3
ATECC108 [SUMMARY DATASHEET]
Atmel-8873BS-CryptoAuth-ATECC108-Datasheet-Summary_102013
1. Introduction
1.1 Applications
The Atmel
®
ATECC108 is a member of the Atmel CryptoAuthentication
™
family of high-security hardware
authentication devices. It has a flexible command set that allows use for many applications, including the following:
Anti-Counterfeiting — Validates that a removable, replaceable, or consumable client is authentic.
Examples of clients could be system accessories, electronic daughter cards, or other spare parts. It can also
be used to validate a software/firmware module or memory storage element.
Protection for Firmware or Media — Validate code stored in flash memory at boot to prevent unauthorized
modifications, encrypt downloaded program files as a common broadcast, or uniquely encrypt code images
to be usable on a single system only.
Secure Data Storage — Store secret keys for use by crypto accelerators in standard microprocessors.
ATECC108 can also be used to store small quantities of data necessary for configuration, calibration, ePurse
value, consumption data, or other secrets. Programmable protection is available using
encrypted/authenticated reads and writes.
User Password Checking — Validates user entered passwords without letting the expected value become
known, map memorable passwords to random number, and securely exchange password values with
remote system.
1.2 Device Features
ATECC108 includes an EEPROM array that can be used for storage of up to 16 keys, miscellaneous read/write,
read-only or secret data, consumption logging, and security configuration. Access to the various sections of
memory can be restricted in a variety of ways and then the configuration locked to prevent changes.
ATECC108 features a wide array of defensive mechanisms specifically designed to prevent physical attacks on the
device itself or logical attacks on the data transmitted between the device and the system. Hardware restrictions on
the ways in which keys are used or generated provide further defense against certain styles of attack.
Access to the device is through a standard I
2
C Interface at speeds up to 1Mb/sec. It is compatible with standard
Serial EEPROM I
2
C interface specifications. The device also supports a Single-Wire Interface that can reduce the
number of GPIOs required on the system processor and/or reduce the number of pins on connectors. Additionally,
the device supports an alternative Single-Wire Interface compatible with other single-wire devices. If either Single-
Wire Interface is enabled, the remaining pin is available for use as a GPIO. Contact Atmel for more details.
Using either the I
2
C or Single-Wire Interface, multiple ATECC108 devices can share the same bus which saves
processor GPIO usage in system with multiple clients such as different color ink tanks or multiple spare parts.
Each ATECC108 ships with a guaranteed unique 72-bit serial number. Using the cryptographic protocols
supported by the device, a Host system or remote server can verify a signature to prove that the serial number is
both authentic and not a copy. Serial numbers are often stored in a standard Serial EEPROM but these can be
easily copied, and there is no way for the Host to know if the serial number is authentic or if it's a clone.
ATECC108 can generate high-quality FIPS random numbers and employ them for any purpose, including usage
as part of the device’s crypto protocols. Because each random number is guaranteed to be essentially unique from
all numbers ever generated on this or any other device, their inclusion in the protocol calculation ensures that
replay attacks (re-transmitting a previously successful transaction) always fails.
System integration is eased with a wide supply voltage range (2.0V – 5.5V) and an ultra-low sleep current of
<150nA.