AT88SC6416C-MJ Datasheet AT88SC6416C-SU, AT88SC6416C-PU, AT88SC6416C-MJ | P13-P15

AT88SC6416C

5015KS–SMEM–08/09

12. Password Verification

Passwords may be used to protect read and/or write access of any user zone. When a valid password is presented, it

is memorized and active until power is turned off, unless a new password is presented or RST becomes active. There

are eight password sets that may be used to protect any user zone. Only one password is active at a time, but write

passwords give read access also.

12.1. Authentication Protocol

The access to a user zone may be protected by an authentication protocol. Any one of four keys may be selected to

use with a user zone.

The authentication success is memorized and active as long as the chip is powered, unless a new authentication is

initialized or RST becomes active. If the new authentication request is not validated, the card loses its previous

authentication and it should be presented again. Only the last request is memorized.

Note: Password and authentication may be presented at any time and in any order. If the trials limit has been

reached (after four consecutive incorrect attempts), the password verification or authentication process will not

be taken into account.

Figure 13. Password and Authentication Operations

Device (Card)

Card Number

VERIFY A

COMPUTE Challenge B

Challenge B

VERIFY RPW

DATA

Checksum (CS)

VERIFY WPW

VERIFY CS

Write DATA

Host (Reader)

COMPUTE Challenge A

Challenge A

VERIFY B

Read Password (RPW)

VERIFY CS

Write Password (WPW)

DATA

AUTHENTICATION

READ ACCESS

WRITE ACCESS

14 AT88SC6416C

5015KS–SMEM–08/09

12.2. Checksum

The AT88SC6416C implements a data validity check function in the form of a checksum, which may function in

standard, authentication or encryption modes.

In the standard mode, the checksum is implemented as a Modification Detection Code (MDC), in which the host may

read a MDC from the device in order to verify that the data sent was received correctly.

In the authentication and encryption modes, the checksum becomes more powerful since it provides a bidirectional

data integrity check and data origin authentication capability in the form of a Message Authentication Code (MAC).

Only the host/device that carried out a valid authentication is capable of computing a valid MAC. While operating in the

authentication or encryption modes, the use of a MAC is required. For an ongoing command, if the device calculates a

MAC different from the MAC transmitted by the host, not only is the command abandoned but the mode is also reset. A

new authentication and/or encryption activation will be required to reactivate the MAC.

12.3. Encryption

The data exchanged between the device and the host during read, write and verify password commands may be

encrypted to ensure data confidentiality.

The issuer may choose to require encryption for a user zone by settings made in the configuration memory. Any one of

four keys may be selected for use with a user zone. In this case, activation of the encryption mode is required in order

to read/write data in the zone and only encrypted data will be transmitted. Even if not required, the host may elect to

activate encryption provided the proper keys are known.

12.4. Supervisor Mode

Enabling this feature allows the holder of one specific password to gain full access to all eight password sets, including

the ability to change passwords.

12.5. Modify Forbidden

No write access is allowed in a user zone protected with this feature at any time. The user zone must be written during

device personalization prior to blowing the security fuses.

12.6. Program Only

For a user zone protected by this feature, data within the zone may be changed from a “1” to a “0”, but never from a “0”

to a “1”.

13. Initial Device Programming

To enable the security features of CryptoMemory, the device must first be personalized to set up several registers and

load in the appropriate passwords and keys. This is accomplished through programming the configuration memory of

CryptoMemory using simple write and read commands. To gain access to the configuration memory, the secure code

must first be successfully presented. For the AT88SC6416C device, the secure code is $F7 62 0B. After writing and

verifying data in the configuration memory, the security fuses must be blown to lock this information in the device. For

additional information on personalizing CryptoMemory, please see the application notes Programming CryptoMemory

for Embedded Applications and Initializing CryptoMemory for Smart Card Applications (at www.Atmel.com

AT88SC6416C

5015KS–SMEM–08/09

14. Ordering Information

Ordering Code Package Voltage Range Temperature Range

AT88SC6416C-MJ

AT88SC6416C-MJTG

M2 – J Module - ISO

M2 – J Module - TWI

2.7V–5.5V Commercial (0°C–70°C)

AT88SC6416C-PU

AT88SC6416C-SU

8P3

8S1

2.7V–5.5V

Green compliant (exceeds

RoHS)/Industrial (−40°C–85°C)

AT88SC6416C-WI 7 mil wafer 2.7V–5.5V Industrial (−40°C–85°C)

Package Type

(1) (2)

Description

M2 – J Module : ISO or TWI M2 ISO 7816 Smart Card Module

8P3 8-lead, 0.300” Wide, Plastic Dual Inline Package (PDIP)

8S1 8-lead, 0.150” Wide, Plastic Gull Wing Small Outline Package (JEDEC SOIC)

Note: 1. Formal drawings may be obtained from an Atmel sales office.

2. The J Module Package is used for either ISO (T=0 / 2-wire mode) or TWI (2-wire mode only).

P1-P3 P4-P6 P7-P9 P10-P12 P13-P15 P16-P18 P19-P20

AT88SC6416C-MJ

Mfr. #:

Buy AT88SC6416C-MJ

Manufacturer:

Microchip Technology / Atmel

Description:

Security ICs / Authentication ICs CRYPTO Memory 64Kbit, 16zones

Lifecycle:

New from this manufacturer.

Delivery:

DHL FedEx Ups TNT EMS

Payment:

T/T Paypal Visa MoneyGram Western Union

AT88SC6416C-MJ

AT88SC6416C-MJ

Products related to this Datasheet