2253 views|0 replies

6388

Posts

8

Resources
The OP
 

FAQ: Anti-counterfeiting protection for disposable products | Microchip Security Solutions Seminar Series 13 [Copy link]

Live Topic: Anti-counterfeiting protection for disposable products | Microchip Security Solutions Seminar Series 13

Content introduction: Learn how to use Microchip security devices and symmetric authentication to reduce the risk of counterfeiting disposable cartridges and consumables. In this seminar, Microchip introduced the architecture and features of the ATSHA206A security device and discussed how to use this solution to establish secure authentication between the host and the disposable cartridge.

Live lecturer: Ken Jin | Senior Application Engineer at Microchip

FAQ details:

1. Can Microchip ensure that the key is not exposed during the configuration or use of the device?
A: Microchip's pre-configuration service is completed in a secure factory without human intervention
. 2. Can ATECC608A be used with any microcontroller and microprocessor?
A: Yes, single bus and I2C communication are both possible
. 3. Is the ATSHA206A currently available?
A: Please consult the agent or Microchip sales office.
4. Will this solution be affected by Sino-US relations? There is a bottleneck phenomenon?
A: It is not on the restricted list
. 5. If the host itself is also a one-time product, how to prevent counterfeiting
? A: You can put SHA206 on the host, and the host controls the anti-counterfeiting according to the set number of uses
. 6. Can user data only be burned once? Can't erase and rewrite?
A: User data can be rewritten multiple times and used as an ordinary E2PROM.
7. If the customer's master key is lost, can it still prevent copying?
A: This key guarantees absolute security.
8. How many secret keys can be placed?
A: At least 2 master keys and derived keys.
9. Is there any encryption for the MCU?
A: Anti-cloning applications can prevent MCUs from being cloned. For more information, please visit our other seminars.
10. What packages are available for ATSHA206A? How long is the lead time?
A: – 2-Pad VSFN contact package for mechanical attachment without PCB – 4-ball WLCSP, 2 x 2 Grid with a 0.4 mm ball pitch (contact Microchip Sales for more information) For lead time, please contact your local Microchip office or Microchip distributor.
11. What is the safe voltage of the IO port?
A: 2.0--5.5V
12. If you use single-line read and write operations, how can you prevent others from copying the read and write timing?
A: The copied accessories can only be used under the current host, which is meaningless to counterfeiters.
13. If the IO port of the SOC is 1.8V, it will be more troublesome to use.
A: Yes. Interface level conversion can be used .
14. Does the hardware encryption chip need to be pre-programmed?
A: Chips without pre-configuration need to be burned by the customer or Microchip can help burn them at the factory. If it is a pre-configured chip, the customer does not need to burn it. It depends on which specific encryption chip.
15. How to ensure that the authentication chip on the printer side is not cracked or copied?
A: If the host side wants to prevent cloning, it also needs to add a security device.
16. If blank devices are not provided, who will complete the encryption information writing work of the chip during mass production? The original manufacturer?
A: Yes, it can only be burned by our security factory. Customers only need to encrypt their own keys and upload them to the system of the security factory.
17. Can it be used for Bluetooth communication encryption?
A: For Bluetooth communication, you can consider our ATECC608, which can realize asymmetric identity recognition and AES data encryption and decryption.
18. It is similar to an electronic tag, but it can only count down (the car counts up), and there is security verification in the transmission, which is tamper-proof.
A: There are similarities, but the difference is also very large.
19. How does Microchip security solution ensure data security?
A: Microchip security devices reach the JIL high security level and have multiple protection mechanisms.
20. What are the commonly used anti-counterfeiting methods?
A: The common method is to use security devices for anti-counterfeiting authentication .
21. How to achieve one object, one code?
A: You can use the SN serial number and master key of SHA206A to derive a new key and write it into the chip to achieve one machine and one code. However, the master key must be saved in the host.
22. What bottlenecks are currently facing the development of anti-counterfeiting applications?
A: The bottleneck lies in the cost and mechanical structure design.
23. What service support does this solution provide?
A: Prototype samples, technical support, chip pre-configuration services, etc.
24. How to prevent the product in the package from being tampered with?
A: Add a security chip to protect the firmware
. 25. It's like an encrypted or secure authentication USB flash drive!
A: There is a big difference. The accessory end is a passive device and does not need to be powered separately.
26. Does the SHA206 encryption chip interface only have single bus communication? Is there any that currently supports the I2C interface?
A: SHA206 only has a single bus interface. There is no I2C interface. If you need an I2C interface, you can consider SHA204 or ECC608
27. Can the key protocol be customized?
A: No, use the standard SHA256 algorithm and the customer's key
28. Is there a wireless one, like an erasable barcode, that communicates and powers wirelessly
A: No, you can consider using NFC
29. How many voltage types does ATSHA206A have ?
A: 2.0V to 4.5V power supply range
30. Is the security solution built-in or external?
A: An external security device
31. Is the security solution built-in or external security?
A: Our SHA206 and SHA204 are both external security chips.
32. How many port functions can support simultaneous communication, excluding multiplexing.
A: SHA206A only has a single bus interface, and SHA204 also has an I2C interface.
33. Security and reliability are generally the desired needs of end users.
A: Yes, Microchip security solutions can solve such problems.
34. For one-time protection, the product software still needs to be written to be stable and reliable.
A: Yes, the coordination of software and hardware.
35. For one-time products, how is the cost controlled?
A: SHA206A is burned with customer keys in batches in our factory, which simplifies the customer's burning and production process.
36. Do we need to consider fault tolerance?
A: The number of verifications needs to be redundant.
37. Can the key be intercepted?
A: The key will not be transmitted on the bus
. 38. Do you have any solution to protect the code in the FLASH external to the DSP?
A: SHA204A can be considered for code protection
. 39. What is the built-in algorithm?
A: SHA-256 Hash
40. How difficult is it to change the algorithm?
A: The algorithm cannot be changed.
41. How difficult is it to crack the key?
A: There is no successful case so far.
42. How to ensure safety when the battery is low?
A: The product cannot be used when the battery is low.
43. How many sleep modes does ATSHA206A have?
A: Two modes: running or sleeping.
44. Can the MCU be encrypted repeatedly?
A: The main function of this product is identity authentication. ECC608 can be considered for encryption.
45. Can any MCU use ATSHA206A?
A: Yes. You only need to transplant our cryptoauthlib library
. 46. How much does the cost increase for Microchip security solutions?
A: You can contact your local agent or microchip for evaluation
. 47. What security certifications have been passed?
A: JIL high security level is equivalent to EAL6/7.
48. Is this wireless communication?
A: I2C communication or single bus communication. The SHA206 in this seminar is single bus communication.
49. What are the key points of anti-counterfeiting protection?
A: The key points are safety, convenience and low cost.
50. What is the delivery date?
A: Please contact the local Microchip office or Microchip agent for the relevant delivery date.
51. If only the SHA256 algorithm is pre-made, and if SHA256 is considered unsafe one day, how can the built-in algorithm be upgraded, such as upgrading to SHA3?
A: The chip algorithm is fixed in hardware and there is no way to update or upgrade it.
52. Are there any related files to download
? A: You can search for related products at www.microchip.com to download the open information. Please contact the Microchip office or Microchip agent for information that requires signing an NDA.
53. What communication method is used between the MCU and the security chip?
A: I2C or single bus. The SHA206 introduced this time is single bus communication.
54. What is the difference between 204A and 206A?
A: There are differences in packaging, communication interface, internal EEPROM capacity, and target applications.
55. How to apply for a 204A or 206A evaluation board?
A: You can contact our sales or agents, or you can buy it directly on the official website.
56. Can non-Microchip MCUs use ATSHA206A?
A: Suitable for any platform and any architecture.
57. Are there evaluation boards for 204A or 206A?
A: Yes. ATSHA206A has TRUST (EV52C70A) ATSHA204 has CryptoAuth-XPRO-B (ATCRYPTOAUTH-XPRO-B)
58. Is the encryption algorithm open source?
A: They are all public mainstream algorithms
. 59. What is the price of the ATSHA206 security device?
A: For specific price information, please contact your local Microchip office or Microchip agent.
60. How does the main control MCU communicate with the disposable product?
A: Through the single-wire interface SWI
61. Is the anti-counterfeiting protection implemented by hardware or software?
A: It is implemented by hardware and the host MCU needs to authenticate the library
62. What if the communication line is monitored and replay attacks are used?
A: Each time, high-quality random numbers will be generated for calculation
63. Can the information be downloaded?
A: For open information, you can go to www.microchip.com and search for relevant product interfaces to obtain relevant information. For information that requires signing an NDA, please contact the local Microchip office or Microchip agent.
64. Is there an introduction to the development environment?
A: Use your own MCU platform development tools and transplant our reference code to your platform
65. Parasitic power supply single-line work, that is, the pull-up resistor of the microcontroller can realize power supply, right?
A: Yes
66. What is the probability of being cracked after encryption?
A: The probability of being cracked by using Microchip security devices to protect the key is very small
67. Is it used in the industrial control industry?
A: It can be used in the field of industrial control accessories authentication, installation and maintenance, and use limit applications.
68. How to trace once?
A: Each chip has a unique serial number, which can be traced back.
69. Is SHA206A a public key or a private key
? A: SHA206 is symmetric encryption, so there is only one key. Public and private keys are only available in asymmetric encryption.
70. What encryption methods does ATSHA206A support?
A: SHA256
71. Can the EEPROM in 206 only be written once? How big is the EEPROM?
A: 248 bytes. The user card slot can be written multiple times. The master key cannot be changed
. 72. What is the operating temperature range of the chip?
A: 40°C to +85°C
73. How is the initial key generated?
A: Pre-configured at the Microchip factory based on the secret assets provided by the customer.
74. How is the working process authenticated?
A: For example, if it is SHA206, the MCU generates a random number and sends it to SHA206. SHA206 calculates a 256-bit hash value through the key and SHA256 algorithm and sends it back to the MCU. The MCU also calculates a hash value through the random number, key and SHA256 algorithm, and compares the two hash values to see if they are the same.
75. Do I have to burn the master key into 206 myself?
A: The customer's key is burned in our secure factory. The chip delivered to the customer is already burned and can be used directly.
76. Is the master key fixed at the factory? Are all factory master keys the same? Or is it customized?
A: Customized
. 77. Can I apply for a development board for free?
A: You can contact your local Microchip office or Microchip agent to apply for or borrow a development board.
78. If there is no PCB, how is the chip soldered?
A: If there is soldering, we can also provide UDFN8 and WLCSP packaging, please contact us for details.
79. Do 2-pin chips not need power? Get power through the data line?
A: Yes, there is a parasitic power supply inside.
80. Is the ATSHA206A model shipped stably?
A: It can be mass-produced and shipped.
81. In addition to the ones introduced in the seminar, are there other encryption chips?
A: Yes, ECC608B, ATSHA204, TA100, etc.
82. Can the EEPROM of 206 be operated by yourself?
A: There is a slot that customers can operate.
83. If the data bus is monitored, will the other party crack the key?
A: Only random numbers and responses are captured on the bus, and it is difficult to calculate the key
. 84. Are there any cases in the medical industry?
A: Currently, there are electronic cigarettes and atomizers.
85. What are the advantages and characteristics of the 2006 security device compared with other similar security chips? Especially in terms of cost performance and application fields, what are the unique features?
A: ATSHA206 is more suitable for ecosystem control, disposable product authentication, and anti-cloning.
86. What is parasitic power?
A: When the SDA pin is high, power is supplied from this pin and stored in the internal bypass capacitor.
87. Microchip security devices, if there are automotive-grade products, what models are they?
A: TA100
88. What communication method do Microchip security devices use with the outside world?
A: Different chips have I2C, single bus, and SPI.
89. What protection mechanisms do Microchip security devices have?
A: The only scrambled and encrypted EEPROM inside the tamper-proof hardware boundary.
90. For product developers, what are the main tasks of software development when using Microchip security devices?
A: Understand the basic knowledge of cryptography. Transplant cryptoauthlib library. Operate the corresponding API.
91. What is the minimum power consumption of ATSHA206A in sleep mode?
A: Less than 150nA
92. Does Microchip have automotive-grade security devices?
A: Yes, TA100
93. What encryption algorithms does Microchip support?
A: The mainstream ones are SHA256, ECC256, AES128
94. Can this solution be used on other disposable items?
A: Yes, the principle is similar, such as ink cartridges, cigarette eggs, battery packs, etc.
95. Is the secret key universal or independent?
A: It is best for each chip to use the same key .
96. What is the difference with ATECC608A? Is it a different application field?
A: ATECC608 mainly includes SHA256 algorithm and ECC256 algorithm, which are mainly used for asymmetric authentication and encryption and decryption. ATSHA206 only has SHA256 algorithm and can only use symmetric encryption algorithm. ECC608 has richer functions and more applicable fields.
97. What are the communication interfaces of ATSH206A?
A: Single-Wire Interface
98. What if the communication timing is completely simulated? Can it pass the certification?
A: The timing can be simulated with the IO port and can be used normally
99. If there are many accessories, are the secret keys in 206a different for each one? Does a host need to store the secret keys of all accessories?
A: If the keys of each 206a are different, only the master key needs to be placed in the host
100. What are the simple solutions for encryption and decryption ?
A: ECC608 can be considered
101. Can the watchdog reset function be realized?
A: ATSHA206A does not have this function
102. Does the device have a built-in random data generator?
A: SHA206A does not have a built-in random number generator
103. How many bits of key does the device have?
A: SHA206 is a SHA256 algorithm with a 256-bit key
104. Is there no secret key transmitted on the I2C bus?
A: SHA206 communicates via a single bus, and the key will not be read directly
105. Does it have a voltage tampering detection function?
A: Anti-tampering hardware boundaries prevent physical tampering106
. How is the interference protection performance?
A: Defend against multiple attacks, including probe attacks, timing attacks, radiation attacks, errors, invalid command attacks, power cycles and clock failures107
. Can it be applied to firmware integrity checks?
A: Firmware integrity checks can be completed using SHA204A108
. Can it be used for encryption protection of FPGA products?
A: Yes, it is applicable to any platform109
. Is it impossible to use line tracking and monitoring?
A: Data monitoring on the line cannot obtain secret information110
. If you store a secret key on your MCU, is it possible for others to obtain the secret key after obtaining the hexadecimal file?
A: There is such a risk111
. What type of authentication algorithm is used?
A: ATSHA206 supports SHA-256 Hash Algorithm with 256-bit Keys112
. Does it support CAN or LIN?
A: SHA206A and MCU use a single bus interface, and then connect to other parts through the MCU's CAN or LIN, so it depends on whether the MCU has these interfaces113
. Are there any development application materials provided?
A: Some technical information requires signing an NDA. You can contact your local Microchip office or Microchip agent.
114. Will quantum communication be applicable in the future?
A: The architecture is different, so the algorithms used must be different.
115. How to crack the password of disposable ink cartridges?
A: This seminar focuses on anti-counterfeiting protection solutions for disposable products such as ink cartridges.
116. Are there any performance requirements for the chip?
A: An 8-bit MCU is enough, and the required information is very small.
117. What are the advantages and disadvantages between related algorithms?
A: It is mainly divided into symmetric encryption and asymmetric encryption. The difficulty of symmetric encryption lies in the protection of keys. Non-docking solves the difficulty of key protection, but it is not as convenient to use as symmetric encryption.
118. What is the communication rate of ATSHA206?
A: 230.4 kBaud
119. How often is the key updated ?
A: The key is refreshed every 8 verifications. It can also be set not to update the key, but it is refreshed every 8 verifications
. 120. How does the host and ink cartridge communicate?
A: It mainly communicates with the encryption chip on the ink cartridge. It is mainly I2C communication and single bus communication. This time, SHA206 is introduced as single bus communication.
121. What are the authentication standards?
A: There are two methods: symmetric (SHA256) and asymmetric (ECC P256).

This post is from Embedded System
Add and join groups EEWorld service account EEWorld subscription account Automotive development circle
Personal signature微信搜索公众号“EEWORLDBBS”快去添加关注吧!

Find a datasheet?

EEWorld Datasheet Technical Support

EEWorld
subscription
account

EEWorld
service
account

Automotive
development
circle

Copyright © 2005-2024 EEWORLD.com.cn, Inc. All rights reserved 京B2-20211791 京ICP备10001474号-1 电信业务审批[2006]字第258号函 京公网安备 11010802033920号
快速回复 返回顶部 Return list