AT88SC1616CRF [Summary Datasheet]
Atmel-5026GS-CryptoRF-AT88SC1616CRF-Datasheet-Summary_012014
6
7. Security Operations
7.1 Anti-tearing
In the event of a power loss during a write cycle, the integrity of the device’s stored data may be recovered. This function
is optional — The host may choose to activate the anti-tearing function depending on application requirements.
When anti-tearing is active, Write commands take longer to execute since more write cycles are required to
complete them.
Data writes are limited to 8-byte pages when anti-tearing is active.
Data is written first to a buffer zone in EEPROM instead of to the intended destination address, but with the same access
conditions. The data is then written to the required location. If this second write cycle is interrupted due to a power loss,
the device will automatically recover the data from the buffer zone at the next power-up.
7.2 Password Verification
Passwords may be used to protect user zone Read and/or Write access. When a password is presented using the Check
Password command, it is memorized and active until power is removed unless a new password is presented or a valid
DESELECT or IDLE command is received. Only one password is active at a time, but Write passwords also give Read
access.
7.3 Authentication Protocol
The access to a user zone may be protected by an authentication protocol in addition to password dependent rights.
Passwords are encrypted in authentication mode.
The authentication success is memorized and active as long as the chip is powered, unless a new authentication is
initialized or a valid DESELECT or IDLE command is received. If the new authentication request is not validated, the card
loses its previous authentication and it must be presented again. Only the last request is memorized.
7.4 Encryption
The data exchanged between the card and the reader during Read, Write, and Check Password commands may be
encrypted to ensure data confidentiality.
The issuer may choose to protect the access to a user zone with an encryption key by settings made in the configuration
memory. In that case, activation of the encryption mode is required in order to read/write data in the zone.
The encryption activation success is memorized and active as long as the chip is powered, unless a new initialization is
initiated or a valid DESELECT or IDLE command is received. If the new encryption activation request is not validated, the
card will no longer encrypt data during Read operations nor will it decrypt data received during Write or Check Password
operations.
7.5 Checksum
The PICC implements a data validity check function in the form of a checksum. The checksum may function in standard
or cryptographic mode. In the standard mode, the checksum is optional and may be used for transmission error
detection. The cryptographic mode is more powerful since it provides data origin authentication capability in the form of a
Message Authentication Code (MAC). To write data to the device, the host is required to compute a valid MAC and
provide it to the device. If after an in going command the device computes a MAC different from the MAC transmitted by
the host, not only is the command abandoned but the cryptographic mode is also reset. A new authentication is required
to reactivate the cryptographic mode.