DS1963S
18 of 37
Read Authenticated Page [A5h]
This command, which is applicable to pages 0 to 15 only, combines reading a full or partial memory page
with the computation of a SHA-1 message authentication code. After the master has issued the command
code and specified a valid target address it will receive the page data beginning at the target address
through the end of the data page, the value of the write-cycle counter of the page, the value of the write
cycle of the secret associated with the page and the inverted CRC of the command code, target address,
page data and counter values. Immediately after the CRC is received the SHA engine begins the
computation of the message authentication code over the secret associated with the selected page, all 32
data bytes of the selected page, the page write cycle counter, page number, the device’s ROM registration
number and the 3-byte “challenge” that is taken from the scratchpad locations 20 through 22. The result
of the SHA computation is then placed in the scratchpad from location 8 through 27 for the master to
read. While the SHA computation takes place the master will read all 1’s. As the computation is finished
the pattern will change to alternating 0’s and 1’s. The master must read at least 8 bits of this alternating
pattern. Otherwise the device might not properly respond to a subsequent Reset Pulse. Typically the
master will next take all the page data, etc., compute the message authentication code on its own (see the
Compute SHA command, “Validate Data Page” function), and compare it to the data in the scratchpad to
determine whether the DS1963S knows the correct secret associated with the data page.
Compute SHA [33h]
The Compute SHA command provides the environment for six functions that employ the SHA engine to
generate message authentication codes in different ways. The seventh way to run the SHA engine is
through the Read Authenticated Page command, which has been described above to some extent. The full
details of all SHA computations are found in this section. Table 1 gives an overview of these functions.
SHA Functions Overview Table 1
Command or Function Name
Roaming Button Coprocessor Button Applicability
Read Authenticated Page
yes
N/A
Pages 0 to 15
Validate Data Page Function
N/A
yes
Pages 0 to 15
Sign Data Page Function
N/A
yes
Pages 0 and 8 only
Compute Challenge Function
yes
N/A
Not with pages 0 and 8
Authenticate Host Function
yes
N/A
Not with pages 0 and 8
Compute first Secret Function
yes
Pages 0 to 15
Compute next Secret Function
yes
Pages 0 to 15
A DS1963S device can be used in a system in two ways: a) as mobile data carrier that is associated to a
person that carries it, and b) as a coprocessor and data safe for a host computer or “bus master”. Either
application requires a secret to be installed in the DS1963S device. The functions needed to install secrets
in one or more steps are called Compute First Secret and Compute Next Secret. A DS1963S that works as
a coprocessor has to accomplish two functions: a) verify whether a roaming device belongs to the system
(i. e., whether it knows the secret), and b) generate or check a signature that protects data from mani-
pulation. These functions are accomplished by the functions Validate Data Page and Sign Data Page.
The main SHA function of a roaming device is Read Authenticated Page, which provides the coprocessor
device data and message authentication code needed for the Validate Data Page function. The two re-
maining SHA functions that a roaming device may have to execute are Compute Challenge and Authenti-
cate Host. These functions are not used in applications such as vending machines. However, they are es-
sential for user- and host authentication, which will set the MATCH flag of the roaming device. Since the
MATCH flag is part of the SHA computation of Read Authenticated Page, Validate Data Page, and Sign
Data Page, the resulting message authentication code depends on and therefore reveals whether the host