PDA

View Full Version : ATSHA204 Authentication Chip plus Teensy



Andy
01-02-2014, 10:24 AM
Hi Everyone

I'm trying to get one of these excellent little chips to work with the Teensy:

https://www.sparkfun.com/products/11551

Has anyone else managed this? Someone has written an Arduino library:

https://github.com/jimblom/sha204-Breakout

It built fine and ran fine but when I connected to the chip nothing happened. By that I mean that the code returned the same blank response as when the chip was not connected.

Has anybody managed to get this to work with a Teensy? The chip's functions are quite impressive. It provides hardware SHA256 hashing and also you can add a secret to the chip that is securely stored that you can hash with (HMAC). Therefore proving the identity of the hardware. It also has a "high quality" random number generator (RNG) which I would imagine is superior to what you can do on the Teensy.

I think most projects that do anything with encryption or secure communication could benefit from one of these.

I'm willing to buy a few people one of these chips if they have a realistic chance of being able to help (it's a very low cost chip). It uses a one-wire interface called I2C. I would just paypal across the $10 or so that it would cost.

The arduino library didn't expose all the functionality of the chip and I already accepted I might have to do some real serious development to understand how to expose the rest. But with the examples not working at all I'm struggling how to go about getting this to work. I will obviously share any progress I make with this further down the line.

Thanks for your help.

Andy

Andy
01-02-2014, 10:30 AM
I should add I'm using a Teensy 3.0 and I connected the ATSHA204 Power and GND to Vin and GND on the Teensy. The main signal chip I connected to one of the standard inputs. I've realised I didn't try connecting to the Teensy 3.3v pin instead of Vin which could possibly make a difference. I'll try that tonight.

There is of course a chance I have a duff chip or that I've manage to damage the chip somehow, but I don't think that is the case.

Thanks

Andy

Andy
01-02-2014, 12:37 PM
Just to clarify a mistake in my original post, this actually uses a one wire interface called Single-Wire interface not I2C. There is an I2C version of the chip but this is not the one being used on this breakout board.

JonHylands
01-02-2014, 12:46 PM
Looking at the data sheet, the device requires very specific timing to talk to, and it certainly isn't I2C in the form that comes from Sparkfun. They have an I2C version of the chip, but it is an 8-pin chip and has both SCL and SDA pins.

This chip uses a strange 7/9-bit TTL bit scheme at 230,400 baud. I had a quick look at the library provided, and it probably only works on either an 8 MHz or 16 MHz Arduino, because it is bit-banging everything. His send stuff looks pretty solid (using timed delays), but on the receive side he's using a 255 value timeout that decrements while waiting for bits. On an 8 MHz 8-bit processor, that takes a lot longer than on a 96 MHz 32-bit processor. You're probably timing out really quickly while waiting for a response from the chip. If your Teensy is running at 96 MHz, try setting START_PULSE_TIME_OUT in sha204_library.h to something like 3000 instead of 255. There might be other numbers that need to be tweaked as well (like ZERO_PULSE_TIME_OUT). I would set it to ~312 (12x the current value).

Note that you'll also have to change any variables that are assigned these values to uint16_t from uint8_t. From a quick look it appears that is pulse_count and timeout_count in atsha204Class::swi_receive_bytes.

- Jon

Andy
01-02-2014, 02:29 PM
Thanks Jon, that's great input. You've given me some good clues to experiment with. It's very difficult when you get nothing back at all from a chip or add-on to work out where it is falling over. I'll keep this thread updated with my progress as I know some others have shown interested in this chip in the past.

JonHylands
01-02-2014, 03:49 PM
The best bet is to invest $150 in a little logic analyzer - https://www.sparkfun.com/products/8938

With that, you can tell very easily if things like timeouts are happening, because you'll see the signal on the trace, but the code isn't reacting properly. You can even add lines to spare pins, and toggle the pins at specific places in the code to see "when" all this happens (over the span of a few milliseconds). I've saved many many hours of hair-ripping with that logic analyzer.

- Jon

bettse
10-01-2014, 04:49 AM
Andy,
There is another thread about the SHA204 that I just posted a link in. I was able to get the SHA204 to return its serial number successfully by using a variation of this code: https://github.com/pkourany/Atmel_AHSHA204_Breakout (by variation, I mean that I wasn't using that literal code, I used an arduino library, like the one you found, and hand modified in the changes that pkourany's code makes for the "Spark". Pretty straight forward.

Experimentalist
10-05-2014, 07:18 AM
Andy,
There is another thread about the SHA204 that I just posted a link in. I was able to get the SHA204 to return its serial number successfully by using a variation of this code: https://github.com/pkourany/Atmel_AHSHA204_Breakout (by variation, I mean that I wasn't using that literal code, I used an arduino library, like the one you found, and hand modified in the changes that pkourany's code makes for the "Spark". Pretty straight forward.

Hi, I am just looking into hardware encryption and I am interested in this chip. Are you using the Sparkfun breakout? Which Arduino library did you start with? Can you post a link or post what you ended up with?

Thanks
Ex

bettse
10-05-2014, 06:52 PM
Hi, I am just looking into hardware encryption and I am interested in this chip. Are you using the Sparkfun breakout? Which Arduino library did you start with? Can you post a link or post what you ended up with?

Thanks
Ex

Yes, the sparkfun BOB-11551. And at the time I posted I was so excited just to spread the knowledge, but I've since pushed up my code to Github: https://github.com/bettse/arduino_projects/tree/master/libraries/SHA204 which is based off this repo: https://github.com/nuskunetworks/arduino_sha204 with the Spark changes I mentioned. I should probably pull my changes back out and ifdef them to a macro that detects if one is using the teensy; that would make it the most universally usable.

Experimentalist
10-05-2014, 08:48 PM
I've since pushed up my code to Github

Thanks for sharing. I am a hobbyist programmer with very little experience in C/C++ and to be honest I find myself confused most of the time :0)

What is your application for the chip?

pictographer
10-05-2014, 09:13 PM
I'm trying to understand what the use case for using the ATSHA204 with a Teensy. If the idea is just to use the chip because it's cool, ok. If the goal is more than that, I'd like to understand the tradeoffs.

From a quick glance at the Atmel page describing it, it looks like all the functions it offers could be done in software on the Teensy, albeit slower. However, by putting the functions in the software of the Teensy, the system becomes harder to physically attack because there would be no exposed wires, pins, and traces between the ATSHA204 and the Teensy.

How good does the RNG need to be? Are we trying to resist an attack over many years by a nation state?
There's nothing on the datasheet to back up Atmel's claim of a "high quality" random number generator, i.e. no reference to NIST or other security certification. It's probably good, but something in software might be good enough.

Has anyone succeeded in dumping the flash of a MK20DX128 or MK20DX256 that's configured not to allow that?