1.2 Device Features

SHA104 includes an EEPROM array that can be used for storage of one secret key, miscellaneous read/write data, consumption logging and security configurations. Write access to the various data zone slots and configuration subzones of memory can be restricted.

The SHA104 comes in one of two possible serial interfaces. The I²C version of the device supports a standard I²C interface at speeds of up to 400 KHz. The interface is compatible with standard-mode and fast-mode I²C interface specifications. The device also supports a Microchip proprietary PWM Single-Wire Interface (SWI), which can reduce the number of GPIOs required on the system processor and/or reduce the number of pins on connectors. When in SWI mode, the SHA104 can be operated in parasitic power mode, reducing the pin count to just 2 pins.

Each SHA104 unit ships with a unique 72-bit serial number. Also, SHA104 features a wide array of defense mechanisms specifically designed to prevent physical attacks on the device itself or logical attacks on the data transmitted between the device and the system. Hardware restrictions on the ways in which a key is used or generated provide further defense against certain styles of attack.

An enhanced mode of self-test can be enabled by setting the SelfTest bit in the Configuration Zone. In this mode, the tests are required to run prior to the execution of the commands that require cryptographic algorithms.

The SHA104 device has a monotonic counter that can be used by the host system for a purpose of its choosing. The maximum value of the counter is limited to a maximum of 10,000 uses. A lower value can be programmed into the device during provisioning if so desired. If so desired, the counter can be attached to the symmetric key in Slot 3 to limit the use of this key. The monotonic counter will be automatically updated when the MAC command is run if the key in Slot 3 is configured for limited use.