DS1963S-F5+ Datasheet DS1963S-F5+ | P1-P3

AVAILABLE

1 of 23 011002

1.0 Introduction

The purpose of this document is to familiarize 1-Wire

software developers with the APIs for producing

secure SHA applications. There is an API available in both of the major development kits: the 1-Wire

API for Java™ and the 1-Wire Public Domain Kit. This document should serve as both a tutorial for

designing new secure applications with each API, as well as a walkthrough for a deeper understanding of

the demo applications shipped with each development kit.

This document assumes a basic understanding of the SHA iButton

hardware as well as the 1-Wire

protocol for using iButtons. The data sheet for the DS1963S (SHA iButton) is available on the website

(www.maxim-ic.com). Also, there are application notes available that detail the structure of a signed

certificate for eCash systems [AN151, Maxim Digital Monetary Certificates], a high-level protocol for

secure applications [AN157, SHA iButton API Overview], a SHA-1 overview [AN1201, 1-Wire

SHA-1 Overview], and the implementation of a file system for memory devices [AN114, 1-Wire

File Structure].

In any monetary SHA application, the two major components are the coprocessor and the user token. The

coprocessor is a DS1963S initialized for verifying a user token as a member of the system and validating

the user’s certificate. A user’s token is a DS1963S (or comparable 1-Wire device) that carries a monetary

certificate and identifies a user of the system. For each API, this document will give an overview of the

methods used for initializing the coprocessor, initializing the user token, and performing transactions.

Each transaction can be broken down to further steps, which could include authenticating the user,

verifying the transaction data, and updating the transaction data with dynamic information.

For all the code samples in this document, the code boxes with the light gray shading indicate that the

code is the breakdown of a higher-level task to the most detailed of operations. In the 1-Wire API for

Java, this low-level code will use the OneWireContainer18 class. In the Public Domain Kit, it will use

functions from the SHA18.C module.

2.0 SHA Applications with the 1-Wire API for Java

The solution for SHA Applications in the 1-Wire API for Java introduces a new package into the

development kit: com.dalsemi.onewire.application.sha. A snapshot of the classes in that package, as well

as their inheritance relationships, is shown in Figure 1. When detailing the nature of the necessary

methods introduced in that package, the container-level methods will be considered atomic and no further

breakdown will be provided (although the source is available in the kit).

The SHATransaction abstract superclass is meant to represent all secure transactions. This class defines

three key methods, which represent the fundamental steps in a typical transaction:

1) Verify that the user token is a valid member of the system (verifyUser)

2) Verify that the data is properly certified and has not been tampered with (verifyTransactionData)

3) Update the data as necessary and ensure the token receives the update (executeTransaction)

pplication Note 156

DS1963S SHA 1-Wire API Users Guide

1-Wire and iButton are registered trademarks of Dallas Semiconductor.

Java is a trademark of Sun Microsystems.

AN156

2 of 23

There are two sample transactions that extend SHATransaction: SHADebit and SHADebitUnsigned. The

first implements an account debit system, where an initial account balance is stored in a signed monetary

certificate (see AN151). During typical use, a user is validated as a member of the system and the

signature on the certificate is verified. If the user and data are both valid, the balance stored in the

monetary certificate is updated, a new signature is generated, and the certificate is written back to the

device. The second transaction (SHADebitUnsigned) uses an unsigned monetary certificate and utilizes

the unused space to implement a double-write scheme, protecting the data in EEPROM devices. This

transaction type (for use with the DS1961S/DS2432 1-Wire devices) is covered in another application

note.

SHA transactions have, as a constant member, a SHAiButtonCopr (the class that represents a DS1963S

that has been initialized to perform as a coprocessor in SHA transactions). In that sense, a

SHATransaction can be thought of as an extension to the SHAiButtonCopr. It serves the same purpose as

the "decorator" classes in Java in that it separates the "thing to sign with" from "what it's signing." That

way, the "thing to sign with" (i.e. the coprocessor, SHAiButtonCopr) can be easily moved to different

systems ("what it's signing") with minimal coding for the application developer. In addition, a

SHAiButtonCoprVM, or rather a simulated coprocessor, can be used in place of a hardware DS1963S.

This class is provided as a convenience, but for optimal security a hardware coprocessor is recommended.

Inheritance Hierarchy of Package Figure 1

Every method in SHATransaction has a SHAiButtonUser as a parameter. Provided with the API are two

user objects: SHAiButtonUser33 and SHAiButtonUser18. Although the default implementation of

SHAiButtonUser only supports the two kinds of SHA iButtons (DS1961S/DS2432 family 0x33 and

DS1963S family 0x18), the concept of a user of a SHATransaction could be extended to support any 1-

Wire memory device. The SHAiButtonUser33 and SHAiButtonUser18 are handy extensions, however, as

they both provide authentication along with carrying the required account data. If iButton authentication

SHADebit

Signed eCash

SHAUnsignedDebit

Unsigned eCash

SHATransaction

Abstract Superclass

SHAiButtonUser18

DS1963S User Tokens

SHAiButtonUser33

DS1961S/DS2432 User Tokens

SHAiButtonUser

Abstract Superclass

SHAiButtonCoprVM

Software Simulated Coprcessor

SHAiButtonCopr

DS1963S Coprocessor

AN156

3 of 23

is something that isn't important to the specific system, the SHAiButtonUser class could easily be

extended to support 1-Wire memory devices, which would just carry signed account information. Note

that using other memory devices rules out the use of a challenge-response protocol for authenticating the

iButton. There is still a minimal level of security in the user token's 64-bit ROM ID.

2.1 Initializing the Coprocessor

Initializing the coprocessor consists of two important steps: installing the system authentication secret and

installing the system signing secret. An optional third step is to write all of the system configuration data

to the iButton in the form of a file (see AN114). The configuration data doesn’t have to be stored on the

coprocessor iButton, but it’s convenient to keep the system parameters as portable as the coprocessor. As

an alternative, the file can be stored on a disk drive or the parameters can be hardcoded in your

application.

The following blocks of code demonstrate the initialization of the coprocessor. Each block of code is well

commented and the declarations of all variables used are shown. The intent is that the code can be copied

into a project used after just a few edits.

Necessary System Parameters for a SHA Application Figure 2

/* The input data to be used for calculating the master authentication and signing

* secrets. The calculation involves splitting the secret into blocks of 47 bytes

* (32 bytes to the data page, 15 bytes to the scratchpad) and then performing the

* SHA command Compute First Secret, followed by Compute Next Secret for each 47

* byte block after the first. */

yte[] inputAuthSecret, inputSignSecret; // . . . initialize from user input

/* The page to use for the signing secret must be page 8, because secret 0 is the

* only secret that can be used for the SHA command Sign Data Page. For a list of

* SHA commands, and what pages they can be used on, see the DS1963S datasheet. */

int signPageNumber = 8;

/* The authentication secret can be on any page as long as it doesn’t collide with

* the file holding coprocessor configuration information and not secret 0 */

int authPageNumber = 7;

/* The workspace page is the page the coprocessor will use for recreating a user’s

* unique authentication secret and it’s authentication response. */

int wspcPageNumber = 9;

/* The binding information is used to create the “unique” secret for each button.

* bindData is written to the data page of the user token, and bindCode is written

* to the scratchpad. The result of a Compute Next Secret using the system

* authentication secret, the account page number, the rom ID of the user token, the

* bind data, and the bind code becomes the user’s unique authentication secret.

* This is used to initialize a user token and the coprocessor must use the same

* data to recreate the user token’s unique secret. */

yte[] bindData = new byte[32], bindCode = new byte[7]; // . . . user input

/* Initial signature to use when signing the certificate */

yte[] initSignature = new byte[20]; // . . . user input

/* Three byte challenge used when signing the certificate */

yte[] signingChlg = new byte[3]; // . . . one time random calculation or user input

/* Name of the account file (and file extension) to create on user tokens */

yte[] acctFilename = (“DLSM”).getBytes();

int acctFileExt = 102; // extension for “money” files

P1-P3 P4-P6 P7-P9 P10-P12 P13-P15 P16-P18 P19-P21 P22-P23

DS1963S-F5+

Mfr. #:

Buy DS1963S-F5+

Manufacturer:

Maxim Integrated

Description:

iButtons & Accessories SHA iButton

Lifecycle:

New from this manufacturer.

Delivery:

DHL FedEx Ups TNT EMS

Payment:

T/T Paypal Visa MoneyGram Western Union

Products related to this Datasheet

DS1963S-F5+