plik

By Artur Costa
PLANETA INFORMATICA LTDA /Brasil

The Challenge

Two years ago, a customer hired Planeta to improve
an existing highly secure purse application with a
big restriction: user card cost. The customer already
had a pilot application in place, based on two
microprocessors: one for the user card and another
used inside a terminal that worked as a secure
authentication module (SAM). Planeta was asked to
suggest a new smart card concept with the same
level of security and a lower price for the user card.
In addition, the current system was limited to a
single smart card manufacturer and had some
performance issues that needed to be resolved.

The Solution

Planeta had previously used Atmel’s AT88SC153
chip, a predecessor of the new CryptoMemory®
family of devices. The AT88SC153 was
successfully implemented in a vending machine
application, with the application and card secret
keys saved and protected inside the terminal’s
protected memory. Since the security of “protected
terminal memory” is not reliable enough, the
solution for the secure purse application required a
new concept of secret keys, diversification of keys,
and secure calculations performed by a SAM card
instead of a CPU terminal.

While Planeta was working on this solution, Atmel
launched the CryptoMemory family of chips, offering
very high security functionalities, like bidirectional
authentication, encrypted passwords, physical/
electrical monitors, and encrypted and signed
communication between card and reader/terminal.
Because of these features, Planeta selected
CryptoMemory for the user card platform.

The next step was to find the SAM platform.
We needed a versatile solution that could be used
for different applications like access control,
public transportation, vending machines, and
multi-application cards. Atmel’s CryptoMemory and
CryptoRF™ families of devices met these needs.

Design Strategy

The answer was to adopt a fully programmable,
high-performance, secure processor card for the

SAM. Planeta selected Atmel’s AT90SC6464C,
a flash-based, high-performance cryptocontroller.

The key elements of this new solution included:

• CryptoMemory AT88SC0808C for the user card.

• AVR™ secure Flash microcontroller AT90SC6464C

for the SAM card.

The SAM was built using Atmel’s very high-
performance microcontroller, which has a built-in
random number generator, 3DES/RSA hardware
accelerator, and ISO 7816 interface. To work with the
SAM, the External Memory Operating System
(EMOS) was selected, because it has the unique
ability to utilize the memory in external smart cards
as if they were part of the microcontroller memory.
In addition, the external smart card memory needed
to have mutual authentication and encrypted
communication ability to ensure the security of the
system. Since CryptoMemory is the only chip in the
marketplace with authentication and encryption
functions, CryptoMemory provided the solution for
the secure purse application.

The end result is that the solution developed by
Planeta provides the same functionality as a pair of
microprocessor cards (user and SAM cards),
meeting the customer’s requirements quickly and at
a low cost.

The Advantages

• Cost reduction: The CryptoMemory user card is

about one-third the cost of a microprocessor card
with the same memory size.

• Very high security.

• Total independence of card manufacturer

and personalization.

• Very high performance: The AT90SC6464C chip

has a very fast encryption calculation engine.

• Simplified memory management: The SAM

manages system memory, building necessary
application files within the CryptoMemory and
CryptoRF user memory and SAM memory.

• Flexibility: This solution can use a wide range of

memory sizes for contact (up to 32K bytes) and
contactless smart cards (up to 8K bytes), with the
same level of security and interface as micro-
processor cards.

PLANETA INFORMATICA IS A

DESIGN AND MANUFACTURING

COMPANY, SPECIALIZING IN

CONTACT AND CONTACTLESS

SMART CARD READERS, TERMINALS,

AND BOARDS FOR DEDICATED

APPLICATIONS, INCLUDING PUBLIC

TRANSPORTATION, VENDING

MACHINES, FOOD VOUCHERS,

LOTTERY, AND GAMING. FOR THE

LAST 10 YEARS, PLANETA HAS

DEVELOPED AND PROVIDED

CUSTOMERS WITH SECURE,

INEXPENSIVE SMART

CARD-BASED SOLUTIONS.

www.atmel.com

page 50

SAM-Based Highly Secure Application using
Atmel CryptoMemory

and CryptoRF

™

Devices

J O U R N A L

A T M E L

A P P L I C A T I O N S

• Simplified software development: The application

software sees only one single operating system.
Using a memory driver built inside the SAM
makes it possible to support different types of
user cards, including both CryptoMemory for
contact and CryptoRF for contactless cards,
without changing the application software.

• Simple implementation of multiple applications:

On one card, it is possible to build directories and
isolate one application from another, using OS
rules and secret keys.

• Software homogeneity: The application software

is a sequence of APDUs, independent of card type
and size. Only a small software driver is required
as the gateway between the user card and the SAM.

Conclusion

Planeta’s customer fully converted this project to the
Atmel solution in September 2003. Currently, about
5,000 terminals are installed using the AT90SC6464C
chip and EMOS, and about 80,000 AT88SC0808C
CryptoMemory-based user cards have been issued.

www.atmel.com

page 51

An e-purse transaction is executed in less than one
second with no keys stored inside the terminals,
ensuring the security of the system. This application
is expected to exceed 200,000 terminals and five
million users.

In the next phase, a contactless system using
CryptoRF will be developed to provide both
contact and contactless solutions to customers in
2004.

Figure 1: General Diagram of the Planeta E-Purse solution

for new applications.
AT91 microcontrollers are targeted at
low-power, real-time control applications. They have
already been successfully designed into Industrial Automation sys-
tems, MP-3/WMA players, Data Acquisition products, Pagers, Point-of-Sales terminals,
Medical equipment, GPS and Networking systems.

The AT91 series is completely supported by state-of-the-art development tools, including
C-compilers, Debuggers, Emulators and RTOS.

Atmel's AT91 ARM Thumb microcontrollers provide the 32-bit perform-

ance every 8-bit microcontroller user is dreaming of while staying within his

tight system budget. The extra performance enables the implementation in soft-

ware of innovative but evolving protocols for communication, compression or

control.

Building a microcontroller product line around the industry-standard ARM processor core guar-
antees the customer long-term availability, and its widespread acceptance has resulted in the
development of an extensive range of qualified software IP products reducing the time-to-market

Start your journey today towards a successful design at: www.atmel.com/arm

Eval Board

Microprocessor Supported

AT91EB40

Supports AT91X40, enabling code development & eval.

AT91EB40A

Supports AT91RO40008, enabling code development & eval.

AT91EB42

Supports AT91M42800A, enabling code development & eval.

AT91EB55

Supports AT91M55800A, enabling code development & eval.

AT91EB63

Supports AT91M63200 & AT91M43300

enabling code development & eval.

Memory Extension Card

AT91MEC01

Increases memory capacity of
AT91 Eval. Board, adding 2M
bytes of SRAM and 3M bytes
of Flash on the external bus.
Complete with application Guide.

Atmel’s AT91 ARM

Thumb

–Everywhere You Are.

Everywhere You Are™

J O U R N A L

A T M E L

A P P L I C A T I O N S