ST22N256 ST22N256-A
Smar tcard 32-Bit RISC MCU with 256 Kbytes EEPROM Java CardTM HW Execution & Cryptographic Library
Data Brief
Features
ST22N256(-A) applications include:
4 4
High-end USIM Multi-application Java CardTM
Hardware features
32-bit RISC CPU 24-bit linear memory addressing Dual instruction set: Native/Java CardTM 374 (N256), 394 (N256-A) KBytes User ROM 16 KBytes User RAM 256 KBytes User EEPROM Error Correction Code within 32-bit word 10-year data retention 500,000 Erase/Write cycles endurance 1 to 128 bytes Erase/Program in 2 ms (typ.) Asynchronous Serial Interface (ASI) 2 serial I/O ports compatible ISO 7816-3 T=0 and T=1 2 configurable 12-bit and 16-bit timers Interrupt controller with up to 16 lines 1.62 V to 5.5 V supply voltage External clock from 1 MHz to 10 MHz
4
Micromodule
4
Wafer
Software features
Hardware Abstraction Layer (HAL) available as a C-oriented API Cryptographic library including: Asymmetrical algorithms (ST22N256): RSA signature/verification, Prime number generation (up to 1024 bits) and RSA key generation (up to 2048 bits) SHA-1 Hash function (ST22N256) Symmetrical algorithms: DES, Triple DES and AES
Typical internal frequency up to 33 MHz Security EEPROM Flash programming mode Clock and power management Voltage and clock frequency sensors Highest security certification: CC EAL5+ Contact assignment ISO 7816-2 compatible
bs O
let o
ro P e
du
(s) ct
so Ob
te le
ro P
uc d
s) t(
Security features
CPU security instructions dedicated to: DES and Triple DES Modular arithmetic and elliptic curve CRC calculation (16-bit ISO 3309) Advanced Memory Protection Unit Application firewalling and access control Domain switching securely controlled Native/Java, Code/Data memory attributes Supervisor and User modes True Random Number Generator (AIS31 compliant) Unique serial number on each die
June 2006
Rev 2
1/9
www.st.com 1
For further information contact your local STMicroelectronics sales office.
Summary description
ST22N256, ST22N256A
1
Summary description
The ST22N256, ST22N256-A are members of the SmartJTM platform using a 32-bit Reduced Instruction Set Computer (RISC) core to execute both Native RISC instructions and Java CardTM 2.x Technology instruction (byte codes) directly (See Figure 1). Direct Java CardTM byte code execution provides high performance advantage over processors that emulate the Java CardTM byte code instruction set. The products feature a 24-bit wide linear addressing capability and includes User ROM, User RAM, and User EEPROM. Memory and Peripheral accesses are controlled by a Memory Protection Unit that allows to implement firewalls between applications. Memories are accessed via two different buses, allowing simultaneous accesses to code and data. Memory load and stores can be performed at byte, short (2-bytes), or word (4-bytes) granularity, with optional pointer auto increment.
The ST22 core includes dedicated instructions to accelerate performances of the following algorithms:
DES and Triple DES Modular Arithmetic on large numbers 16-bit CRC in compliance with ISO 3309 specifications
Characteristic two field arithmetic to support efficiently Elliptic Curves
The products have clock and power management, 2 user-configurable 12-bit and 16-bit timers with interrupt, a Central Interrupt Controller with up to 16 input lines (4 maskable interrupt levels) and a True Random Number Generator.
Other hardware features
Temperature range -25 C to +85 C Power-saving Standby mode ESD protection greater than 5000 V
Software controlled clock management
bs O
let o
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
2/9
ST22N256, ST22N256A Figure 1. SmartJTM Platform EEPROM architecture
SECURITY
Summary description
TIMER
POWER MANAGEMENT RAM
RNG
PERIPHERALS 32-bit RISC CORE MPU BUS 2 BUS 1
EEPROM
ROM CLOCK MANAGEMENT
ASI
ISO 7816
...
...
The products have two execution modes. Java mode is used when Java CardTM 2.x byte codes are being executed. Native mode is used for long Java CardTM byte codes, Native methods and system routines. The processor enters Java mode when a dispatch (DISP) instruction is encountered. When executing in Native mode, there are two privilege levels, User and Supervisor. Some instructions can only be executed in Supervisor mode. Instructions are of variable length, from 1 to 4 bytes in Native mode. Special instructions exist for single-cycle stack operations, a frequent occurrence in Java code. Short branches and conditional branches within a 1 KByte block or the entire 16MByte instruction space are supported. The products have four stages of pipeline in Native mode: fetch, decode, execute and write-back. In Java mode, there are five stages of pipeline: byte-code fetch, byte-code decode, decode, execute and write-back. The CPU core has 16 32-bit general purpose registers, as well as special registers of variable length.
bs O
let o
The chip also features a very high performance Asynchronous Serial Interface (ASI) to support high speed serial communication protocols compatible with ISO 7816 standard. It is manufactured using the highly reliable ST CMOS EEPROM technology.
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
3/9
Summary description
ST22N256, ST22N256A
1.1
Embedded software
The Hardware Software Interface (HSI) implements the Hardware Abstraction Layer. It consists of C interfaces to the EEPROM memory and peripherals. The drivers are:
Non Volatile Memory Asynchronous Serial Interface Central Interrupt Controller Timer Random Number Generator Clock Manager Memory Protection Unit Sensors S e c u r it y
Note:
The HSI driver software layer is a C-oriented API allowing efficient and secure access to the peripherals and Non Volatile Memory for programming or erasing. Only the OS and Java CardTM Virtual Machine (JVM) domains can access the HSI software layer (In the following the term OS will refer to the software layer that is directly interfaced to the HSI).
1.2
Cryptographic library
ST proposes a complete set of firmware subroutines to allow fast and easy implementation of cryptographic protocols. These subroutines are optimized according to ST22 core specificities and dedicated instructions. Security issues are addressed to provide state-ofthe-ar t security. The entire library is located in a specific ROM area; accessed through a single entry point. The ST cryptographic library offers the following features:
Asymmetrical algorithms (ST22N256)
Basic modular arithmetic for various lengths including modular product for odd modulus More elaborate functions (with separate fast and secure versions) such as exponentiation, RSA signatures and verifications for modulo length up to 2048 bits long Full internal RSA key generation. This guarantees that the secret key will never be known outside the chip and will contribute to the overall system security Random number generation of big size SHA-1 DES and Triple DES including key scheduling AES with standalone key schedule for 128-, 192- and 256-byte lengths
bs O
let o
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
Symmetrical algorithms (ST22N256 and ST22N256-A)
4/9
ST22N256, ST22N256A
Summary description
1.2.1
Cryptography performance
Table 1 provides the cryptographic performances of the ST22N256, ST22N256-A based on the ST Crypto Library. Table 1. Cryptographic performances
Function Signature with CRT RSA 1024 bits Signature without CRT
(2)
Algorithm
Time(1) 79.0 ms 242.0 ms 3.6 ms 485.0 ms 1.7 s 11.0 ms 18 s 8 s
Verification (e=0x10001) Signature with CRT RSA 2048 bits Signature without CRT Verification (e=0x10001) Triple DES Single SHA-1 AES-128 Key generation
1. Internal clock at 33 MHz 2. CRT: Chinese Reminder Theorem. 3. Average time
512-bit Block Encryption including subkey computation 1024 bits key 2048 bits key
1.3
bs O
so Software development environment Ob )t(s uc od Pr ete ol
te le
ro P
uc d
194 s 85 s
s) t(
2.7 s(3) 23.1 s(3)
Modularity, flexibility and methodology are the key words for the SmartJTM Development Tools Platform. Using the same interface, the developers are able to create, compile and debug a project. The SmartJTM Integrated Development environment (IDE) includes: A code Generation chain: C/C++ compiler, assembler and linker. The assembler supports both native and Java CardTM instruction sets. An instruction set simulator, a cycle accurate simulator, a C/C++ source level debugger. Software and Hardware tools allow to efficiently generate, then validate all code and application embedded softwares for the SmartJTM platform.
5/9
Summary description Figure 2. SmartJTM IDE
ST22N256, ST22N256A
bs O
let o
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
6/9
ST22N256, ST22N256A Figure 3. SmartJTM Code Generation Tools
Summary description
C /C + + S o u rc e
A s m S o u rc e
C /C + + C o m p ile r
N a tiv e /J a v a A s s e m b le r
C /C + + S ta n d a rd L ib r a r ie s
O b je c t F ile s
HSI L ib r a r y
C ry p to . L ib r a r y
L in k e r
D e v ic e S e t- u p
A p p lic a t io n
Figure 4.
SmartJTM Code Validation Tools
Integrated Development Environment
> Console.exe
Debugger GUI
bs O
...
let o
Cycle accurate Simulator Random
od Pr e
Timer ASI
DEBUGGER CORE
ct u
(s)
Third party tools
so Ob -
te le
ro P
uc d
s) t(
S C P 1 6 0 c /P R Z
ST PLAYER
PC/SC Virtual interface
Instruction Set Simulator
Monitor
FPGA Board
SmartCard Reader
160d
SmartCard Pod
7/9
Revision history
ST22N256, ST22N256A
2
Revision history
Table 2.
Date 04-Jun-2004 19-Jun-2006
Document revision history
Revision 1 2 Initial release. Conver ted to new ST Corporate template. Changes
bs O
let o
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
8/9
ST22N256, ST22N256A
Please Read Carefully:
Information in this document is provided solely in connection with ST products. STMicroelectronics NV and its subsidiaries ("ST") reserve the right to make changes, corrections, modifications or improvements, to this document, and the products and services described herein at any time, without notice. All ST products are sold pursuant to ST's terms and conditions of sale.
Purchasers are solely responsible for the choice, selection and use of the ST products and services described herein, and ST assumes no liability whatsoever relating to the choice, selection or use of the ST products and services described herein. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted under this document. If any part of this document refers to any third party products or services it shall not be deemed a license grant by ST for the use of such third party products or services, or any intellectual property contained therein or considered as a warranty covering the use in any manner whatsoever of such third party products or services or any intellectual property contained therein.
UNLESS OTHERWISE SET FORTH IN ST'S TERMS AND CONDITIONS OF SALE ST DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY WITH RESPECT TO THE USE AND/OR SALE OF ST PRODUCTS INCLUDING WITHOUT LIMITATION IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE (AND THEIR EQUIVALENTS UNDER THE LAWS OF ANY JURISDICTION), OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS EXPRESSLY APPROVED IN WRITING BY AN AUTHORIZE REPRESENTATIVE OF ST, ST PRODUCTS ARE NOT DESIGNED, AUTHORIZED OR WARRANTED FOR USE IN MILITARY, AIR CRAFT, SPACE, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS, NOR IN PRODUCTS OR SYSTEMS, WHERE FAILURE OR MALFUNCTION MAY RESULT IN PERSONAL INJURY, DEATH, OR SEVERE PROPERTY OR ENVIRONMENTAL DAMAGE.
Resale of ST products with provisions different from the statements and/or technical features set forth in this document shall immediately void any warranty granted by ST for the ST product or service described herein and shall not create or extend in any manner whatsoever, any liability of ST.
bs O
The ST logo is a registered trademark of STMicroelectronics. All other names are the property of their respective owners.
let o
Pr e
du o
(s) ct
so Ob -
te le
ro P
uc d
s) t(
ST and the ST logo are trademarks or registered trademarks of ST in various countries.
Information in this document supersedes and replaces all information previously supplied.
2006 STMicroelectronics - All rights reserved BULL CP8 Patents STMicroelectronics group of companies
Australia - Belgium - Brazil - Canada - China - Czech Republic - Finland - France - Germany - Hong Kong - India - Israel - Italy - Japan Malaysia - Malta - Morocco - Singapore - Spain - Sweden - Switzerland - United Kingdom - United States of America www.st.com
9/9
|
