summary datasheet - wisekey · 2016. 10. 4. · 6601cs – 27sep16 3|13 vaultic100 summary...

VAULTIC100

Summary Datasheet

6601

CS

– 2

7Sep

16

2|13 VaultIC100 Summary Datasheet

General FeaturesCryptographic Services• Public Key Pair Generation (ECC)• Digital Signature• Message Digest• Deterministic Random Number Generation (FIPS com-

pliant)

Cryptographic Algorithms• ECC (GF2n) up to 303 bits, including FIPS recom-

mended curves B233, K233, B283, K283

Software Features• FIPS 140-2 Identity-based Authentication using Mutual

Strong Authentication• Rights Management (Manufacturer, User)• Secure File System• Secure 32-bit Counters

Memory• File System 1.5 Kbytes (1Kbyte for Files and 0.5Kbyte

for Key ring)• Write Endurance 500 Kcycles• Data Retention 20 Years• 2ms Program + 2ms Erase

Communication• I²C (Two Wire Interface)• One-Wire Interface, WISeKey’s Proprietary Protocol

Certifications / Standards• Targeted Hardware Common Criteria EAL4+ • Targeted FIPS 140-2 Security Level 3

Packages• 6-DFN (RoHS compliant) 2mm x 3mm

Hardware Platform• 8-/16-bit RISC CPU• Hardware Random Number Generator• Hardware 16-bit Public Key Crypto Accelerator• Low Power consumption: 140µA in standby mode and

only 3 to 5mA during CPU-intensive operations

Timings• Unilateral Authentication in less than 300ms (typical) in

non-FIPS mode : including Startup time and InternalAuthenticate command with ECDSA B-163

• B283 Key-Pair Generation on-Chip in 1.2 s (typical) innon-FIPS mode

6601

CS

– 2

7Sep

16


Detailed FeaturesDescriptionThe VaultIC100 is a Secure microcontroller solution designed to secure various systems against counterfeiting, cloningor identity theft. It is a hardware security module that can be used in many applications such as IP protection, accesscontrol or hardware protection.

The proven technology used in VaultIC100 security modules is already widespread and used in national ID/healthcards, e-passports, bank cards (storing user Personal Identification Number, account numbers and authentication keysamong others), pay-TV access control and cell phone SIM cards (allowing the storage of subscribers’ unique ID, PINcode, and authentication to the network), where cloning must definitely be prevented.

Designed to keep contents secure and avoid leaking information during code execution, the VaultIC100 include volt-age, frequency and temperature detectors, illegal code execution prevention, tampering monitors and protectionagainst side channel attacks and probing. The chips can detect tampering attempts and destroy sensitive data on suchevents, thus avoiding data confidentiality being compromised. Strong Authentication capability, secure storage andflexibility thanks to its interfaces (OWI, I²C), low pin count and low power consumption are main features of theVaultIC100. Its embedded firmware provides advanced functions such as Identity-based authentication, Cryptographiccommand set, ECC Public Key cryptographic algorithm, robust commmunication Protocol.

VaultIC100 includes 16 Secure 32-bit counters, for instance useful to avoid refilling of printers cartridge. These coun-ters can be used in two ways: usual Counter mode or Direct mode, where each counter can be seen as small 32-bitfiles. These counters can also be used for authentication purpose.

Figure 1 Software and Hardware Architecture

VaultIC100 Hardware

HardwareSecurity

PowerManagement

Device

I/Os

RAM

EEPROM

I2CRISCCPU

PublicKey

CryptoEngineRNG

Crypto Library(ECDSA)

Memory Management

Communication Stack(OWI, I2C)

CryptoServices

(Key Gen, Signature...)

ApplicationManagement

& Storage

(File System)

AdministrationServices

(Key Management)

Security Domain(Security Policies, Access Controls, Role Management)

Application Interface

OWI

6601

CS

– 2

7Sep

16


Asymmetric cryptographyTo make the authentication possible, the VaultIC100 uses asymmetric cryptography. Contrary to the symmetric cryp-tography using the same key for encryption and decryption, the asymmetric cryptography uses a key pair (a Public keyand a Private key), each for a specific purpose: the private key is for encryption, the public key for decryption.

Storing securely the Private Key, the VaultIC100 is capable to generate a unique digital signature that any host can ver-ify using the associated Public Key. The main advantage of the asymmetric cryptography is the easy way of distributingkeys : only the Private key should be protected and then the Host, embedding the Public key, does not need to be in asecure environment.

Figure 2 asymmetric cryptography used in VaultIC100

One Wire Interface• Presentation

The One-Wire Interface is an WISeKey Proprietary Protocol. It has been designed to provide acommunication using one GPIO. A basic data exchange is:

• The host sends the synchronization pattern• The host sends data to the device, typically a command (a transmission, TX)• The device sends data to the host, typically a response (a reception, RX)

• Synchronisation patternThis pattern consists in a low level (can be viewed as a start signal, to wake-up the chip) fol-lowed by 9 falling edges, representing 8 clock cycles. This pattern is shown below:

Figure 3 Synchronisation pattern

Genuine ?

Genuine !

Challenge

Response

Private Key is protected

in VaultIC100

Non secure firmware in host!

Public Key only

GPIO line

Synchronization pattern

Two bits duration = 2 TbitLow level= Tsll

For timings values please refer to the VaultIC100 Technical Datasheet

6601

CS

– 2

7Sep

16


By definition, the 8 similar periods are equal to 2 bit duration. All the following RX and TX dataexchange will use this bit duration as the reference to transmit or receive one bit.

• Byte Exchange during Tx or RxOne byte (bit7 to bit0) is sent bit by bit. Prior to sending the sequence of bits, the sender (host ordevice) must send a “start bit” (to wake-up the receiver). Then following this “start bit”, thesender sends the bit7, then the bit6...until bit0. So each bit is maintained at its level (low level tocode a ‘0’ or high level to code a ‘1’) during a duration of Tbit.

The exchange of one byte (value = 0x93) is represented below:

Figure 4 OWI - Byte exchange

• Simple block exchangeThe figure below represents a simple exchange composed of the following:

• a synchronisation pattern• a TX where the host is sending x bytes to the device• a RX where the host is receiving y bytes from the device

Figure 5 OWI - TX then RX and RX then TX

GPIO line

Byte 0x93

Start bitTsb

bit7=1 bit6=0 bit5=0 bit4=1 bit3=0 bit2=0 bit1=1 bit0=1

Tbit Tbit

Receiver sampling

Tfslpg

GPIO line

Tsfb

TX of x bytesSynchronizationpattern

RX of y bytes

Tretrx

6601

CS

– 2

7Sep

16


PersonalizationThanks to VaultiTrust Personalization service proposed by WISeKey, VaultIC100 devices can be personalized individu-ally and in a secure environment: Customer Keys and any other data are submitted to WISeKey through a securechannel then inserted on each die at wafer level. Once assembled, all devices are provided to the customer as well aspairing data (Customer Data inserted paired with Chip Serial Numbers).

Figure 6 VaultiTrust Personalization service

For more information regarding VaultiTrust Personalization service, please contact yourlocal WISeKey sales representative.

Chip nChip …Chip 2

WEB PORTAL

Chip 1

CUSTOMER ENVIRONMENT

SECURE ENVIRONMENT

UID-SN

...

Pairing Data

Secure Channel

6601

CS

– 2

7Sep

16


Product Characteristics• Connections for Typical Application

• VaultIC100 connections for OWI typical application

• VaultIC100 connections for I²C typical application

• External components, Bill of Materials

C1

VCC

C2

OWI (GPIO0)OWI

VCCVCC

VaultIC100HOST

GND

R1

VCC

GPIO1

C1

VCC

C2

R1

SCL (GPIO1)SDA (GPIO0)

SCLSDA

VCCVCC

VaultIC100HOST

GND

R2

VCC

Configuration Reference Description Typical Values Comment

OWI

C1 Power Supply Decoupling Capacitor 4.7 μF Recommended

C2 Power Supply Decoupling Capacitor 10nF Recommended

R1 Pull-Up Resistor 2.2 kΩ Recommended

I²C

C1 Power Supply Decoupling Capacitor 4.7 μF Recommended

C2 Power Supply Decoupling Capacitor 10 nF Recommended

R1, R2 Pull-Up Resistors 2.2 kΩ Recommended

6601

CS

– 2

7Sep

16


• Absolute Maximum Ratings

Note: Stresses beyond those listed under “Absolute Maximum Ratings” may cause permanent dam-age to the device. This is a stress rating only and functional operation of the device at these or other conditions beyond those indicated in the operational sections of this specification is not implied. Exposure to absolute maximum rating conditions for extended periods may affect device reliability.

• AC/DC Characteristics (2.7V - 5.5V range; T= -40°C to +105°C)

Operating Temperature -40°C to +105°C

Supply Voltage Vcc -0.3V to +7.0V

Input Voltage -0.3V to Vcc

Sym-bol Parameter Condition Min. Typ. Max. Unit

VCC Supply Voltage3.0V (+/-10%)

5.0V (+/-10%)

2.7

4.5

3.0

5.0

3.3

5.5V

VMAX Voltage Monitor: high level detection 5.5 V

VMIN Voltage Monitor: low level detection 3.0V, 5.0V 2.7 V

TMAX Temperature Monitor: high level detection 105 °C

VIH Input High Voltage - I/O0, I/O1 0.7*VCC VCC+0.3 V

VIL Input Low Voltage - I/O0, I/O1 VSS-0.3 0.2*VCC V

IIH Leakage High Current - I/O0, I/O1 VIN = VIH -10 10 µA

IIL Leakage Low Current - I/O0, I/O1 VIN = VIL -40 10 µA

VOL Output Low Voltage - I/O0, I/O1 IOL =1mA0

00.08*VCC0.15*VCC

V

VOH Output High Voltage - I/O0, I/O1 IOH = 1mA 0.7*VCC VCC V

RI/O Pin Pull-up I/O0, I/O1 220 kΩ

Tr I/O Output Rise Time (HRD Mode)Cout=30pF

Rpullup=20kΩ1 µs

Tf I/O Output Fall TimeCout=30pF

Rpullup=20kΩ1 µs

Icc Typical Current at 25°C

- Chip in power-down mode: 140 µA

- Chip in run mode with or without crypto run-ning:3.5 mA

- Chip in run mode with EEPROM write 5 mA

• Timings- I²C Timings

The table below describes the requirements for devices connected to the I²C Bus.

- OWI TimingsThe table below describes the requirements for devices connected to the OWI.

Symbol Parameter Condition Min. Typ. Max. Unit

fSCL SCL Clock Frequency - - - 100 kHz

Symbol Parameter Condition Min. Typ. Max. Unit

BR Baud Rate Tbit=10µs - - 65 kb/s

6601

CS

– 2

7Sep

16


Ordering Information• Legal

- A Non-Disclosure Agreement must be signed with WISeKey. - An Export License for cryptographic hardware/software must be granted.

• Quotation and Volume- For minimum order quantity and the estimated annual utilization, please contact your local WISeKey sales repre-

sentative.

• Part Number

* For more details about the Chip “Chrono” Number, please contact your local WISeKey sales representative.

Starter KitThe VaultIC Starter Kit provides an easy path to master the cryptographic and secure data storage features of the Vaul-tIC security modules. The content is :

• VaultIC100 samples (5 units) with 1 dedicated test socket• 1 generic USB to I²C adapter • 1 CD-ROM containing a support documentation set (getting started, application notes, reference design), some demo

applications to get an insight into the VaultIC features, the ”VaultIC Manager” tool to design the file system and to per-sonalize samples, a hardware independent cryptographic API with source code.

Figure 7 Starter Kit Content

Reference Description

ATVAULTIC100-xxx-Pxxx : Chip “Chrono” Number*

P = ZA : DFN6 Package

Reference Application Description

ATVAULTIC-STK02-100ZA Embedded Security Starter Kit for VaultIC100 in DFN6 package (I²C adapter included)

ATVAULTIC-STK12-100ZA Embedded Security Starter Kit for VaultIC100 in DFN6 package (no I²C adapter)

6601

CS

– 2

7Sep

16


Pinout & Packaging

Figure 8 Pinout VaultIC100 in DFN6 package

Figure 9 Product Marking

Designation Pin Description

GND 1 Ground (reference Voltage)

IO0 3 GPIO0. Used for OWI or SDA

IO1 4 GPIO1. Used for SCL

VCC 6 Power Supply

VaultIC100

INDEX CORNERGND

IO0

1

2

3 4

6

5

VCC

IO1

YYWW : Date Code

xxx : Chip “Chrono” Number

YYWW00xxx

6601

CS

– 2

7Sep

16


Figure 10 Package Thin DFN6

Notes:

1. All dimensions are in mm. Angles in degrees.

2. Coplanarity applies to the Exposed PAD as well as the terminals. Coplanarity shall not exceed 0.05mm.

3. Warpage shall not exceed 0.05mm.

4. Package length / Package width are considered as special characterisitic(s).

5. Refer JEDEC MO-229.

6601

CS

– 2

7Sep

16

The photographs and information contained in this document are not contractual and may be charged without notice. Brand and product names may be registered trade-marks or trademarks of their respective holders.Note: This is a summary document. A complete document will be available under NDA. For more information, please contact your local WiseKey sales office.


Figure 11 Package DFN6

Notes:

1. All dimensions are in mm. Angles in degrees.

2. Coplanarity applies to the Exposed PAD as well as the terminals. Coplanarity shall not exceed 0.05m

3. Warpage shall not exceed 0.05mm.

4. Package length / Package width are considered as special characterisitic(s).

5. Refer JEDEC MO-229.

summary datasheet - wisekey · 2016. 10. 4. · 6601cs – 27sep16 3|13 vaultic100 summary...

Documents