3.1 ECC608-TMNGTLS Configuration Zone

The ECC608-TMNGTLS configuration is fixed and cannot be modified by the customer. Relevant information about how the device is configured is shown below or in the slot information. The keys are provisioned in-field by the keySTREAM SaaS.

Device Configuration Information

  • The serial number for each device is unique and stored in Bytes[0:3, 8:12]. Bytes[0:1] are 0x01 0x23 and Byte[8] is 0x01. All other bytes are unique.
  • The default 7-bit I2C address is 0x38. The I2C 8-bit address byte used for writes/reads is 0x70 and 0x71, respectively. The I2C address can be overwritten using the UpdateExtra command.
    Important: The default I2C address of the ECC608-TMNGTLS differs from that of the standard ECC608 Device.
  • All data slots, except the Secure Boot Public Key (Slot #15), the Secure Boot Digest (Slot #13) and the I/O Protection (Slot #7), are managed by Kudelski.
  • AES128 operations are enabled.
  • ChipMode Features
    • Clock divider is set for maximum execution time speed.
    • The Watchdog Timer (WDT) is set to a maximum time-out of 1.3s.
    • The I/O levels are set to a fixed reference level; therefore, the host processor can operate at a lower voltage than the ECC608-TMNGTLS device.
    • Setting an alternate I2C address is enabled.
  • SecureBoot Features
    • FullStore digest mode is enabled.
    • Secure Boot ECC P-256 public key is stored in Slot 15 and loaded at manufacturing time.
    • Secure Boot digest is stored in Slot 13.
    • A random nonce is not required but is recommended.
    • Secure Boot persistent latch is disabled.
    • I/O protection key to encrypt the output of the command
  • Chip Options Features
    • Use of the I/O protection key is enabled with the key stored in Slot 7.
    • Output of the KDF function will be in the clear but can be encrypted based on the mode of the KDF command.
    • KDF AES mode is enabled.
    • Output of the ECDH master secret will be in the clear but can be encrypted based on the mode of the ECDH command.
    • The Health Test Failure bit is cleared after any time that a command fails as a result of a health test failure. If the failure symptom is transient, the command will pass when run a second time.
    • Power on self tests are disabled. Self tests must be explicitly run if so desired.
    • The Health Test Failure bit is cleared after any time that a command fails as a result of a health test failure. If the failure symptom is transient, the command will pass when run a second time.
  • Monotonic counters are available for use by the system and are not attached to any keys.
  • The Configuration Zone is permanently locked prohibiting the update of the configuration.