The A7001AG is a tamper resistant secure Micro Controller Unit (MCU) using a dedicated security hardened MX51CPU. NXP Semiconductors has a long track record in security MCUs. NXP ICs had been used in all kind of security applications like bank cards, health insurance cards, electronic passports, pay-tv cards or as embedded secure element in mobile phones. The A7001AG features a significantly enhanced secure microcontroller architecture. Extended instructions for Java and C code, linear addressing and high speed at low power are among many other improvements added to the classic 80C51 core architecture.

The A7001AG supports the following features:

  • 100 kbit/s I²C slave interface
  • NXP patented glue logic™
  • NXP secure fetch technology™
  • Active shielding technology
  • Asynchronous self-timed Handshake Technology
  • Dedicated MX51 security CPU
  • 72 KB EEPROM for application-code and data
  • 50 μA typical sleep mode current with I²C pads operated in weak pull-up mode, don’t obstructing the bus lines
  • High-performance secured Public Key Infrastructure (PKI) coprocessor (RSA up to 2048 bit keys, ECC over GF(p) up to 320 bit keys)
  • Secured 2-key/3-key triple-DES coprocessor
  • Secured AES coprocessor (128-,192- and 256 bit keys)
  • EEPROM with minimum 500 000 cycles endurance and minimum 25 years retention time
  • On-chip operating system firmware: JCOP 2.4.2 R1
  • Compliant to Java Card specification V3.0.1 classic as defined in Ref. 1
  • Compliant to Global Platform specification as defined in Ref. 2 and Ref. 3

The A7001AG runs a Java Card Open Platform operating system called JCOP based on independent, third party specifications, i.e. by Oracle, the Global Platform consortium, the International Organization for Standards (ISO), EMV (Europay, MasterCard and VISA) and others.

The Java Card and GlobalPlatform industry standards together ensure ease of application development and application interoperability for developers.

The A7001AG key benefits:

  • Complete security platform enabling customized solutions
  • Field and silicon proven solutions- deployed in numerous devices and environments
  • Ensures trust to drive applications in open and closed systems where high level of security is needed
  • Full solution, ease to integrate, ensuring lower total cost of ownership
  • Robust cryptographic core, countermeasures and protection of device assets
  • Powerful cryptographic coprocessors for public and secret key encryption within a low power, performance optimized design based on NXP Semiconductors’ handshaking technology.

For more detailed information refer to following documentation1:

  • Administrator manual, A7001AG, Doc.No. 1887xx²
  • User manual, A7001AG, Doc.No. 18821xx
  • Hardware data sheet, A7001AG, secure smart card controller, Doc.No. xx

The Administrator manual describes JCOP for the administrator of a JCOP secure element. This means it explains the pre-personalisation process and its specific commands.

The User manual describes JCOP for the applet developer. It outlines the features available through the Java Card API. Also it explains any additional functionality at the Java layer. Also, this User manual contains the information on how to order A7001AG products.

The Hardware data sheet explains the details of the A7001AG product from a hardware point of view. It outlines figures like pinning diagram and power consumption.

JCOPX – Additional Application Programming Interface (APIs) features

JCOP provides extended support for several industry specific requirements. This support is given with the JCOPX API that comprises following functionality:

  • Extended cryptography support (several algorithms and methods not specified in Java Card v3.0.1 classic (see Ref. 1)
  • Secure Box feature supporting execution of native customer code in user mode out of Java Application

More details about the JCOPX API can be found in JCOP User Manual.

Security features

The A7001AG security concept is combining a comprehensive portfolio of NXP security measures which is protecting the chip against all types of attacks. All in all there are more than 100 security features in an NXP security chip to protect against attacks from outside. NXP Semiconductors apply their extensive knowledge of chip security to harden the chip against any kinds of attacks.

The counter measures against reverse engineering attacks i.e. the dedicated security CPU designed in asynchronous handshaking circuit technology, the very dense sub-micron 5-metal-layer 0.14 μm technology, the NXP patented glue logic™ and active shielding technology are providing highest level of attack resilience which is unique in the market.

Secure Fetch Technology™ will significantly enhance the chip hardware security for a certain class of light and laser attacks to the chip hardware. More specifically, Secure Fetch offers increased protection against attacks with higher spatial resolution and against both those with shorter and with longer light pulses; both with single and with multiple pulses. It protects both the device memory and code fetching operations from ROM, RAM and EEPROM, greatly increasing the probability that fault injection attacks are detected. This unique security technology offers increased protection against future attack scenarios with light and laser sources, facilitating the development of highly secure software applications for customers.

The A7001AG security concept includes dedicated HW measures to protect against any kind of leakage attacks. The Triple-DES coprocessor is mathematically proven leak-resistance to 1st order DPA, thus equally well resilient against all kinds of leakage attacks.

The A7001AG incorporates inherent and OS controlled security features:

  • Secure Fetch Technology™, protecting code fetches from ROM, RAM and EEPROM
  • Dedicated security CPU designed in asynchronous handshaking circuit technology
  • High dense sub-micron 5-metal-layer 0.14 μm CMOS technology,
  • NXP patented glue logic™
  • Enhanced security sensors
    • Low and high temperature sensor
    • Low and high supply voltage sensor
    • Single Fault Injection (SFI) attack detection
    • Light sensors (incl. integrated memory light sensor functionality)

Security licensing

NXP Semiconductors has obtained a patent license for SPA and DPA countermeasures from Cryptography Research Incorporated (CRI). This license covers both hardware and software countermeasures. It is important to customers that countermeasures within the operation system are covered under this license agreement with CRI. Further details can be obtained on request.

 
Features and benefits

 
High reliable EEPROM for both data storage and program execution: 80 KB
    • Data retention time: 25 years minimum
    • Endurance: 500.000 cycles minimum
  • Dedicated Secure_MX51 MCU (Memory eXtended/enhanced 80C51)
  • 100 kbit/s I²C slave interface
  • Public Key Cryptography (PKC) coprocessor supporting RSA, Elgamel, DSS, Diffie-Hellman, Guillou-Quisquater, Fiat-Shamir and Elliptic Curves
    • RSA support for the key lengths up to 2048-bit
    • Elliptic Curve over GF(p) Cryptography with key lengths up to 320-bit
  • Single DES (56-bit) and Triple DES with 2 or 3 Keys (112-bit- or 168-bit), Encryption and decryption in ECB, CBC and CBC-MAC mode
  • High speed AES coprocessor (128-bit parallel processing AES engine)
  • Low power True Random Number Generator (TRNG) in hardware, AIS-31 compliant
  • SHA1, SHA-224 and SHA-256
  • SEED algorithm
  • MD5
  • On-Chip Key generation
  • CRC calculations
  • Data Authentication Pattern (DAP) for the Supplementary Security Domains
  • Low power and low voltage design using NXP Semiconductors handshaking technology
  • Power-saving SLEEP mode
  • Wake-up from SLEEP mode by any I²C communication request
  • 50 μA typical sleep mode current with I²C pads operated in weak pull-up mode, don’t obstructing the bus lines
  • Internally generated CPU clock (typical 62 MHz)
  • 1.62 V to 5.5 V operating voltage range
  • -25 ℃ to +85 ℃ operational ambient temperature
 
Applications

 

The A7001AG is a complete embedded security platform for mobile phones, portable devices, computing and consumer electronic devices, and embedded systems where a strong security infrastructure is required. The A7001AG provides an outstanding level of security, while overcoming the challenges of performance, power consumption and solution footprint. Its flexible architecture offers brand owners and device manufacturers a robust solution that can be tailored to meet today’s demanding embedded security requirements. The A7001AG can be used in various host platforms and host operating systems to secure a broad range of applications.

The NXP au10tic family is offered as a turnkey solution that provides customers easy integration of authentication solutions into their end products. Minimal impact on the performance of end-products is achieved through high-speed, low power consumption ICs that feature the industry standard I²C interface.

In addition to the A7001AG secure MCU, the total solution includes MCU firmware and an X.509 certificate authentication application. The A7001AG is delivered with pre-programmed, die-specific keys and certificates which are being generated and programmed in a certified (Common Criteria) secure NXP internal environment with master keys securely stored in HSMs (Hardware Secure Modules). Additional authentication software for the host (host-MCU or remote server) can also be included as part of the solution.

The flexibility of the au10tic A7001 solution allows for fast and convenient customization of specific solutions or implementations.

Application areas

  • Embedded Security
  • Counterfeit protection of hardware and software
    • Anti-cloning
    • Brand integrity of original goods
  • Profile of service
    • Conditional access to software, content and features
    • Secure access to online services
  • Device identity
    • Signing transactions
    • Secure machine to machine (M2M) communication