Cryptographic authentication chip allows developers evaluation capabilities of CryptoAuthentication, While maintaining authenticity of end-product firmware and protecting sensitive transmitted data

San Jose, CA, October 21, 2009–Atmel® Corporation (Nasdaq: ATML) today announced its CryptoAuthentication™ Starter Kit. The AT88CK109STK3 is a modular and versatile development kit for Atmel’s CryptoAuthentication™ AT88SA102S and AT88SA100S client security devices and AT88SA10HS host security companion IC. Atmel’s CryptoAuthentication devices are the industry’s most secure authentication ICs that include an embedded SHA-256 engine and 256-bit cryptographic key to make them virtually impossible to crack using brute force methods. The nearest competing authentication IC has a key size of only 128 bits.

The CryptoAuthentication Starter Kit contains all components necessary for evaluation and demonstration of the capabilities of the CryptoAuthentication IC, as well as for developing SHA-256-based security applications on virtually any embedded platform. The kit includes boards with sockets for the AT88SA102S, AT88SA100S and AT88SA10HS CryptoAuthentication ICs, using a SHA-256 algorithm, an AVR-based small profile USB Microbase™ pre-loaded with demonstration software, and samples of the AT88SA102S, AT88SA100S and AT88SA10HS. Demonstration and application development software may be downloaded from http://www.atmel.com/cryptoauthentication-kit.

Authentication

The SHA-256 algorithm in the CryptoAuthentication devices authenticates by using a “challenge/response” operation between the microcontroller or host device and client. The host can be a portable power tool, printer, medical test equipment or a satellite radio transmitter. The corresponding client can be the battery in the power tool, an ink cartridge, a medical consumable or a satellite radio.

The AT88SA102S and AT88SA100S client devices in the SHA-256 Starter Kit have a unique serial number plus an embedded 256-bit key that is never exposed. A 63-bit customer secret is burned onto the fuses in the device during the manufacturing system configuration, which can never be read. An additional 23 bits of incremental blow fuses can be used, as needed by the customer. At the beginning of an authentication process (e.g., unlocking a door or installing an ink cartridge), the host microcontroller reads a serial number from the device. The host microcontroller performs a SHA-256 hash based on the device’s serial number, a random number generated by the host microcontroller, the 256-bit key and knowledge of the customer secret from the CryptoAuthentication devices that are also stored in the host. The host then sends the random number to the client as a “challenge”. The AT88SA102S and AT88SA100S client performs their own SHA-256 hash, based on the same information. The resulting digest or “response” is sent back to the host. The host microcontroller compares this response with the SHA-256 digest from its earlier calculation. If they match, the client is deemed to be authentic. The output digest of the SHA-256 calculation is so sensitive to the original information that changing even a single bit of the challenge will result in a completely different value.

Ultra-low Power Consumption

Authentication ICs spend only a small percentage of the time active, so sleep mode power consumption is the most important power consumption metric. With sleep mode power consumption of less than 100 nanoamps (nA), Atmel’s AT88SA102S, AT88SA100S and AT88SA10HS CryptoAuthentication ICs should have virtually no impact on system battery life. Supply voltage for the AT88SA102S, AT88SA100S and AT88SA10HS devices are 2.5V to 5.5V

Availability and Pricing

The SHA-256 Starter Kit is available now from Digikey for $99.95.

Atmel’s AT88SA102S, AT88SA100S and AT88SA10HS CryptoAuthentication ICs are now available in 3-lead SOT23 packages and priced at $0.42 in quantities of 100.

Press Contacts

Sharon Harnisch, Marketing Communications
Tel : +1 719 540-1723, Email: Sharon.harnisch@atmel.com

Robert Huntley, Publitek
Tel: +44 1225 470000, Email: Robert.huntley@publitek.com

© 2009 Atmel Corporation. All Rights Reserved. Atmel®, Atmel logo and combinations thereof, Everywhere You Are®, AVR® and others, are registered trademarks, CryptoAuthentication™ and others are trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others.