DS2703 SHA-1 Battery Pack Authentication IC
5 of 20
DETAILED DESCRIPTION
The DS2703 is comprised of a SHA-1 Authentication function and thermistor mux control that are accessed via a 1-
Wire interface. The high voltage (HV) detection circuit routes the externally supplied programming voltage to the
EEPROM array and enables the internal regulator to isolate portions of the chip from the programming voltage. The
1-Wire interface controls access by a host system to the 64-bit Net Address (ROM ID) and SHA-1 Authentication.
The DS2703 operates in one of four operating modes: communication, computation, programming and thermistor
access. Most operations are performed in communication mode, with the host system addressing the DS2703
using Net Address commands and then setting up an authentication exchange and retrieving the results. In
communication mode, the DQ load current is no more than IDQ0 maximum, and the DS2703 can be “parasite”
powered via the DQ pin through a high impedance pullup resistor during a communication transaction. Power
available while the 1-Wire bus is at a logic high is rectified by the on chip diode and stored in an off chip capacitor
connected to the VB pin.
In computation mode, when a SHA-1 verification is performed, the DQ load current increases up to IDQ2,
necessitating a lower impedance pullup resistor. The computation mode load current occurs after the host supplies
the required challenge data and requests the computation using the proper function commands in communication
mode. In this mode, the pullup supply and low impedance pullup resistor must be capable of keeping the DQ pin
above VPULLUP-MIN.
The third operating mode is required when programming the non-volatile memory portions of the DS2703. The
programming mode is defined by the application of a high voltage programming pulse to the DQ pin at the
appropriate point during a Compute Secret command, Load/Lock Secret or Clear/Set Overdrive Timing command.
The internal voltage regulator limits the internal voltage (VDD_INT) to isolate low voltage portions of the chip from the
HV programming pulse. Typically, programming mode is used during module or pack manufacture to configure the
DS2703 and program the 64-bit secret.
Finally, thermistor mode allows the voltage on an external thermistor to be measured from the DQ line. The
command sequence causes the DS2703 to internally disconnect its DQ interface and drive the THM pin to VSS
allowing the measurement to be made. The IC remains in this mode until the VB pin capacitor is drained causing
the DS2703 to power cycle back to communication mode.
AUTHENTICATION
Authentication is performed using a FIPS-180 compliant SHA-1 one way hash algorithm on a 512 bit message
block. The message block consists of a 64-bit secret, a 64-bit challenge and 384 bits of constant data. Optionally,
the 64-bit net address replaces 64 of the 384 bits of constant data used in the hash operation. An authentication
attempt is initiated by the host system providing a 64-bit random challenge then sending one of two compute
command sequences. The host and the DS2703 both calculate the result based on the mutually known secret. The
result data, known as the Message Authentication Code (MAC) or Message Digest, is returned by the DS2703 for
comparison to the host’s result. Note that the secret is never transmitted on the bus and thus cannot be captured
by observing bus traffic. SHA-1 based authentication is a cryptographically strong method in wide use for digitally
signing encrypted files and secure transactions such as electronic cash and password exchange protocols.
The FIPS 180 Compliant Input Block, the 512-bit message block is organized as sixteen 32-bit words, W0-W15.
The message block is initialized when a command is received to compute the MAC. Upon initialization, the 64-bit
secret is loaded, and it is important to note that the SHA-1 algorithm has access to this data, but not the serial
interface. The challenge data is received with the command just prior to the compute MAC command. The
challenge data is cleared during computation of the MAC, so the host must write new challenge data prior to
issuing each Compute MAC or Compute Next Secret command. Additionally, the A, B, C, D and E variables used
in the hash computation are initialized per FIPS 180 as shown in Table 1. Variable Initiation. Please contact the
factory for memory map details.