How to program your secrets into a chip with hardware-based security

Written by Nelson Lunsford

Implementing security into your design may seem somewhat daunting and time-/resource-intensive at first glance.  You may be thinking that you don’t have the luxury for it.  Fortunately, Atmel makes it easy when using the turnkey Atmel CryptoAuthentication IC.

At its most basic, the CryptoAuthetication device receives a challenge from a host system and a response is sent back to that host system. That challenge is combined with a secret key stored in the secure memory of the CryptoAuthetication using the MAC command. Then the result or response is sent back to the host system. If the response is correct as determined by the host system, then the operation can proceed.

How does that secret get into the CryptoAuthetication IC in the first place? Well, the CryptoAuthetication device requires that it be personalized or programmed with a known configuration for the application that it is intended to solve. Personalization of the device simply means configuring it to do what you want it to do.

The following methods can be used to place secure information into the CryptoAuthentication device:

  1. You can program the IC using the available communications interfaces provided by the IC, namely SWI or TWI.
  2. Atmel provides a software package and a hardware kit. This package is the Atmel CryptoAuthentication Evaluation Studio (ACES) and the AT88CK101STK8 or AT88CK109STK8 hardware.
  3. Atmel has produced a Secure Personalization or Programmer Kit (combination hardware and software) that can be purchased to program the CryptoAuthentication in greater quantities than the ACES tool.
  4. Atmel has approved several 3rd party programmers that can be purchased program the CryptoAuthentication before deployment.
  5. Atmel has also approved several 3rd party companies that will program the CryptoAuthentication once the secrets have been securely received.
  6. Atmel provides a service to their larger customers enabling the CryptoAuthentication to be personalized at final package test.
  7. This service is for programming larger numbers of ICs where it is not conducive for you to manage it yourself.

Any of the 6 methods mentioned above will work for placing your specific data into the CryptoAuthentication device in order to protect your IP.

2 thoughts on “How to program your secrets into a chip with hardware-based security

  1. Pingback: Achieving a secure lockdown with Atmel’s ATSHA204 | Bits & Pieces from the Embedded Design World

  2. Usama Elhagari

    Hi, I am a PhD student doing a research in TPM testing. I’m searching for development training kit with good features to help in sending commands and receiving responses in easy way to Atmel TPM chip (ver 1.1 and ver 1.2).
    I appreciate your help in advance.

    Usama Elhagari
    UTM university
    Malaysia

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s