2.2 EEPROM Configuration Zone

The TA010-TFLXAUTH configuration is largely fixed and cannot be modified by the customer. Relevant information about how the device is configured is shown below as well as the parameters that may be modified with the TPDS tools.
Remember: The configuration zone is divided into four subzones. These are designated throughout the document by CSZn, where n can be a value between 0 to 3 inclusive.

Device Configuration Information

  • The serial number for each device is unique and stored in bytes [0:8] of configuration subzone #1. Default values of bytes [0:1] are 0x01 0x23, and byte [8] is 0xEE. All other bytes are unique.
  • The default 7-bit I2C address is 0x39. The I2C address can be overwritten by writing CSZ3.
  • The I/O levels are set to be VCC referenced by default. This allows for the full operating voltage range to be available.
  • Maximum command speed is enabled by setting the device to divide by 1.
  • An HMAC key can be programmed into the device to allow for calculation of an HMAC Digest using the SHA command or can be used by the host to perform HMAC authentication.
  • Monotonic counters are available for use by the system and enabled for 10,000 uses by default. By default, the counter is not attached to any keys.
  • A Health Test Failure will be cleared after any time that a command fails as a result of a health test failure. If the failure symptom is transient, the command may pass when run a second time.

Modifiable Configuration Information

Through use of the TPDS tools, the following parameters may be modified, provided the zones were not already locked.

  • I2C Address
  • I/O Levels can be modified to have a fixed Reference. This allows for the I2C Bus to run at a lower voltage level than the TA010-TFLXAUTH supply. In this mode, the supply voltage is limited to a minimum of 2V.
  • Initial Counter value can be limited to something less than 10,000.
  • ECC Private key or the HMAC Key can be attached to the counter for limited use.
  • For a lower power, option 2x or 4x clock divider can be enabled. This trades off power for increased execution times.
  • Health Test Failure mode can be set to require that a SelfTest command or power cycle must be performed to clear a health test error.
  • For a higher level of security, a Compliance Mode bit can be set. In this mode, appropriate health tests will be run prior to the execution of some cryptographic algorithms.
  • Serial Number bytes [0:1] and byte [8] can be modified from their default values to uniquely identify a given customer or application, but the specific values used will be specified by Microchip.