NIMBUS Security Chip AT 91 SC 321 RC

NIMBUS Security Chip AT 91 SC 321 RC April 25, 2001 Atmel Corporation

NIMBUS Product Overview l 32 -bit ARM performance for embedded security applications l 96 K ROM, 64 K EEPROM, 5 K SRAM for expanded code, multiple certificate storage, improved performance l HW crypto accelerators for stream encryption and public key l Security designed for FIPS 140 -1 and Common Criteria l Four I/O interfaces support multiple platforms 10/2/2020 Atmel Corporation 2

Security Products l USB Tokens l Metering Devices l TV Set Top Boxes l Smart Cards l PDA’s and other client appliances 10/2/2020 Atmel Corporation 3

Security Applications Metering Devices Network Security SIMs Key Generation Secure Remote Access File/ Message Encryption NIMBUS Security Device Stream/ Bulk Encryption Secure Web Access Real Time Clock Security Certifications Certificate Storage Downloadable Applications Signature and Authentication Supports Multiple OS’s Digital Signatures Secure Mail 10/2/2020 Atmel Corporation 4

NIMBUS Block Diagram 10/2/2020 Atmel Corporation 5

ARM 7 TDMI l l ARM Thumb Processor 32 -bit or 16 -bit Instruction Set Dynamic switching between 32 - and 16 -bits 2 modes supported 1. Supervisor 2. User l 16 Mhz Average Operating Frequency 10/2/2020 Atmel Corporation 6

Memory ROM 96 Kbytes 3 bytes x 32 Kbytes EEPROM 64 Kbytes 2 bytes x 32 Kbytes 128 byte page size 11 ns access time 2 ms write time 100 ns read time 100 K cycles SRAM 1 4 Kbytes 2 bytes x 2048 bytes 11 ns access time SRAM 2 1 Kbyte 2 bytes x 512 bytes 10/2/2020 Atmel Corporation 11 ns access time 7

Memory Management Unit l Supervisor mode allows full access to entire memory map l Securely partitions memory map for multiple applications in User mode § READ/WRITE/EXECUTE § No access to peripherals in User mode l Granularity § ROM – fixed @ 1 Kbyte § SRAM – fixed @ 1 Kbyte § EEPROM – 1 Kbyte default – Programmable to 32 bytes 10/2/2020 Atmel Corporation 8

Crypto Functions Algorithms Preliminary Times Public Key RSA Sign (no CRT) RSA Sign (CRT) DSA Sign DSA Verify ECDSA Diffie-Hellman 225 ms (1024/1024) 56 ms (1024/1024) <12. 5 ms (512/160) <22. 5 ms (512/160) 35 ms/40 ms (192 GF(p)/163 GF(2 m)) TBD Symmetric DES 3 DES Skipjack 8 Mbytes/sec (2 Mbyte effective w/ USB) TBD Hashing SHA-1 MD 5 TBD Key Generation DES Public Key TBD (up to 56 bits) TBD (up to 2048 bits) 10/2/2020 Atmel Corporation 9

Elliptic Curve DSA l GF (p) Curve § § Based on modular arithmetic 192 bits is smallest GF(p) curve listed in FIPS 186 -2 35 ms using Nimbus PK Accelerator 3 Kbyte table required for storage l GF (2 m) Curve § § § 10/2/2020 Based on finite field F 2 m arithmetic 163 bits is smallest GF(2 m) curve listed in FIPS 186 -2 Roughly equivalent to 1024 -bit RSA 40 ms using Nimbus ARM processor 3 Kbyte table required for storage Atmel Corporation 10

Random Number Generator l Hardware Random Number Generator l Pseudo RNG available for FIPS 140 -1 certification 0011110001010010010000111 111000000001111100001010010010000001 0010100100101001 010100000001111100101 10/2/2020 Atmel Corporation 11

Security Features l Low/High Temperature and Voltage Detection l Low Frequency Detection l Minimum Pulse Width Detection On Clock l Upon detection, zeroization occurs by shutting off power via internal regulator 10/2/2020 Atmel Corporation 12

Security Features l Power-On Reset and Self-Test Protocols l Secure MMU l Memory Obfuscation l Separate Processor & Peripheral Bus Clocks l DPA Resistance 10/2/2020 Atmel Corporation 13

DPA Protection l Cryptographic coprocessor generates dummy cycles during RSA and DSA calculations l DES hardware engine allows ARM to run masking calculations (software controlled) l Internal clock frequency varies each clock cycle § 14 to 20 Mhz l Separate clocks § External clock for peripherals § Internal clock for processors, accelerators, memory 10/2/2020 Atmel Corporation 14

Real Time Clock l Uses 32 Khz crystal oscillator l Requires 3 V external battery l Tamper detect on battery and oscillator l Applications include: § Secure time stamp § Time-based challenge/response authentication § Secure elapsed time measurements 10/2/2020 Atmel Corporation 15

Miscellaneous Hardware l Programmable Watchdog Timer l Two 16 -bit Timer/Counters l Programmable UART l 5 volt Vcc required § Regulated to 3. 3 volts for operation l 0. 35 Micron Process 10/2/2020 Atmel Corporation 16

I/O Interfaces l ISO 7816 Smart Card Interface l USB version 1. 1 Interface l SPI Interface (Serial Memory Expansion) l SMBus Interface (System Management Bus) 10/2/2020 Atmel Corporation 17

Packaging l ISO 7816 Smart Card Module l 24 -pin SOIC § 300 mil JEDEC standard 10/2/2020 Atmel Corporation 18

Standards l FIPS 140 -1 Level 3+ § Preliminary product profile completed § Certification targeted 4 Q 2001 l Common Criteria § EAL 4 § Certification targeted 1 st Half 2002 l ISO 7816 l USB v 1. 1 10/2/2020 Atmel Corporation 19

Summary l Further Questions l Action Items l Next Steps 10/2/2020 Atmel Corporation 20

Development Kit l NIMBUS Chip A – Available Now § § Used in development kit Software development Design debug Gate array layout l NIMBUS Chip B -- Available 4 Q 2001 § Production chip § Standard Cell Layout § Test Circuitry Removed 10/2/2020 Atmel Corporation 21

Development Kit l Hardware § § § 10/2/2020 NIMBUS Chip A socketed in emulation board Mounted in tamper-evident enclosure ISO 7816 contact paddle and ribbon cable USB connection Power supplies and connection cables Atmel Corporation 22

Development Kit l Software § Peripheral drivers for ISO 7816 (USART), USB, SPI, and SMB § Cryptographic libraries for DES, 3 DES, Skip. Jack, RSA, DSA, ECDSA, SHA-1, MD 5, Key Generation § Power-on-reset and self-test routines § Sample code l Documentation § Nimbus SDK “Getting Started” § Nimbus SDK “Users Manual” 10/2/2020 Atmel Corporation 23

Development Kit l Optional Resources Available from ARM § EPI JEENI, JTAG Embedded. ICE serial/Ethernet interface for ARM § ARM Software Development Toolkit § ARM “Software Development Toolkit – User Guide” § ARM “Software Development Toolkit – Reference Guide” § ARM “Architecture Reference Manual” 10/2/2020 Atmel Corporation 24

Development Kit l Single Use License Agreement § § Atmel retains ownership Customer agrees to refundable deposit List of persons with authorized access Customer agrees to keep HW under lock and key § Atmel may audit 10/2/2020 Atmel Corporation 25

Schedule l Development Kit Now l Prototypes August 2001 l Volume Production November 2001 10/2/2020 Atmel Corporation 26