSense 80 milliseconds 145 milliseconds
WriteCompute, 1 to 16 Bytes (Mode [ 5:7] not 000b)
WriteCompute, 1 to 16 Bytes (Mode [ 5:7] not 000b)
WriteCompute, 1 to 16 Bytes (Mode [ 5:7] not 000b), with Key Usage(5)
WriteCompute, 17 to 32 Bytes (Mode [5:7] = 000b)
WriteCompute, 17 to 32 Bytes (Mode [5:7] not 000b)
WriteCompute, 17 to 32 Bytes (Mode [5:7] not 000b), with Key Usage
(5)
Notes: 1. The values in this table are based on characterization an d/or simulation. These parameters are not tested.
2. The typical response time is the t i m e required for 60% of devices to place a packet in the response memory
buffer and change the WIP STATUS bit to 0b after successful execution of the command at room temperature. If
an error occurs, the response will be availabl e in a shorter amount of time.
3. The maximum response time is the time required for 95% of devices to place a pac k et in the response memory
buffer and change the WIP STATUS bit to 0b after successful execution of the command at the worst case
temperature.
Note: 5 % of the devices may be slower than this n um ber. The Host is expec ted to read the STATUS
register to determine when a res ponse is availab l e ( see Appendix G).
2. The reset command and the sleep command do not generate a response. The response times are the time
required for the operation to be completed.
3. These tim es are with the key usage limits enabled in t he KeyConfig regis ter. All other ti m es are with the key
usage limits disabled in the Ke yConfig register.
All values are preliminary and will be updated aft er characterization.
Atmel ATAES132 Preliminary Datasheet 149
8760A−CRYPTO−5/11
Appendix O . Default Configuration
The ATAES 132 memory map is shown in Table O-1 with the default memory values. Reserved memory cannot be written or
read.
Table O-47. The Atmel ATAES132 memory map sho wing the default memory contents
Byte Address Description
0000h-0FFFh User memory [Default = All Bytes FFh]
1000h-EFFFh Reserved
F000h-F1FFh Configurati on memory [See Section O.2 for Default Values]
F200h-F2FFh Ke y memory [See S ec tion O.3 for Default Val ues]
F300h-FDFFh Reserved
FE00h Command / response memory buffer
FE01h-FFFDh Reserved
FFE0h IO address reset
FFE1h-FFEFh Reserved
FFF0h STAT US register
FFF1
h
-FFFF
h
Reserved
Atmel ATAES132 Preliminary Datasheet 150
8760A−CRYPTO−5/11
O.2. Configuration Memory Contents
The default contents of the configuration memory after completion of production test are shown in T able O-2. This
configuration enables most functions and is expec ted to be changed b y t he customer during personalizat i on. See Appendix E
for the configuration memory map.
Table O-48. Default configuration memory content s . All register values shown are hexadecimal numbers.
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F000h-F007h Unique Die Serial Number
F008h-F00Fh Atm el pr oprietary data
F010h-F017h 00 1F A tmel proprietary data 00 00 20
F018h-F01Fh 20 20 0A Atmel propriet ary data
F020h-F027h 55 55 55 Atmel proprietary data
F028h-F02Fh Atm el pr oprietary data EE 00 03 Atmel data
F030h-F037h Atmel pr oprietary data
F038h-F03Fh
F040h-F047h I2CAddr C3 TempCal TempOffset v al ue
F048h-F04Fh TempOffset value FF FF FF FF FF
F050h-F057h FF FF FF FF FF FF FF FF
F058h-F05Fh FF FF FF FF FF FF FF FF
F060h-F067h FF FF FF FF FF FF FF FF
F068h-F06Fh FF FF FF FF FF FF FF FF
F070h-F077h FF FF FF FF FF FF FF FF
F078h-F07Fh FF FF FF FF FF FF FF FF
F080h-F087h 00 00 00 00 FF FF FF FF
F088h-F08Fh FF FF FF FF FF FF FF FF
F090h-F097h FF FF FF FF FF FF FF FF
F098h-F09Fh FF FF FF FF FF FF FF FF
F0A0h-F0A7h FF FF FF FF FF FF FF FF
F0A8h-F0AFh FF FF FF FF FF FF FF FF
F0B0h-F0B7h FF FF FF FF FF FF FF FF
F0B8h-F0BFh FF FF FF FF FF FF FF FF
F0C0h-F0C7h 00 FF FF FF 00 FF FF FF
F0C8h-F0CFh 00 FF FF FF 00 FF FF FF
F0D0h-F0D7h 00 FF FF FF 00 FF FF FF
F0D8h-F0DFh 00 FF FF FF 00 FF FF FF
F0E0h-F0E7h 00 FF FF FF 00 FF FF FF
F0E8h-F0EFh 00 FF FF FF 00 FF FF FF
F0F0h-F0F7h 00 FF FF FF 00 FF FF FF
F0F8h-F0FFh 00 FF FF FF 00 FF FF FF
F100h-F107h FF FF 00 00 00 00 00 00
F108h-F10Fh FF FF 00 00 00 00 00 00
F110h-F117h FF FF 00 00 00 00 00 00
Atmel ATAES132 Preliminary Datasheet 151
8760A−CRYPTO−5/11
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F118h-F11Fh FF FF 00 00 00 00 00 00
F120h-F127h FF FF 00 00 00 00 00 00
F128h-F12Fh FF FF 00 00 00 00 00 00
F130h-F137h FF FF 00 00 00 00 00 00
F138h-F13Fh FF FF 00 00 00 00 00 00
F140h-F147h FF FF 00 00 00 00 00 00
F148h-F14Fh FF FF 00 00 00 00 00 00
F150h-F157h FF FF 00 00 00 00 00 00
F158h-F15Fh FF FF 00 00 00 00 00 00
F160h-F167h FF FF 00 00 00 00 00 00
F168h-F16Fh FF FF 00 00 00 00 00 00
F170h-F177h FF FF 00 00 00 00 00 00
F178h-F17Fh FF FF 00 00 00 00 00 00
F180h-F187h FF FF FF FF FF FF FF FF
F188h-F18Fh FF FF FF FF FF FF FF FF
F190h-F197h FF FF FF FF FF FF FF FF
F198h-F19Fh FF FF FF FF FF FF FF FF
F1A0h-F1A7h FF FF FF FF FF FF FF FF
F1A8h-F1AFh FF FF FF FF FF FF FF FF
F1B0h-F1B7h FF FF FF FF FF FF FF FF
F1B8h-F1BFh FF FF FF FF FF FF FF FF
F1C0h-F1C7h FF FF FF FF FF FF FF FF
F1C8h-F1CFh FF FF FF FF FF FF FF FF
F1D0h-F1D7h FF FF FF FF FF FF FF FF
F1D8h-F1DFh FF FF FF FF FF FF FF FF
F1E0h-F1E7h FF FF FF FF FF FF FF FF
F1E8h-F1EFh FF FF FF FF FF FF FF FF
F1F0h-F1F7h FF FF FF FF FF FF FF FF
F1F8h-F1FFh FF FF FF FF FF FF FF FF
The configuration memory map in Table O-2 is c olor coded. The registers shown in orange are locked at the factory and
cannot be changed by the customer. The contents of the Lock registers ( s hown in blue) can onl y b e changed by using the
Lock command (see Section 7.19).
Configuration registers shaded with green can be written by the cus tomer prior to locking (by setting LockConfig to 0x 00 using
the Lock command). The SmallZon e (shown in yellow) can be written by the customer prior to locking (by setting LockSmall to
0x00 using the Loc k command); Sm al lZone is locked separately from the remainder of the configuration memory.
The default value of the I2CAddr regist er is 0x01 for devic es configured for I2C Interface mode. The default value of I2CAddr is
0x00 for devices configured fo r SPI Interface mode. See A ppendix Q for ordering codes.
The default value of the TempCal register and Tem pOffset register dep end on the temperature s ensor procedure performed
by Atmel at product test. See Sec tions E.2.17 and E.2.18 for additional infor mation.
Atmel ATAES132 Preliminary Datasheet 152
8760A−CRYPTO−5/11
O.3. Key Memory Contents
The key memory contains pseudorandom v alues after completion of production test, except f or key 00 which contains the
transport key. Device personaliz ation can be perfor med without knowledge of the T ransport Key, however, secure
personalization can only be per formed if the transport key value has been obtained from Atmel.
Atmel ATAES132 Preliminary Datasheet 153
8760A−CRYPTO−5/11
Appendix P . Serial Memory Backward Compatibility
The ATAE S132 Secure Serial EE PROM architecture was developed to al low security to be retrofitted into systems using
standard Atm el Serial EEPROM. The ATAES132 package pin outs, the interf ac e protocol, and the c ommand set are all
compatible with standard I2C and SPI EEPROM, but are not identical.
This secti on describes the differences which must be considered when the ATA ES132 is inserted into systems using I2C or
SPI Serial EEPROM.
P.1. I2C Serial EEPROM Compatibility
This secti on describes differ ences between the Atmel AT24C32C stan dard Atmel 32K bit I2C Serial EEPROM and the
ATAES132 Secure Serial EEPROM configured for I2C communication mode.
P.1.1. Package Pins
On AT24C32C pins 1, 2, and 3 are used to set I2C device address bits A0, A1, and A2. AT24C32C pin 7 is the write protect
(WP) input.
On ATAES132 pins 1, 2, 3, and 7 are not used in I2C communi cation mode. These pins should be tied to VCC or VSS. The
state of these four pins has no impac t on the functionality of the ATAES132 in the I2C communication mode. See Section J.2
for the pin descriptions.
P.1.2. I2C Device Address
The AT24C32 C I2C device address is 1010A2A1A0b, with A0, A1, and A2 determined by the state of pins one, two, and three. A
maximum of eight AT24C32C devices are permitt ed on the I2C interface.
On the ATAES132, the I2C device address is determined by the contents of the I2CAddr register (see Section J.1.3). The
ATAES132 I2C device address can be any set to any value, allowing up to 127 devices on the I2C interface.
P.1.3. Write Protect
The AT24C32 C write protect (WP) input pin inhibit s all EEPROM write operations when the WP pin is high. If W P is low, then
EEPROM write operations are allowed.
On the ATAES132, the user memory write perm i s sions are controlled by the ZoneConfig Registers ( s ee Section E.2.22). The
user memory is divided into 16 user zones which are independently controlled by 16 ZoneConfig R egisters – different write
permissions can be assigned to dif ferent sections of the memory. B y def ault all user memory has open write access.
P.1.4. Page Write Operations
If the host at tempts to write data ac r oss the physical ( 32 byte) EEPROM page boundary, the AT24C32C wraps to the
beginning of the EEPROM page where the page write operation begins and performs the EEPROM write after receiving a
STOP condition. If the host attem pts to write more than 32 bytes in a page write operation, then the AT24C32C wraps the
data at the pag e boundary and perfor m s the EEPROM write after receiving a STOP condition. Partial page writes are
supported by the AT24C32C.
The ATAE S132 does not allow write operations t o c ross physical (32 byte) EEPROM page boundaries (s ee S ection B.2), and
does not allow a write operati on i f more than 32 data bytes are received f rom the host. In both cases the EEPROM contents
remain unchanged, the data is discarded, and an error bit is set in the STATUS register (see Sec tion J.3.3). Partial page
writes are su pported by the ATAES132.
Atmel ATAES132 Preliminary Datasheet 154
8760A−CRYPTO−5/11
P.1.5. Read Operations
Reading beyond the end of physic al m emory on the AT24C32C causes the internal data addres s register to roll ov er to
address zero. The read operation continues from addr ess zero.
If an ATAES132 read oper ation begins at a valid user memory addr es s but continues past the end of user mem ory, the read
operation will n ot wrap to the beginning of user memory. Reading beyond the end of user memory causes 0 xFF to be
returned to t he hos t in reply to the read, the internal data address register stops incr ementing, and an error bit is set in the
STATUS register (see Section G.2.5).
P.1.6. Read Protect
The AT24C32C and other standard I2C EEPROM do not have a read inhibit function.
On the ATAES132, the user memory read permissions are controlled by the ZoneConf ig Registers (see Section E.2.22). The
user memory is divided into 16 user zones which are independently controlled by 16 ZoneConfig R egisters – different read
permissions can be assigned to different sect ions of the memory. If read access is pr ohibited, then 0xF F will be returned t o
the host in reply to a read command (see Section 5.2). By default all user memory has open read access.
P.1.7. Standby Mode
Standard I2C EEPROM automatically enter low power standby mode upon completi on of any internal o peration.
The ATAE S132 has three powere d s tates: the active state and two low power states, the standby st ate and the sleep state.
The ATAES 132 will remain in t he active state between operations unless t he host sends a sleep command to activate the
standby state o r the sleep state. The ATAES132 can also be configured to aut omatically enter a low power state at power up.
See Appendi x L for details on the power management featur es .
P.1.8. Operating Voltage
The AT24C32 C operating voltage range is 1.8V minimum to 5.5 Vmaximum.
The ATAES 132 operating volt age range is 2.5V minimum to 5.5 Vmaximum. See Section 9.3 for DC specifications.
P.2. SPI Serial EEPROM Compatibility
This secti on describes differ ences between the AT25320B standard A tmel 32K bit SPI Serial EEPROM and the ATAES132
Secure Serial EEPROM configured for SPI communication mode.
P.2.1. Package Pins
On AT25320B pin t hree is the input, and pin seven is the input.
On ATAES132 pi ns three and seven are not used in SPI communic ation mode – these pins can be tied to VCC or VSS. The
state of these two pins with no impact on the func tion al it y of the ATAES132 in the SPI communication m ode. See Section K.2
for the pin descriptions.
P.2.2. Write Protect ( )
The AT25320B input pin inhibits all EEPRO M write operations when the WP pin is low. If WP is high, t hen EEPROM
write operations are allowed. The write protect pi n c an be disabled by writing the WPEN bit in t he S TATUS register to 0b.
On the ATAES132, the user memory write perm i s sions are controlled by the ZoneConf ig Registers (see Section E.2.22). The
user memory is divided into 16 user zones which are independently controlled by 16 ZoneConfig R egisters – different write
permissions can be assigned to dif ferent sections of the memory. By defa ul t, all user memory has open write access.
Atmel ATAES132 Preliminary Datasheet 155
8760A−CRYPTO−5/11
P.2.3. HOLD
The AT25320B input pin allows the host to pause communication with the memory temporarily (by bringing
low), and then resume the communication sequenc e ( by bringing high). The sequence contin ues exactly from t he
point where it was paused, as if there was no interruption.
The ATAE S132 does not have a HOLD f unction. If comm uni c ations are int er rupted, the sequence must be restarted,
beginning with a high to low transition on the input.
P.2.4. Page Write Operations
If the host at tempts to write data ac r oss the physical ( 32 byte) EEPROM page boundary, the AT25320B wraps to t he
beginning of the EEPROM page where the page write operation begin and performs the EEPROM write after receiving a low
to high transition on the input. If the host at tempts to write more than 32 bytes in a page write operation , then the
AT25320B wraps the data at the page b oundary and performs the EEPROM write after receivin g a STOP condition. Partial
page writes are supported by the AT25320B.
The ATAE S132 does not allow write operations t o c ross physical (32 byte) EEPROM page boundaries (s ee S ection B.2), and
does not allow a write operati on i f more than 32 data bytes are received f rom the host. In bot h cases, the EEPROM contents
remain unchanged, the data is discarded, and an error bit is set in the STATUS register (see Sec tion J.3.3). Partial page
writes are supported by the ATAES132.
P.2.5. Read Operations
Reading beyond the end of physic al m emory on AT25320B causes the inter nal data address register to rollover t o address
zero. The read oper ation continues from address zero.
If an ATAES132 read operation begi ns at a valid user memory address but continues past the end of user memory, the read
operation will not wrap to the beg inning of user memory. Reading beyond the end of user memory causes 0xFF to be
returned to t he hos t in reply to the r ead, the internal d ata address regist er stops incrementing, and an error bit is set in the
STATUS register.
P.2.6. Read Protect
The Atmel AT25320B and other st andard SPI EEPROM do not hav e a read inhibit func tion.
On the ATAES132, the user memory read perm i s sions are controlled by the ZoneConf ig Registers (see S ecti on E.2.22). The
user memory is divid ed i nto 16 user zones which are independently controlled by 16 ZoneConfig Reg isters – different read
permissions can be assigned to dif ferent sections of the memory. If read access is proh i bited, then 0xFF will be returned to
the host in reply to a read command (see Section 5.2). By def ault all user memory has open read access.
P.2.7. STATUS Register
The AT25320B STATUS register def i nition is shown in Table P-1. The def aul t state of all ST ATUS bits is 0b. The WPEN bit
controls the write protect pin. B l oc k write protection is controlled by the BP0 and BP1 bits . If WEN = 1b, then the device is
write enabled. If WIP = 0b, the device is ready to accept a command – WIP = 1b indic ates a write cycle is in progress. The
Reserved bits are 0b except when an internal write cycle is in progress. All bits of t he S TATUS register ar e 1b when an
internal write cycle is in progress.
Table P-49. Atmel AT25320B STATUS register fefinition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
WPEN Reserved Reserved Reserved BP1 BP0 WEN WIP
Atmel ATAES132 Preliminary Datasheet 156
8760A−CRYPTO−5/11
The ATAES 132 STATUS regist er definition is shown in Table P-2 and described in Appendix G. The default st ate of all
STATUS bits i s 0b. The WEN, WIP, and reserved bits are similar to standard SPI Serial EEPROM: If WEN = 1b, then the
device is write enabled. If WIP = 0b, the device is ready to accept a command; WIP = 1b indicates a write cycle or a
cryptographic operation is in progress. The reser v ed bits are 0b exce pt when an internal write cycle or a cryptogr aphic
operation is i n progress. All bits of the STATUS register are 1b when an i nternal write cycle or a cryptographic operation i s i n
progress.
Table P-50. Atmel AT AES132 STATUS register definition
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
EERR RRDY Reserved CRCE Reserved WAKEb WEN WIP
ATAES132 reports errors to t he host using the EERR and CRCE bits. The R RD Y bi t indicates if the Response Memory Buffer
is empty (0b), or ready to read (1b). T he WAKEb bit indica tes if the device is in the Sleep or Standby Power State. See
Section G.1 for detailed descriptions of each STATUS bit.
P.2.8. Write Status Register Command (W RSR)
The AT25320B STATUS register contains three bits which control the block write protect function, and the write protect pin.
These bits can be changed by sending a write status regi s ter (WRSR) command to the memory.
The ATAES132 does not support the write status register (WRSR) command. The WRSR com m and will be ignored if it is
received.
P.2.9. Block Write Protect
The AT25320B STATUS register contains two block protec t bits (BP0 and BP1) which control the block write protect function.
By writing the STATUS register t he user can set the bloc k protect bits to inhibit writes in ¼, ½, or the full memory array.
On the ATAES132, the user memory write permi s sions are controlled by the ZoneConf ig Registers (see Section E.2.22). The
user memory is divided into 16 user zones which are independently controlled by 16 ZoneConfig R egisters – different write
permissions can be assigned to dif ferent sections of the memory. By defa ul t all user memory has open write access.
P.2.10. Standby Mode
Standard SPI EEPROM automatically enter low po wer standby mode upon completion of any inter nal operation.
The ATAE S132 has three powere d s tates: the active state and two low power states, the standby state and the sleep state.
The ATAES132 will remain in the active state between operations unless the host sends a s l eep command to activ ate the
standby state o r the sleep state. The ATAES132 can also be configured to aut omatically enter a low power state at power up.
See Appendi x L for details on the power management featur es .
P.2.11. Operating Voltage
The AT25320B operating voltage rang e i s 1.8V minimum to 5.5V maximum.
The ATAES 132 operating volt age r ange is 2.5V minimum to 5.5V maximum. See Section 9.3 for DC specifications.
P.2.12. Maximum Operating F requency
The AT25320B maximum SCK frequency is 10MHz when VCC is 2.7 V to 5. 5 V. The maximum SCK f r equency is 20MHz when
VCC is 4.5 V to 5.5 V.
The ATAES 132 maximum SCK frequency is 10MHz when VCC is 2.5 V to 5.5 V. See Section 9.4 for AC specifications.
Atmel ATAES132 Preliminary Datasheet 157
8760A−CRYPTO−5/11
Appendix Q . Ordering Information
The ATAES 132 production order ing codes are list ed in Section R.1. To increase security ATAES132 packages are not
marked with t he or dering code, the ATAES132 standard packages are marked with a trace code which is unique for each
manufacturing lot. Contact At mel for additional information.
Atmel Ordering Codes
Atmel ordering code Package type Interface configuration Temperature range
ATAES132-SH-EQ SOIC, Bulk SPI -40 °C to 85 °C
ATAES132-SH-ER SOIC, Bulk I2C -40 °C to 85 °C
ATAES132-SH-FB SOIC, Bulk I2C, AuthO -40 °C to 85 °C
ATAES132-SH-EQ-T SOIC, Tape & Reel SPI -40 °C to 85 °C
ATAES132-SH-ER-T SOIC, Tape & Reel I2C -40 °C to 85 °C
ATAES132-SH-FB-T SOIC, Tape & Reel I2C, AuthO -40 °C t o 85 ° C
ATAES132-TH-EQ TSSOP, Bulk SPI -40 °C to 85 °C
ATAES132-TH-ER TSSOP, Bulk I
2
C -40 °C to 85 °C
ATAES132-TH-FB TSSOP, Bulk I2C, AuthO -40 °C to 85 °C
ATAES132-TH-EQ-T TSSOP, Tape & Reel SPI -40 °C to 85 °C
ATAES132-TH-ER-T TSSOP, Tape & Reel I2C -40 °C to 85 °C
ATAES132-TH-FB-T TSSOP, Tape & Reel I
2
C, AuthO -40 °C to 85 °C
ATAES132-MA3H-EQ-T UDFN, Tape & Reel SPI -40 °C to 85 °C
ATAES132-MA3H-ER-T UDFN, Tape & R eel I2C -40 °C to 85 °C
ATAES132-MA3H-FB-T UDFN, Tape & Reel I2C, AuthO -40 °C to 85 °C
Note: 1. A uthO indicates dev ice supports Auth Signaling. S ee Section J.5
Package t ype Description
SOIC 8 pin SOIC, NiPdA u l ead finish, G reen(1)
TSSOP 8 pin TSSOP, NiPdAu lead finish, Green(1)
UDFN 8 pin UDFN/USON 2 x 3mm, NiPdAu lead finish, Green(1)
Note: 1. Lead-free, halogen-fr ee package. Exc eeds RoHS requirem ents
Atmel ATAES132 Preliminary Datasheet 158
8760A−CRYPTO−5/11
Q.1. Mechanical Information
8S1 – JEDEC SOIC
Package Drawing Contact:
packagedrawings@atmel.com
DRAWING N O. REV.TITLE GPC
COMMON DIMENSIONS
(Unit of Measure = mm)
SYMBOL MIN NOM MAX NOTE
A1 0.10 –0.25
A1.35 –1.75
b0.31 –0.51
C0.17 –0.25
D4.80 –5.05
E1 3.81 –3.99
E5.79 –6.20
e1.27 BSC
L0.40 –1.27
0° –8°
END VIEW
8S1 F
5/19/10
Notes: This drawing is for general inform ation only.
Refer to JEDEC Drawing MS-012, Variation AA
for proper dimensions, tolerances, datums, etc.
8S1, 8-lead (0.150” Wide Body), Plastic Gull
Wing Sm all Outline (JEDEC SOIC) SWB
Atmel ATAES132 Preliminary Datasheet 159
8760A−CRYPTO−5/11
8A2 – TSSOP
Package Drawing Contact:
packagedrawings@atmel.com
DRAWING NO. REV.TITLE GPC
COMMON DIMENSIONS
(Unit of Measure = mm)
SYMBOL MIN NOM MAX NOTE
D2.90 3.00 3.10 2, 5
E6.40 BSC
E1 4.30 4.40 4.50 3, 5
A – – 1.20
A2 0.80 1.00 1.05
b0.19 –0.30 4
e0.65 BSC
L0.45 0.60 0.75
L1 1.00 REF
Side View
End View
Top View
A2
A
L
L1
D
123
E1
N
b
Pin 1 indicator
this corner
E
e
Notes: 1. This drawing is for general information only. Refer to JEDEC Drawing MO-153, Variation AA, for proper dimensions,
tolerances, datums, etc.
2. Dimension D does not include mold Flash, protrusions or gate burrs. Mold Flash, protrusions and gate burrs shall
not exceed 0.15mm (0.006in) per side.
3. Dimension E1 does not include inter-lead Flash or protrusions. Inter-lead Flash and protrusions shall not exceed
0.25mm (0.010in) per side.
4. Dimension b does not include Dambar protrusion. Allowable Dambar protrusion shall be 0.08mm total in excess
of the b dimension at maximum material condition. Dambar cannot be located on the lower radius of the foot.
Minimum space between protrusion and adjacent lead is 0.07mm.
5. Dimension D and E1 to be determined at Datum Plane H.
8A2 E
5/19/10
8A2, 8-lead 4.4mm Body, Plastic Thin
Shrink Small Outline Package (TSSOP) TNR
Atmel ATAES132 Preliminary Datasheet 160
8760A−CRYPTO−5/11
8MA3 – UDFN/USON Ultra Thin No Lead Package
Package Drawing Contact:
packagedrawings@atmel.com
TITLE
8MA3, 8-pad, 2 x 3 x 0.6 mm Body, 0.5 mm Pitch,
1.6 x 0.2 mm Exposed Pad, Saw Singulated
Thermally Enhanced Plastic Ultra Thin Dual
Flat No Lead Package (UDFN/USON)
GPC
YCQ
DRAWING NO.
8MA3
REV.
A
8/8/08
Notes: 1. All dimensions are in mm. Angles in degrees.
2. Coplanarity applies to the exposed pad as well
as the terminals. Coplanarity shall not exceed 0.05 mm.
3. Warpage shall not exceed 0.05 mm.
4. Package length/package width are considered as
special characteristic.
5. Refer to Jede MO-236/MO-252
SYMBOLMIN NOM MAX NOTE
A
A1
B
D
D2
E
E2
E
L
L3
ccc
eee
0.45
0.00
0.20
1.95
1.50
2.95
0.10
–
0.40
0.30
–
–
–
–
–
2.00
1.60
3.00
0.20
0.50
0.45
–
–
–
0.60
0.05
0.30
2.05
1.70
3.05
0.30
–
0.50
0.40
0.05
0.05
COMM ON DIMENSIONS
(Unit of Measure = mm)
// ccc C
C
eee C
8x
0.127 Ref.
PIN 1 ID
8765
1234
AD
BA
A1
D2
e
1.50 Ref.
5 8
4 1
b
8x 0.10mm C A B
L
L3
R0.10
Atmel ATAES132 Preliminary Datasheet 161
8760A−CRYPTO−5/11
Appendix R . Errata
R.1. First Silicon Errata (INFO DeviceNum = 0x0A01 or 0x0A02)
Pre-production version is not suitable for qualification. First silicon i s not fully tested and may not meet all of the parametric
specificat ions listed in Sect ion 9.
R.1.1. Memory Contents
EEPROM contents are not identic al to the production configuration described in Appendix O. This is intentional. The first
silicon can be eas i ly distinguished from later revisions.
R.1.2. Configuration Memory M ap Change
The Manufact uringID register and PermConfig r egi s ter location in fi r st silicon are dif ferent than in lat er revisions. In later
revisions the PermConfig register is at address 0xF02D, and the ManufacturingID register is at address 0xF02B to 0 xF02C .
The TempCal regis ter did not exist i n first silicon. The TempOffset r egister was two bytes in first silicon, but was expanded to
accommodate improved temper ature sensor calibration procedures.
Table R-51. Partial configuration memory map for the Atmel ATAES132 first silicon
Address 0h / 8h 1h / 9h 2h / Ah 3h / Bh 4h / Ch 5h / Dh 6h / Eh 7h / Fh
F000h-F007h SerialNum
F008h-F00Fh LotHistory
F010h-F017h Jedec ManufacturingID PermConfi
Algorithm EEPage
F018h-F01Fh EncRead
EncWrtSiz
DeviceNum Reserved
F020h-F027h LockKeys LockSmall LockConfig Reserved
F028h-F02Fh
Reserved
F030h-F037h
F038h-F03Fh
F040h-F047h I2CAddr ChipConfi
TempOffset RFU
F048h-F04Fh RFU
R.1.3. SPI Write Output State
The SO output pin should always be in the high impedance state during an SPI Write operation. Actual behavior is the SO pin
is in the high im pedance state if no er r ors are detected in the command packet; however, i f the packet contains an er ror, then
SO may be forced high when the error is detected. SO will r em ai n high until t he entire write com mand packet is clocked in
and the input goes high.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.4. SPI Configuration Memory Write Error not Fl agged
If an SPI write to t he configuration memory is attempted while the device is in the write dis able state then the E EPROM write
will fail (as expected). The EERR bit of the STATUS register should be set to 1b to indicate an error. Actual behavior is the
EEPROM does not write and the EERR st atus bit is 0b (erroneously indicating that no error oc curred).
This problem will be fixed in fut ure revisions of ATAES132.
Atmel ATAES132 Preliminary Datasheet 162
8760A−CRYPTO−5/11
R.1.5. SPI Write Enable Changed by Illegal Read
If an SPI Read is executed after the write enable flag is enabled, the writ e enable flag should n ot change. Actual behavior is
an SPI read of an illegal address c auses the write enable flag to change t o the disabled state. The flag is not chan ged by SPI
reads of legal addresses.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.6. I2C Current Address Read
If a standard I 2C c ur rent address read operation is performed after a standard I2C byte write or I2C page write operation, the
first byte returned should be the b yt e following the last byte clocked in b y t he write command. Actual behavior is the internal
address register used by the st andard I2C read operations is not updated when a standar d I2C byte write or I2C page write
operation is performed, therefore, the I2C cur r ent address read does not return the expected bytes.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.7. I2C Device Address
In the I2C interface mode, the device should only ACK the device address if all seven bits match the value stored in the
I2CAddr register . Actual behavior is t he ATAES132 ACKs an I2C address in which only the upper six bits match the value in
the I2CAddr register.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.8. I2C Data In Hold Time
The minimum I2C data in Hold time specification is 0ns . This revision of the ATAES132 requi r es 10ns minimum I2C dataiIn
Hold time.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.9. EncWrite to Key Memory
The EncWrite command should per m i t key mem ory to be written using encrypted dat a as described in Section 7.11. Ac tual
behavior is that the EncWrite c ommand appears to function correctly when writing to key memory, h owever, the new contents
of the key register will be incor r ect. Since the ne w key value is unknown, all operations with the key will g enerate incorre c t
cryptographic results.
It is recommended that the key memory be writt en with cleartext us ing the standard write commands as described in Section
5.3.3 prior to locking key memory. The key memory can be updated after locking using the KeyCompute command or the
KeyLoad command if t he key is configured as a child key in the KeyConfig regist er .
This problem will be fixed in fut ure revisions of ATAES132.
R.1.10. EERR St atus bit Reset by Memory Read
If a SPI or I2C read begins at an authorized address and c ontinues into pr otected memory, the EERR bit will be set to 1b.
Once set, the E ERR status bit should retain the 1bs state during the read operation, regar dless of how much data is read.
Actual behav i or is that the EERR bit will be set to 0b on t he 129th byte read, causing the error information to be lost .
This problem will be fixed in fut ure revisions of ATAES132.
R.1.11. EERR Status bit Incorrect for Memory Read Beyond End of User Memory
If a SPI or I2C read begins at an authorized user memor y a ddress and continues beyond address 0x0FFF, the EERR bit
should be set to 1b and 0xFF should be returned for eac h data byte. Actual behavior is 0xFF is returned for each data byte
above address 0x0FFF, however, the EERR bit is 0b.
This problem will be fixed in fut ure revisions of ATAES132.
Atmel ATAES132 Preliminary Datasheet 163
8760A−CRYPTO−5/11
R.1.12. RRDY Status bit Not Reset by Memory Read in I2C Interface Mode
If a memory read is attempted usin g an invalid address, then the EERR bit will be set to 1b and the RR DY bit should be set to
0b. Actual behavior in I2C Inter face mode is that the RR DY bit is not reset wh en an invalid address read is attempted – if the
RRDY bit is 1b before the read, then it remains 1b. The ATAES132 operat es correctly in SPI Interface mode.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.13. I2C Auth Signaling Not Supported
I2C Auth signali ng i s not supported in this revision of the device. The SO pin is always in the high impedance state in I2C
interface mode.
R.1.14. Random Command Mode Not S upported
The random co m mand does not support M ode Bit 2. This r ev i s i on of the device can only generat e r andom numbers for
external use using the random command. Nonce values c an only be generated with the nonce command. If the hos t attempts
to use this mode with the ATAES132 fir s t silicon, an error code will be gen er ated.
R.1.15. EncRead Si gnature Generation Mode s Not Support ed
The EncRead c ommand does not support the key memory signat ure generation mode or the configuration memory signature
generation mode. Any attempt to read the configuration memory or key memory using t he E ncRead command generates an
error code
R.1.16. Vcc Voltage Limitation
The absolute maximum operating voltage is 4.0V. T he temperature sensor will be permanently damaged if the VCC is in
excess of 4.0V is applied to the devi ce. Overvoltage damage to the temperature sensor will result in a perm anent increase in
the power consumption of the device.
This problem will be fixed in fut ure revisions of ATAES132.
R.1.17. Slow VCC Power Up
If the rise ti m e of VCC during power up is 100 millisecon ds or more, then the ATAES132 may be configured incorrect ly. The
device may not load the ChipConfig register cor r ectly, causing the device to enter the wrong power state at power up. The
device may not load the I2CAddr regis ter correctl y resulting in selection of the wrong interface mode or loading a random I2C
device address; as a result it m ay be impossible for the host microc ontroller to comm uni cate with the ATAE S132. Selection of
the wrong interface mode at power up could result in p ermanent damage t o the ATAES132.
This problem will be fixed in fu ture revisions of the ATAES132.
R.2. Pre-Production Errata (INFO DeviceNum = 0x0A04)
Pre-production version, not fully qualified.
R.2.1. SPI Mode 3 Not Supported
SPI Mode 3 communication is not s upported in this revision of the device. This problem will be fixed in future revisions of the
ATAES132.
R.2.2. Temperature Sensor is non-functional
The temperat ur e sensor is non-funct i onal and the TempSense command should not be executed. Execution of the
TempSense command will result i n the part reseting.
Atmel ATAES132 Preliminary Datasheet 164
8760A−CRYPTO−5/11
R.2.3. I2C Maximum Command Block Length is 63 bytes
If the command bloc k i s 64 bytes or greater the device will not accept another c om mand until the power is cycled. No
command requires 64 bytes unless ext r a bytes are added t o the end for padding. Because of the length of the DecRead,
WriteCompute and KeyImport comman ds, they need to be s ent as more than one block .
R.2.4. RRDY Status bit Not Reset by Memory Read in I2C Interface Mode
If a memory read is attempted usin g an invalid address, then the EERR bit will be set to 1b and the RR DY bit should be set to
0b. Actual behavior in the I2C int er face mode is that the RRDY bit is not reset when an invalid address read is attempted – if
the RRDY bit is 1b before the read, t hen it remains 1b. ATAES132 operates corr ectly in SPI Interface mode.
This problem will be fixed in fut ure revisions of ATAES132
R.2.5. EERR and RRDY Status bi ts Reset by not polling during command ex ecut ion
In the I2C mode, if the master does not pol l the slave during a command execution, including an EEPROM write, the E E R R
staus bit will be reset and always appear to be zero. If the last byte of the command is sent in a sepperate packet the RRDY
bit is also cleared.
R.2.6. EERR and RRDY Status bi ts Reset by not polling during EEPROM Writes
In I2C mode, if the mas ter does not poll the slave during an EEPROM write, the EERR and RRDY staus bits will be reset and
always appear to be zero.
R.2.7. KeyCompute , mode bit 2 =1b
The KeyCompute command with mode bit = 1b is not supported in this revisi on of the device. This option will be supported in
future revisions of the ATAE S132
Atmel Corporat ion
2325 Orchard Parkway
San Jose, CA 95131
USA
Tel: (+1)(408) 441-0311
Fax: (+1)(408) 487-2600
www.atmel.com
Atmel Asia Limited
Unit 01-5 & 16, 19F
BEA Tower, Millennium City 5
418 Kwun Tong Road
Kwun Tong, Kowloon
HONG KONG
Tel: (+852) 2245-6100
Fax: (+852) 2722-1369
Atmel Munich GmbH
Business Campus
Parkring 4
D-85748 Garching b. Munich
GERMANY
Tel: (+49) 89-31970-0
Fax: (+49) 89-3194621
Atmel Japan
9F, Tonetsu Shinkawa Bldg.
1-24-8 Shinkawa
Chuo-ku, Tokyo 104-0033
JAPAN
Tel: (+81)(3) 3523-3551
Fax: (+81)(3) 3523-7581
© 2011 Atmel Corporation. All rights re served. / Rev.: 8760A−CRYPTO−5/11
Atmel®, logo and combinations thereof, and others are registered trademarks or trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be
trademarks of others.
Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of
Atmel products. EXCEPT AS SET FORTH IN THE ATMEL TERMS AND CONDITIONS OF SALES LOCATED ON THE ATMEL WEBSITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR
STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT
SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS AND PROFITS, BUSINESS
INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no
representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and products descriptions at any time without notice. Atmel does not make
any commitment to update the information contained herein. Unless specifically provided otherwise, Atmel products are not suitable for, and shall not be used in, automotive applications. Atmel products are not intended, authorized, or
warranted for use as components in applications intended to support or sustain life.
