AT88SC1616C [SUMMARY DATASHEET]
Atmel-2030MS-CryptoMem-AT88SC1616C-Datasheet-Summary_122013
13
12. Password Verification
Passwords may be used to protect read and/or write access of any user zone. When a valid password is presented, it is
memorized and active until power is turned off, unless a new password is presented or RST becomes active. There are eight
password sets that may be used to protect any user zone. Only one password is active at a time, but write passwords give
read access also.
12.1 Authentication Protocol
The access to a user zone may be protected by an authentication protocol. Any one of four keys may be selected to use with a
user zone.
The authentication success is memorized and active as long as the chip is powered, unless a new authentication is initialized
or RST becomes active. If the new authentication request is not validated, the card loses its previous authentication and it
should be presented again. Only the last request is memorized.
Note: Password and authentication may be presented at any time and in any order. If the trials limit has been reached
(after four consecutive incorrect attempts), the password verification or authentication process will not be taken
into account
Figure 12-1. Password and Authentication Operations
Device (Card)
Card Number
VERIFY A
COMPUTE Challenge B
Challenge B
VERIFY RPW
DATA
Checksum (CS)
VERIFY WPW
VERIFY CS
Write DATA
Host (Reader)
COMPUTE Challenge A
Challenge A
VERIFY B
Read Password (RPW)
VERIFY CS
Write Password (WPW)
DATA
CS
AUTHENTICATION
READ ACCESS
WRITE ACCESS
AT88SC1616C [SUMMARY DATASHEET]
Atmel-2030MS-CryptoMem-AT88SC1616C-Datasheet-Summary_122013
14
12.2 Checksum
The AT88SC1616C implements a data validity check function in the form of a checksum, which may function in standard,
authentication or encryption modes.
In the standard mode, the checksum is implemented as a Modification Detection Code (MDC), in which the host may read an
MDC from the device in order to verify that the data sent was received correctly.
In the authentication and encryption modes, the checksum becomes more powerful since it provides a bidirectional data
integrity check and data origin authentication capability in the form of a Message Authentication Code (MAC). Only the
host/device that carried out a valid authentication is capable of computing a valid MAC. While operating in the authentication
or encryption modes, the use of a MAC is required. For an ingoing command, if the device calculates a MAC different from the
MAC transmitted by the host, not only is the command abandoned but the mode is also reset. A new authentication and/or
encryption activation will be required to reactivate the MAC.
12.3 Encryption
The data exchanged between the device and the host during read, write and verify password commands may be encrypted to
ensure data confidentiality.
The issuer may choose to require encryption for a user zone by settings made in the configuration memory. Any one of four
keys may be selected for use with a user zone. In this case, activation of the encryption mode is required in order to read/write
data in the zone and only encrypted data will be transmitted. Even if not required, the host may elect to activate encryption
provided the proper keys are known.
12.4 Supervisor Mode
Enabling this feature allows the holder of one specific password to gain full access to all eight password sets, including the
ability to change passwords.
12.5 Modify Forbidden
No write access is allowed in a user zone protected with this feature at any time. The user zone must be written during device
personalization prior to blowing the security fuses.
12.6 Program Only
For a user zone protected by this feature, data within the zone may be changed from a “1” to a “0”, but never from a “0” to a
“1”.
13. Initial Device Programming
To enable the security features of CryptoMemory, the device must first be personalized to set up several registers and load in
the appropriate passwords and keys. This is accomplished through programming the configuration memory of CryptoMemory
using simple write and read commands. To gain access to the configuration memory, the secure code must first be
successfully presented. For the AT88SC1616C device, the secure code is $20 0C E0. After writing and verifying data in the
configuration memory, the security fuses must be blown to lock this information in the device. For additional information on
personalizing CryptoMemory, please see the application notes Programming CryptoMemory for Embedded Applications and
Initializing CryptoMemory for Smart Card Applications (at www.Atmel.com).
AT88SC1616C [SUMMARY DATASHEET]
Atmel-2030MS-CryptoMem-AT88SC1616C-Datasheet-Summary_122013
15
14. Ordering Information
Atmel Ordering Code Package Voltage Range Temperature Range
AT88SC1616C-MJ
AT88SC1616C-MP
AT88SC1616C-MJTG
AT88SC1616C-MPTG
M2 J Module – ISO
M2 P Module - ISO
M2 J ModuleTWI
M2 P Module - TWI
2.7V5.5V Commercial (0°C70°C)
AT88SC1616C-PU
AT88SC1616C-SH
8P3
8S1
2.7V5.5V Green compliant (exceeds RoHS)
Industrial (40°C85°C)
AT88SC1616C-WI 7 mil wafer 2.7V5.5V Industrial (40°C85°C)
Package Type
(1) (2)
Description
M2 J Module : ISO or TWI M2 ISO 7816 smart card module
M2 P Module : ISO or TWI M2 ISO 7816 smart card module with Atmel
®
logo
8P3 8-lead, 0.300” wide, Plastic Dual Inline (PDIP)
8S1 8-lead, 0.150” wide, Plastic Gull Wing Small Outline (JEDEC SOIC)
Notes: 1. Formal drawings may be obtained from an Atmel sales office
2. Both the J and P module packages are used for either ISO (T=0 / 2-wire mode) or TWI (2-wire mode only)

AT88SC1616C-MP

Mfr. #:
Manufacturer:
Microchip Technology / Atmel
Description:
EEPROM CRYPTO Memory 16Kbit, 16zones
Lifecycle:
New from this manufacturer.
Delivery:
DHL FedEx Ups TNT EMS
Payment:
T/T Paypal Visa MoneyGram Western Union