W7500 ATAES132 Implementation

Go To Last Post
12 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi guys,

 

I am trying to use the ATAES132 chip with W7500. 

I can communicate with I2C and send commands. Where should I start after that? 

What should I do first? (MAC calculation, authentication, key load, etc.) 

Could you tell me the sequence?

If you share a sample code, I'm very happy.

 

Thank you.

uludag

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

 

I would suggest first trying to read/write to a memory zone  unencrypted.

 

Then program in a key and try to read/write to a memory zone encrypted.

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi anha6317,

 

>> I would suggest first trying to read/write to a memory zone  unencrypted.

 

I can do this.
 

>> Then program in a key and try to read/write to a memory zone encrypted.

 

In the first case I think there is no key in the ATAES132. I want to use the KeyCreate command.
A 16-byte random key will be created and  will be save in key memory.. The newly created key will be encrypted with the master key and sent to me.
How do I know this parent key?Do not both sides have to know this key?

 

Thank you.

uludag

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

 

While you're developing and testing your routines, you can write a key directly into key memory using an I2C write command. See appendix F in the datasheet for the addresses. Key 0 is at 0xF200, key 1 is at 0xF210, etc..

 

Then configure a zone to require encrypted reads/writes using the key you programmed.

You can then develop your code to do encrypted reads & writes using this known key. This will test your MAC calculation and AES routines.

 

The Auth command is probably the best to check your MAC calculation code as there is no encrypted payload.

 

All this information is in the datasheet.

 

 

Last Edited: Sat. Mar 31, 2018 - 10:37 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

>>While you're developing and testing your routines, you can write a key directly into key memory using an I2C write command. 

 

This information is very important to me. Thank you.

uludag

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I am also having some issues to start with this IC. The AES CCM mode and Examples are not given in easy to implement way. One need to relate the information and apply as per the options provided in IC.

 

I have started with Nonce command ( to send the SEED to IC, and generate the random keys based on this see, for MAC calculation and AES encryption)

 

Were you able to use the IC for encryption purpose? Any updates?

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The Excel spreadsheet attached to the following post should help you:

 

https://community.atmel.com/comment/2239621#comment-2239621

 

Everything worked OK for me, so I did this spreadsheet so I didn't have to keep looking at the datasheet.

 

Good luck.

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Dear anha6317,

 

Thank you for the prompt response and sharing your valuable work through summarized excelsheet.

Hope i am not violating any forum standard practices or encroaching the thread.

The instructions are not clearly defined as per the use cases for this IC.

 

My Application:

I wish to provide a static key from Host controller and just encrypt the 16bytes plaintext  and get the ciphertext.

The keys are secure and I am not concerned with pattern attack or authentication process at this moment.

I just need to use the AES processing capability of this IC for now. I will build on to it later on.

 

 

Question1 : NIST - 800-38C specification are implemented via this IC? ( link shared by you earlier in another thread)

http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf

 

I have few more doubts and still unable to use the IC for my application. How may i share them with you?

 

 

Regards,

Dinesh

Last Edited: Wed. Apr 25, 2018 - 10:37 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Yes, this chip does implement the NIST 800-38C specification for CCM mode.

 

It sounds like your application needs the chip to AES encrypt one block of plaintext with a key supplied from the host. Is this right?

If I am uinderstanding you correctly, then this is simple AES-ECB mode and you can do this using the 'Legacy' command. See section 7.17 in the data sheet.

With ECB mode there is no MAC or CBC chaining. It just encrypts a single block of plaintext.

 

If you are only doing standard AES encryption, with the key & the plaintext known by the host, you can do this all on the host without needing a

chip. Just download an AES library from the github... there are many free ones.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Thank you for sharing the AES code methods and alternatives. I have already done that. 

But to save processing power and memory, i am trying to use the AES processing of AES132 IC.

And when concepts gets clear with AES132, may be i will implement CCM mode or advanced features. i will implement CCM mode as well. 

 

The legacy method i tried as per your suggestions:

The status byte shows error though.

I have key ID 0x0002 as i have used Key02. Is that correct and What am i doing wrong?

 

 

Attachment(s): 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

You must enable the Legacy command for the device by setting ChipConfig.LegacyE = 1 in the configuration memory.

 

Also, the key must be configured to allow its use with the Legacy command by setting KeyConfig[KeyID].LegacyOK =1

 

It's all in the datasheet section 7.17

 

 

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I have moved the topic to fresh thread.

Kindly see : https://community.atmel.com/foru...