3
ATAES132 [SPI SUMMARY DATASHEET]
Atmel-8763DS-CryptoAuth-ATAES132-SPI-Datasheet-Summary_072014
1. Security
1.1 Advanced Encryption Standard (AES)
The ATAES132 cryptographic functions are implemented with a hardware cryptographic engine using the Advanced
Encryption Standard (AES) in the CCM (Counter mode Cipher block chaining Message authentication code) mode with
128-bit keys. AES-CCM mode provides both confidentiality and integrity checking with a single key. The integrity MAC
includes both the encrypted data and additional authenticate-only data bytes, as described in each command definition.
Each MAC is unique due to inclusion of a nonce and an incrementing MacCount register in the MAC calculation.
1.2 Hardware Security Features
The ATAES132 device contains physical security features to prevent an attacker from determining the internal secrets.
The ATAES132 includes tamper detectors for voltage, temperature, frequency, and light, as well as an active metal
shield over the circuitry, internal memory encryption, and various other features. The ATAES132 physical design and
cryptographic protocol are architected to prevent or significantly complicate most algorithmic, timing, and side-channel
attacks.
2. Device Internal Regions
Seven distinct regions make up the internal organization of the ATAES132: User Memory, Information Region,
Configuration Memory, Counters, Key Memory, SmallZone, and I/O Support regions.
Figure 2-1. Device Internal Regions
2.1 User Memory
The User Memory is comprised of 32Kb of nonvolatile memory, segmented into 16 zones. Access to the zones is
independently configurable to offer access restrictions, from open access, as in any standard Serial EEPROM, to full
restrictions that preclude Read/Write operations and will only permit internal, authenticated use for such data as security
keys.
2.2 Information Region
The information region holds read-only identification information, such as unique die serial numbers and other
information pertaining to the ATAES132.
User Memory (32Kb)
Information Region (36 bytes)
Configuration Memory (165 bytes)
Counters (2Kb)
Key Memory (2Kb)
Small Zone (32 bytes)
Free Space (96 bytes)
I/O Support SRAM