mifare cards
Post on 31-May-2015
2.432 Views
Preview:
TRANSCRIPT
Mifare cards presentation
Yann ROBERTTechnical expert
18-04-2011
Introduction
In Gemalto, Mifare products are called “Celego”Mifare 1 K => Celego Mifare 1KMifare 1 K => Celego Mifare 1KMifare 4 K => Celego Mifare 4K
Celego range describes generic contactless products dedicated to transport and access controldedicated to transport and access controlMifare 1K and 4K are compliant with ISO 14443-1, -2, -3
Type A (ISO 14443 -2)Unique and permanent serial numberUnique and permanent serial numberAnti-collision based on ISO 14443-3Mutual authentication (ISO 9798-2)Encrypted data communicationSecurity management sector per sector
Introduction
ISO 7816-1 Proximity TransactionInductive powerISO 7816 1
dimensiony
(8 to 10cm)power supply
Antenna
Read / Write RF transmissions
(encrypted)
E²PROM memorySecurity featuresPVC card body
Introduction
S ifi iSpecificationsISO/IEC 14443-1 : Physical characteristicsISO/IEC 14443-2 : Radio frequency power and signal interfaceISO/IEC 14443 3 : Initialisation and AnticollisionISO/IEC 14443-3 : Initialisation and Anticollision
Mifare 1K: • MF1S5009 - Mainstream contactless smart card - 27 July 2010 - NXP
Mifare 4K:• MF1S7009 - Mainstream contactless smart card - 26 July 2010 - NXP
Mifare 1K and 4K are NOT ISO14443-4 compliant
Introduction
Mifare 1 K Mifare 4 K
Memory
Mifare 1 K Mifare 4 K
Chip / Size Mifare 1 Kbytes NXP, Infineon
Mifare 4 Kbytes NXP only
RF INTERFACE Serial number 4 bytes
SECURITY
Mifare 4 KBMifare 4 KB
SECURITYAccess condition
Memory Organization
Yes 16 sectors * 4 blocks
Yes 32 sectors * 4 blocks 8 sectors * 16 blocks
Authentication Mutual, Mifare 3 passes Data encryption Yes
A K 2 k t (6 b t )Mifare 1 KBMifare 1 KB Acces Keys 2 keys per sector (6 bytes)APPLICATION
Type of data Data Block
Value Blocks: EPurse
Back-up mechanism
For value Blocks Low cost application
Mifare 1 KBMifare 1 KB
Mifare Ultralight+SRIX512
Mifare Ultralight+SRIX512
Transaction time < 100ms
Pure cless memory card
SecurityPaper ticket &Thin PET card
Introduction
B di i AntennaBonding wires te a
Transparent PVCMicromodule
White PVC
C d b dCard bodyISO dimensions
Introduction
Reader to card Card to readerReader to cardType A Data rate : 106 kbit/sModulation : 100% ASK
Card to readerType ASubcarrier : f0/16 = 847 kHzData rate : 106 kbit/s
Bit coding : Modified Miller
0 1 0 0 1 1 0
Subcarrier modulation : OOKBit coding : Manchester
0 1 0 0 1 1 0
Mifare mappings
Mifare 1K Electrical MappingMifare 1K Electrical Mapping
0Sector Block
Block 0: Manufacturer information (UID )0123
0
Block 0: Manufacturer information (UID,...)
Data block
0123
1
Security block
1 block = 16 bytes3
01
y1 sector = 64 bytesMifare 1K = 16 sectors = 1024 bytes = 1Kbytes
123
15 A block, is the smallest addressable elementAC are defined for each block
Mifare 4K Electrical MappingMifare 4K Electrical Mapping
Block 0: Manufacturer information (UID )0
Sector BlockBlock 0: Manufacturer information (UID,...)
Data block
Security block
0123
0
s of
4 b
lock
sy
1 block = 16 bytesSector 0 to 31 = 64 bytes for each sectorS t 32 t 39 256 b t f h t
31
01230
32 s
ecto
rs
Sector 32 to 39 = 256 bytes for each sectorMifare 4K = (32 x 64) + (8 x 256)
= 2048 + 2048 = 4096 bytes 4Kb
320..15
of 1
6 bl
ocks
= 4Kbytes
A block, is the smallest addressable elementS t 0 t 31 AC d fi d f h bl k
0..15
39
8 se
ctor
s o
Sector 0 to 31 : AC are defined for each blockSector 32 to 39: AC are defined for 5 blocks
Mifare Data Block TypesMifare Data Block Types
Mifare data blocks exist in 2 formats:Mifare data blocks exist in 2 formats:Transparent blocks : data read or written are not interpreted by the cardValue blocks : special format and coding dedicated to purse functions
(Increment / Decrement commands)
Value format:Value: 4 bytes number in hexadecimal “V4 V3 V2 V1”l d d d t d i d i th bl kloaded and stored in reverse order in the block
V1 V2 V3 V4 V1 V2 V3 V4 V1 V2 V3 V4 X X X X
X : means complement of X
Example: Value = 12 34 56 78
78 56 34 12 87 A9 CB ED 78 56 34 12 FF 00 FF 00
X : means complement of X= (X Xor FF)
78 56 34 12 87 A9 CB ED 78 56 34 12 FF 00 FF 00
Mifare securityMifare security
Each sector is protected by a “Security Block”Each block in a sector has its own Access Conditions (“AC”)
B00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15
Access Cond Data
A
BKey A (6 bytes) Access Cond.
(3 bytes)Data
(1 byte) Key B (6 bytes)
Security Block format
Authentication with a sector can be done with key A or key BProprietary symmetric algorithmTo access a sector:
authentication with Key A or Key B is mandatorya session key is created for the authenticated sectorll i ti b t th d d t i i h d ith th i kall communication between the reader and a sector is ciphered with the session key
Mifare Manufacturer Code Block
Block 0 sector 0 is called the “Manufacturer block”, the content :is written by the chip manufacturer (NXP Infineon)is written by the chip manufacturer (NXP, Infineon)can be read without authenticating with sector 0can never be modified (write is not allowed)
Mifare cards can be ordered with 4 or 7 bytes UIDy
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15
UID (4 bytes) LRC XX XX XX XX XX XX XX XX08 04 00
UID : Unique IDentifierLRC L it di l R d d Ch k UID
UID (7 bytes) XX XX XX XX XX XX08 04 00
LRC: Longitudinal Redundancy Check on UIDXX..XX: Chip manufacturer reserved areas
Chip information: • 08 : SAK• 04 00 : ATQA
Access conditions
Mifare Access Conditions
A di i d fi dAccess conditions are defined: for each block : Mifare 1K and Mifare 4K sectors 0 to 31for 5 blocks : Mifare 4K sectors 32 to 39
A diti f h bl k t d i th tAccess conditions for each block are stored in the sector Security BlockAccess conditions
f ( )for a data block (transparent or value)for the Security Block itself
Eight sets of access conditions are available for the four following commandsfollowing commands
Read / Write / Add / Subtract
Mifare Data Block Access Conditions Subtract
A.C. Set Read Write
Add
TransferTransferA.C. Set
Selection SetNo.
0
AC2
0
AC1
0
AC0
0
Read
A or B
Write
A or B A or B
Transfer
Restore
A or B
a s e
Restore
1
2
0
0
0
1
1
0
A or B
A or B
never
never
never
never
A or B
never
3
4
0
1
1
1
0
0
1
0
1
B
A or B
B
B
never
never
never
never
5
6
7
1
1
1
0
1
1
1
0
1
B
A or B
never
never
B
never
never
B
never
never
A or B
never7 1 1 1 never never never never
Mifare Security Block Access Conditionsy
Key A AC + B9 Key BA.C. SetNo
A.C. Set Selection
0
AC2
0
AC1
0
AC0
0
Read
never
Write
A or B
Read Write
never
Read WriteNo. .
A or B A or B A or B
A B A B1
2
0
0
0
1
1
0
never
never
A or B
never never never
A or B
A or B
A or B A or B
A or B
A or B
3
4
0
1
1
0
1
0
never
never
B
B
B
never
never
never
B
B
A or B
A or B
5
6
1
1
0
1
1
0
never
never
never
never
B
never
never
never
never
never
A or B
A or B
7 1 1 1 never never never never neverA or B
Mifare Access Condition StorageMifare Access Condition Storage
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15
Security Block Key A (6 bytes) Access Cond. (3 bytes)
Data (1 byte) Key B (6 bytes)
AC1 AC2 AC2 AC0 AC0 AC1
Byte 7Byte 6 Byte 87 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0
ACn: complemented value of AC (AC Xor FF)
Access Conditions Definition example
R W A S
Block 0 Transparent N N N NBlock 1 Transparent A/B N N N
AC n° 7 1 1 1AC n° 2 0 1 0
AC2 AC1 AC0
Block 1 Transparent A/B N N N Block 2 Value A/B B B A/B
AC n 2 0 1 0AC n° 6 1 1 0
Key A AC + B9 Key BR W R W R W
Block 3 Security N N A/B B N N AC n° 5 1 0 1
AC2 AC1 AC0
Access Conditions CalculationAC2 AC1 AC0
Block 0
Block 1
Block 2
1 1 1
0
1
1
1
0
0
AC2 AC1 AC0
Block 2
Block 3
1 1 0
1 0 1
1 1 0 1 0 1 1 1 1 0 0 1
7 6 5 4 7 6 5 43 2 1 0
AC2 AC1 AC0
1 1 0 1 0 1 1 0 1 0 0 1 0 1 1 11 0 0 0 0 0 1 0
Security Block Access Conditions:
Byte 7Byte 6 Byte 8InversedInversedInversed
7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 07 6 5 4 3 2 1 0
AC1 AC2 AC2 AC0 AC0 AC1
Mifare weaknesses
Mifare weaknesses
Mifare cryptography is proprietary and has been brokenKey length is small (48 bits)algorithm is badly designed
It is now possible to make Mifare 1K, 4K clone cards
NXP has introduced a new generation of Mifare cards called as oduced a e ge e a o o a e ca ds ca ed“MifarePlus”:
AES-128 cryptographyCertification AEL4+ISO 14443 -1, -2, -3, -4 compliant
Mifare emulation
Mifare emulation on contactless JavaCards
Infineon and NXP propose on some of their smart card chips t h Mif 1K 4K l tito have Mifare 1K or 4K emulation
Mifare EEPROM Contactless JavaCard zone zone with Mifare emulation
Mifare Classic protocol
ISO14443-4 (T=CL) protocolprotocol (T CL) protocol
Contactless reader
Mifare emulation on contactless JavaCards
An incompatibility problem may happen on the “ATS availablehappen on the ATS available check”
A card will supports ATS only if it isA card will supports ATS only if it is compliant with ISO14443-4 (T=CL). This is known when the card answers the SAK
Mifare emulation on contactless JavaCards
WUPA (0x52)
ATQA (0x00 02)ATQA (0x00 02)
ANTICOLLISIONANTICOLLISION SEL: 0x93NVB: 0x20
ANTICOLLISION Answer IUD: 12345678BCC 08
CARD ANSWER
SELECTSELECTSEL: 0x93NVB: 0x70IUD: 0x12345678BCC: 0x08CRC A: A23C
SELECT ACKNOLEDGE (SAK) SAKSAK: 20CRC_A: 70FCCRC_A: A23C
b8 b7 b6 b5 b4 b3 b2 b1 Meaningx x x x x 1 x x Cascade bit: IUD not completex x 1 x x 0 x x IUD complete, card compliant with ISO14443-4x x 0 x x 0 x x IUD complete, card NOT compliant with ISO14443-4
Card type Mifare Classic SAK Mifare emulation SAKMifare Classic 1K 0x08 (NXP)
0x88 (Infineon)0x28
p , p
Select AcKnowledge (SAK) coding
0x88 (Infineon)Mifare Classic 4K 0x18 0x38
SAK values
www.justaskgemalto.com
top related