ATSHA204A Encryption Chip Introduction--Use the article

ATSHA204A加密芯片是ATMEL公司研发的一款高安全性的，功能丰富的加密IC，使用SHA-256算法进行加密操作，内置16*32字节的slot(EEPROM)可以存储用户数据和秘钥，唯一的9字节序列号用于区分其他芯片，还有512bits的OTP区用于保存一些固定信息。芯片对外有2中通信方式，分别是单bus和i2c方式，本文所演示的全部使用I2C方式，但所有功能使用单bus方式也可以实现。芯片管脚图非常简单，如下

This is a atsha204a Soic package that requires only power, ground, and I²c SCL and SDA 4 wires, and SCL and SDA require pull-up resistors.

First of all, let me tell you what SHA-256 is.
Secure Hash algorithm SHA (Secure Hash Algorithm) is a series of cryptographic hashing functions issued by the National Institute of Standards and Technology (NIST), which is designed by the United States State Security Agency (NSA), including SHA-1, SHA-224, SHA-256, SHA-384, and Variants such as SHA-512. Mainly applicable to digital Signature algorithm (digital Signature algorithm DSA), which is defined in the DigitalSignature standard DSS
The most important feature of the SHA algorithm is that the input of any length can generate a fixed-length output, and the input content cannot be restored from the output results, and it is not possible to calculate the same output if the different two inputs are found.
ATSHA204A uses the SHA256 algorithm, can output 32 bytes (256 bits) of fixed-length output, based on the characteristics of the SHA algorithm, we can fully do program-initiated key verification, or server and client key authentication to protect our products.
Nonsense said some, the following to see how to use the i²c operation of this chip, this article is assumed to have a default configuration of the chip to operate, the default configuration is as follows,
The secret key is saved in slot0,slotconfig0.bit12 = 0 (indicating that the secret key of the target slot is used for the SHA256 calculation instead of the specified Parentkey when running the Derivekey command). Then the lock on the chip, the lock can no longer modify the configuration area, and the data area can be configured to use other command updates, in detail, see the next article--configuration chapter.

For atsha204a operation, the first thing to do is to wake the device, wake up the operation as follows
The SDA line remains low 60US, the chip exits hibernation, and then waits for 2.5ms before it can begin accepting commands.
When sending the I²C data, after sending the device address, a word_address should be sent to indicate the purpose of the package. As follows

In the chip manual has been noted the role of other commands, the operation of the chip mainly using command, that is, 0x03 to operate.

There are a number of command commands, which are often required when validating a secret key.

In general, we used to have these several
Derrivekey: Updates the key command in a slot area.
Nonce: Use random numbers to update values in Tempkey
Checkmac: Verifies that a digest is calculated correctly, returns a BOOL value type (0 is correct, 1 is an error)
MAC: Calculates and returns a summary using SHA-256.
READ: Reads data from the chip area.
Write: Writes the data in the chip area. (This command is typically used when configuring)

Other commands are relatively small to use, and other commands are relatively simple to understand, but do not imply that they are not useful because of the length issue, this article describes several commands.

nonce command:

From the literal command to understand, here is the meaning of the random command, indeed. The purpose of this command is to update the chip Tempkey value, what is Tempkey, it can be understood that Tempkey is similar to the temporary variables in our program to save some intermediate results used, but this tempkey value can not be accessed, only the chip internal use.
The Nonce command is introduced first because it is a command to be executed before most other commands are executed.

nonce command above
More focused on Param1 mode, others are fixed values
Mode is described below

Good understanding, when 0 or 1, requires us to enter a 20-byte random number, and then update the seed within the chip, the update seed can make the internal generated random number of higher quality. A value of 2 is not allowed, and 3 is required to enter a random number of 32 bytes, written directly in the Tempkey.
We configure the following
opcode = 0x16,
mode = 0x01,
Zero = 0x0000,
Numin = 20-byte random number
When the command is executed correctly
A 32-byte randout random number generated by the chip is returned, and if mode = 0x03, only the bool value is returned.

Mac command

Use the Mac command to have ATSHA204 generate a digest.


The concern is PARAM1 mode

It seems very complicated, don't worry, the complicated problem we simplify him.
MODE.BIT0 controls whether the returned digest is calculated using the Tempkey calculation or using the challenge in data directly.
MODE.BIT1 controls whether the returned digest is calculated using the value in the slot area or the value in Tempkey.
Mode.bit2 if the bit0 or Bit2 is set, then this bit matches the Tempkey.sourceflag bit. In other words, if the nonce command is used, if the Nonce.mode = = 0x00 or 0x01 in the nonce command, here is equal to 0, if Nonce.mode = = 0x03, here is equal to 1.
MODE.BIT3 = 0
MODE.BIT4 and MODE.BIT5 are choosing whether to use the values in the OTP to participate in the calculation, the individual feels little meaning and increases the complexity of the configuration. It's good to set it to 0.
MODE.BIT6 is the use of serial numbers to participate in the calculation, can be set.
MODE.BIT7 = 0

I set the following
opcode = 0x08
mode = 0x01|0x06
SlotID = 0
Challenge = 0

After sending the past, if performed normally, it returns a 32-byte digest result, which is calculated as follows

The inside of the chip calculates the 32-byte digest based on a series of values.

What's the use?

See here Everyone may have this question, what is the use of returning this value? What am I going to do with them?

Don't worry, I'll tell you a procedure for anti-process copy.
Suppose we are very hard to develop the program, but do not want to be someone else to steal the results of labor (the implementation of the document is copied out, copy a board to continue to use). We will be in the start of the time to verify whether customs clearance, do not go down the customs. The process is as follows:
First we write a 32-byte secret key in the slot0 of the ATSHA204A chip, which is set to unreadable. This secret key only a few people know, and not leak, master MCU connected to the chip, at startup, first we want to obtain the chip serial number, for the back of the calculation Mac. Then we send a nonce command to atsha204a, let it update the value inside the Tempkey, the MCU also calculates the value of Tempkey according to the nonce mode, we call it host_tempkey, if everything is OK, Then the values in the Tempkey and Host_tempkey are consistent, then the MCU itself can be calculated according to Host_tempkey, serial number, and secret key calculation, a summary digest, we call Digest1, Next, send the Mac command to ATSHA204A, ATSHA204A calculates the digest2 based on the secret key stored in the slot area and returns to Mcu,mcu to determine if Digest1 and Digest2 match, and does not match to suspend the program.
There are several key points to note:
1, in the I²C bus does not transmit the secret key, but transmits according to the secret key and some column value calculates the digest, therefore intercepts the secret key on the bus is not possible.
2, in their own MCU also saved the secret key, others to obtain the 16 binary files after the possibility of getting the secret key, I can only say, indeed, but for a huge program hex file to find a 32-byte secret key, is not a needle in the haystack?
3, on the MCU itself to use the SHA-256 algorithm to calculate the summary, how to achieve, this problem assured, in the Atmel official network has been implemented a good library, can be used directly, but this library in the transplant some problems need to change, I have been transplanted well based on stm32f103 version, Completely normal use, and with Chinese comments, porting only need to modify a few interfaces, there are business cooperation can be private messages.
4, in the use of nonce, to send a random number to atsha204a, if you are concerned about the quality of random numbers is not good, you can use the atsha204a random command, you can return a 32-byte high-quality random number to use, can also be used for other purposes.
5. Is there any possibility of cracking? For some small single-chip (51 kind of), indeed good broken, disassembly, skip the verification step can, but stm32 such a powerful function microcontroller is not so, first if you can disassemble, but also to find out where the verification steps, and secondly, I do not know stm32 have no one did disassembly, so, As long as the secret key does not leak, to crack up personally feel also difficult. After all, this is something the military used.

HMAC command

This command is almost the same as the Mac command. Only the algorithms used are inconsistent, and the efficiency is low, as described in the chip manual. So there is no discussion here.

Checkmac command

This command is also with the verification function, in a nutshell, is to let you calculate the good digest, sent to atsha204a, and then atsha204a tell you this digest count is right, return bool value

As follows

Read the previous command introduction, here everyone should be very clear,
For the sake of convenience, the example is as follows
mode = 0
SlotID = 0
Clientchal = 32 bytes, where the MCU can send a 32-byte random number
Clientresp = 32 bytes, this is the MCU's own calculated digest, issued to ATSHA204
Otherdata = 13 bytes as follows

Do not use OTP, all the parameters about the OTP are 0.
The calculation of CLIENTRESP should be based on the following

In the official library also encapsulated the relevant operations, directly to use.
If everything is OK, ATSHA204A returns 0, the calculation digest is not returned 1.

The role of this CHECKMAC command, I personally think one of the tasks is to verify the password. For example, there is a master device, it slot0 the secret key inside, some from the device, to enter the correct password to use the service provided by the main device, it can be used in this way, the bus will not transfer the password, and the password exists atsha204a inside more secure (other such as Flash, EEPROM is easy to steal).

Derivekey command

This command, literally, is a change in the command meaning of key, and it is true that you can update the key in SlotID with this command.
This command is simple, but difficult to understand, according to the manual, described as follows

Simply put, it is slot.slotconfig[targetkey].bit13 to be set to 1, otherwise Derivekey will return an error, and if slot.slotconfig[targetkey].bit12 is 0
The key value to be updated will be tempkey and the original key value calculated, Slot.slotconfig[targetkey].bit12 is 1, then Tempkey and Slot.slotconfig[targetkey]. Calculates the value of the SlotID specified in the Writekey.
In addition, if the slotconfig[targetkey].bit15 is set, you also need to enter
A Mac summary, which is the following

The above is configured in the configuration phase, can not be modified, and send this command with the following parameters can be,
Because Tempkey is used, the nonce needs to be executed correctly before the Derivekey command executes to update the value in Tempkey.
The new key is calculated from the following.

The MCU can also calculate this new key for use.

You can use this command to generate a new secret key to continue to use when our original secret key is compromised.

Also if slot.slotconfig[targetkey].bit12 is 1 and Slotconfig[targetkey]. BIT15 is 1 and Slotconfig[parentkey]. SingleUse is 1 (Parentkey is Slot.slotconfig[targetkey]. Writekey), then Useflag[parentkey] is 0, Derivekey will return failure, that is, I personally understand Useflag[parentkey] is the number of times to indicate the remaining use, once this number is 0, Then you will not be able to use this parentkey to generate additional targetkey.

Read and Write commands

These two commands are used more in the configuration phase, and these two commands are described in the next section of my article, configuration.

At this point, the basic use of atsha204a chip is also introduced, based on such a variety of commands, we can put this chip in many places, such as anti-copy board, password verification, consumption of the product of the horse and so on, of course, there are some other features this article does not introduce to, Interested friends can go to the full read Datesheet, but now only English version of the.
On the Atmel official website can download to the use of this chip library, I have basically completed the transplant based on the stm32f103 platform, and can perfect to use this chip, to transplant the words also need to simply modify a few i²c interface, if there is any need or cooperation, you can send a private messages to me, thank you for your reading.

I got the procedure.

Here are some of the functions to be ported

Sha204_physical.h

Added interface

Test examples

ATSHA204A Encryption Chip Introduction--Use the article