mifare DESFire Functionality

Similar documents
MF3ICD81, MF3ICD41, MF3ICD21

Chip Card & Security ICs Mifare NRG SLE 66R35

Security & Chip Card ICs SLE 44R35S / Mifare

Gemalto Mifare 1K Datasheet

MF1 IC S General description. Functional specification. 1.1 Contactless Energy and Data Transfer. 1.2 Anticollision. Energy

MF3ICDx21_41_ General description. MIFARE DESFire EV1 contactless multi-application IC. Product short data sheet COMPANY PUBLIC

NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1

MF0ICU2. 1. General description. MIFARE Ultralight C. 1.1 Contactless energy and data transfer. 1.2 Anticollision. Rev May

AN1304. NFC Type MIFARE Classic Tag Operation. Application note PUBLIC. Rev October Document information

AN MIFARE DESFire as Type 4 Tag. Rev May Application note COMPANY PUBLIC. Document information.

Secure Dual Interface PKI Smart Card Controller

AN1305. MIFARE Classic as NFC Type MIFARE Classic Tag. Application note COMPANY PUBLIC. Rev October Document information

ACR122 NFC Contactless Smart Card Reader

AN mifare Ultralight Features and Hints. Document information. Multiple ticketing, secured data storage, implementation hints

Application Programming Interface

Exercise 1: Set up the Environment

INTEGRATED CIRCUITS I CODE SLI. Smart Label IC SL2 ICS20. Functional Specification. Product Specification Revision 3.1 Public. Philips Semiconductors

NTAG213/215/216. The mechanical and electrical specifications of NTAG21x are tailored to meet the requirements of inlay and tag manufacturers.

NB3H5150 I2C Programming Guide. I2C/SMBus Custom Configuration Application Note

SL2 ICS53/SL2 ICS General description I CODE SLI-S/I CODE SLI-S HC. 1.1 Anticollision. 1.2 Contactless energy and data transfer

iclass Card Cloning using an RW300 Reader/Writer

MIFARE DESFire EV1 MF3ICD81

Mifare DESFire Specification

Card Issuing Machine for Magnetic, Contact & IC Card

Smart Card Technology Capabilities

UM0853 User manual. 1 Introduction. M24LRxx application software user guide

RFID MODULE Mifare Reader / Writer SL030 User Manual Version 2.6 Nov 2012 StrongLink

RFID MODULE Mifare Reader / Writer SL032 User Manual Version 1.5 Nov 2012 StrongLink

Data Acquisition Module with I2C interface «I2C-FLEXEL» User s Guide

Consult protocol, Nissan Technical egroup, Issue 6

RFID MODULE Mifare Reader / Writer SL031 User Manual Version 2.7 Nov 2012 StrongLink

NFC Tag Type 5 Specification

512 bit Read/Write Multi-purpose Contactless Identification Device

NXP Secure Smart Card Controllers P5CC008, P5CC012 V1A/ V1A(s)

RFID MODULE Mifare Reader / Writer SL025B User Manual Version 1.4 Nov 2012 StrongLink

SALTO Systems I SALTO Carriers. innovation in ID technology. MIFARE DESFire

Secure Automatic Ticketing System

Nemo 96HD/HD+ MODBUS

MIFARE ISO/IEC PICC

SmartMX2 family P60D080 and P60D144

Development Kit EM4095 User s Manual

SRF08 Ultra sonic range finder Technical Specification

USB - FPGA MODULE (PRELIMINARY)

Dolphin In-Circuit programming Updating Firmware in the field

CHAPTER 5 SMART CARD TECHNOLOGY

Data sheet Wireless UART firmware version 4.02

Block 3 Size 0 KB 0 KB 16KB 32KB. Start Address N/A N/A F4000H F0000H. Start Address FA000H F8000H F8000H F8000H. Block 2 Size 8KB 16KB 16KB 16KB

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER

USING MIFARE CLASSIC TAGS VERSION

The I2C Bus. NXP Semiconductors: UM10204 I2C-bus specification and user manual HAW - Arduino 1

ACR122U USB NFC Reader

EnOcean Serial Protocol 3 (ESP3)

AN601 I2C 2.8 Communication Protocol. SM130 SM130 - Mini APPLICATION NOTE

Technical Data Sheet UM-005. UM005-doc In reference to UM005-c-01.04

Measurement and Analysis Introduction of ISO7816 (Smart Card)

SIM CARD PROTOCOLS. This paper attempts in broad strokes to outline the construction of these protocols and how they are used.

Serial Communications / Protocol in AirTest Products

Bluetooth HID Profile

Local Interconnect Network Training. Local Interconnect Network Training. Overview

RFID READER 13.56MHz Reader / Writer SL500 User Manual Version 2.6 Nov 2011 StrongLink

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft

Serial port interface for microcontroller embedded into integrated power meter

SCM Microsystems. Reference Manual version 1.3. SCL010 Multiprotocol contactless stationary reader

USB Card Reader Configuration Utility. User Manual. Draft!

1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

RPDO 1 TPDO 1 TPDO 5 TPDO 6 TPDO 7 TPDO 8

Table 1 below is a complete list of MPTH commands with descriptions. Table 1 : MPTH Commands. Command Name Code Setting Value Description

AN Software Design Guide for POS Development Kit OM5597/RD2663. Rev August Application note COMPANY PUBLIC

Using RFID Techniques for a Universal Identification Device

DS18B20 Programmable Resolution 1-Wire Digital Thermometer

MDG. MULTOS Developer's Guide. MAO-DOC-TEC-005 v MAOSCO Limited. MULTOS is a registered trademark of MULTOS Limited.

SHE Secure Hardware Extension

SKYEMODULE GEMINI DATASHEET VERSION

EPC C-1 G-2 / ISO C RFID IC

Smart Card. Smart Card applications

NHD-0420D3Z-FL-GBW-V3

NTAG213/215/216. The mechanical and electrical specifications of NTAG21x are tailored to meet the requirements of inlay and tag manufacturers.

Overview of the LTC2978 Configuration EEPROM (NVM) Revision 1.0

SCM Microsystems. Reference Manual version 2.0 SCL01X. Multiprotocol contactless stationary reader

Training MIFARE SDK. Public. MobileKnowledge June 2015

MODBUS APPLICATION PROTOCOL SPECIFICATION V1.1b3 CONTENTS

READER COMPONENTS. mifare (14443A) MHz RFID Proximity Antennas. November Revision 1.0 PUBLIC. Philips Semiconductors

Hagenberg Linz Steyr Wels. API Application Programming Interface

Interface Protocol v1.2

Requirements for an EMVCo Common Contactless Application (CCA)

Electronic Multi-Measuring Instrument

How To Fix An Lmx9838 Bluetooth Serial Port Module With Bluetooth (Bluetooth 2) From A Bluetooth Bluetooth 4.2 Device With A Bluembee 2.2 Module

Version Date Author Description Jpo First version Jpo FET output descriptions made clearer

advant advanced contactless smart card system

AKD EtherNet/IP Communication

Allows the user to protect against inadvertent write operations. Device select and address bytes are Acknowledged Data Bytes are not Acknowledged

8-Bit Flash Microcontroller for Smart Cards. AT89SCXXXXA Summary. Features. Description. Complete datasheet available under NDA

UniPi technical documentation REV 1.1

73M1866B/73M1966B FXOCTL Application User Guide November 2, 2009 Rev. 4.1 UG_1x66B_009

Virtual KNX/EIB devices in IP networks

1. Summary. 2. Module Application Instruction. DFPLayer Mini. 1.2.Features. 1.3.Application Specification Description

ACR120 Technical Specifications version 2.9 November 2005

Smart Card Application Standard Draft

Training. MIFARE4Mobile. Public. MobileKnowledge April 2015

Transcription:

mifare DESFire Functionality CAS - 2006

mifare DESFire Functionality Agenda Introduction Main Characteristics & Block Diagram DESFire File System Applications & Files File Types Key Management Access Rights Backup Management Memory Mapping Typical Transaction Time Delivery Types & Development Tools Semiconductors 2

mifare DESFire Main Characteristics Interface: Contactless only only Fully compliant to to the the ISO/IEC14443A (1-4) 7 bytes UID UID ( Double Size Size UID ) Operating distance up up to to 10cm Data transmission: 106 106 424 424kBd Compatible to to the the Mifare Reader CPU & OS: Asynchronous CPU core core (3) (3) DES DES coprocessor Fixed Command Set Set No No Customer ROM codes RF-Interface MF3ICD40 CPU EEPROM (3)DES-Co-proc. Buy the card and use it. Semiconductors 3

mifare DESFire Main Characteristics NV Memory: 4 kbyte EEPROM Erase + Write access: 1ms 1ms each R/W-Cycles: >100K Data retention: 10 10 years RF-Interface MF3ICD40 CPU EEPROM (3)DES-Co-proc. File System: up up to to 28 28 application // card card up up to to 16 16 files files // application up up to to 14 14 keys keys // application 1 masterkey for for card card maintenance Plain, (3)DES encrypted, or ormaced data data transmission On-Chip Backup management Semiconductors 4

mifare DESFire Block Diagram MF3 IC D40 CARD LA RF INTERFACE SECURITY UART ISO 14443A TRIPLE-DES CO-PROCESSOR TRUE RANDOM NUMBER GENERATOR COIL LB SENSORS POWER ON RESET VOLTAGE REGULATOR CPU / Logic Unit CRC CLOCK INPUT FILTER RESET GENERATOR ROM RAM EEPROM Semiconductors 5

mifare DESFire File System The 4kByte EEPROM can be used for: up to 28 different applications (like sub-directories on a HDD) 1 2 3 4... 28 One MasterKey (for (for card card maintenance) up to 16 files / application (like data-files within one sub-directory ) up to 14 (3)DES keys / application (valid only within the sub-directory ) includes One MasterKey (for (for application maintenance) 3 File types: 1) Data Files 2) Value Files 3) Record Files Semiconductors 6

mifare DESFire File Types: Standard Data File Standard Data File (0x00) File# 0x00... 0x0F User File size: = 1 byte... 4 kbyte Required EEPROM size: = File Size* General data file (e.g. card issuer data, card holder name) EEPROM Size [( StdData 1) / 32] * 32 + 32 = INT FileSize Create Standard Data File 1 1 1 2 3 CMD File # Com Set Access Rights File Size *Internally the NV-memory is allocated in blocks of 32 bytes. Semiconductors (E.g. every file with a size of 1-32 bytes internally always uses 32 bytes.) 7

mifare DESFire File Types: Backup Data File Backup Data File (0x01) File# 0x00... 0x07 File size: = 1 Byte... 2 kbyte Required EEPROM: = 2 x File size* General data file (e.g. card issuer data, card holder name) EEPROM Size [( BackupData 1) / 32] * 32 32 = 2 INT FileSize + Create Backup Data File 1 1 1 2 3 CMD File # Com Set Access Rights File Size *Internally the NV-memory is allocated in blocks of 32 bytes. Semiconductors (E.g. every file with a size of 1-32 bytes internally always uses 32 bytes.) 8

mifare DESFire File Types: Value Files Value File (0x02) Required EEPROM size: = 32 Bytes File# 0x00... 0x07 Value Range = -16 777 215...+16 777 216 (4 Byte signed integer) Lower Limit = -16 777 215...+16 777 215 Upper Limit = -16 777 214...+16 777 216 (Lower Limit < Upper Limit) Limited Credit enabled (0x01) / disabled (0x00) Create Value File 1 1 1 2 4 4 4 1 CMD File # Com Set Access Rights Lower Limit Upper Limit Value Credit Limited enabled Semiconductors 9

mifare DESFire File Types: Record File 3 Records can be read n Records can be read Record File Record #1 Record #2 Record #3 Record #4 Record #5 Record #n-1 Record #n Record Size # of Records after 3 Write commands after n Write commands A Record Record File File contains n Records. Each Each Record Record can can be be written written once. once. The The latest latest and and all all the the previous Records can can be be read read (at (at once). once). Semiconductors 10

mifare DESFire File Types: Record File Linear Record File Record #1 Record #2 Record #3 Record #n-1 Record #n Record File full after 3 Write commands Cyclic Record File Record #1 Record #2 Record #3 Record #n-1 after n Write commands Record #n after n+1 Write commands Record #1 after n+2 Write commands Record #2 n+1 Write: Error instead of ACK Semiconductors 11

mifare DESFire File Types: Linear Record File Linear Record Files (0x03) File# 0x00... 0x07 Required EEPROM size: = 32Bytes + Record Size # of Records* Record Size = 0x00 00 01... 0xff ff ff (1 Byte - 4k Byte) # of Records = 0x00 00 01... 0xff ff ff Create Record File 1 1 1 2 3 3 CMD File # Com Set Access Rights Record Size Max. # of Records * Internally the NV-memory is allocated in blocks of 32 bytes. (E.g. a Record File with 2 Records and a size of 10 Bytes/Record internally always uses 64 bytes.) Semiconductors 12

mifare DESFire File Types: Cyclic Record File Cyclic Record Files (0x03) File# 0x00... 0x07 Required EEPROM size: = 32Bytes + Record Size # of Records* Record Size = 0x00 00 01... 0xff ff ff (1 Byte - 4k Byte) # of Records = 0x00 00 02... 0xff ff ff Create Record File 1 1 1 2 3 3 CMD File # Com Set Access Rights Record Size Max. # of Records * Internally the NV-memory is allocated in blocks of 32 bytes. (E.g. a Record File with 2 Records and a size of 10 Bytes/Record internally always uses 64 bytes.) Semiconductors 13

mifare DESFire Encryption DESFire data transmission: Example Data: Plain Data MACed* Data Hello World Data 48 65 6C 6C 6F 20 57 6F 72 6C 64 Data MAC 48 65 6C 6C 6F 20 57 6F 72 6C 64 23 42 A1 2E (3)DES enciphered Data + 2Byte CRC -> filled up to n*8 -> (3)DES encrypted f2 45 2a e0 50 56 3c 02 43 4e 63 ac 04 bb 21 26 Coding of the Communication Settings: b7 b6 b5 b4 b3 b2 b1 b0 Hex Plain Data 0 0 0 0 0 0 x 0 0x00 MACed 0 0 0 0 0 0 0 1 0x01 (3)DES encrypted 0 0 0 0 0 0 1 1 0x03 *MAC: Message Authentication Code Semiconductors 14

mifare DESFire Keys DES and 3DES keys are stored in 16 bytes strings. DES: 1 st half = 2 nd half Single DES 00 11 22 33 44 55 66 77 00 11 22 33 44 55 66 77 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (default) 3DES: 1 st half = 2 nd half Triple DES 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 Semiconductors 15

mifare DESFire Access Rights 4 different Access Rights are stored for each file. Access Rights are defined during creation of a file. Value File all other files R Get Value Debit Read W Get Value Debit Limited Credit Write R&W Get Value Debit Limited Credit Credit Read&Write C Change Config Key #0 always is the Masterkey on PICC level (if no application or AID 0x00 00 00 is selected) on Application level (if an Application is selected). Semiconductors 16

mifare DESFire Coding of Access Rights During creation of a file the Access Rights are defined with a 2-byte code: MSBit LSBit b15 b12 b11 b8 b7 b4 b3 b0 R W R&W C Remark: Remark: If If a file file is is accessed accessed without without valid valid authentication authentication but but free free access access (0xe) (0xe) is is possible, possible, the the communication communication mode mode is is forced forced to to plain plain (through (through at at least least one one relevant relevant access access right). right). Hex Key 0x0 0 0x1 1 0x2 2 0x3 3 0x4 4 0x5 5 0x6 6 0x7 7 0x8 8 0x9 9 0xa 10 0xb 11 0xc 12 0xd 13 0xe "free" 0xf never no authentication required no access Semiconductors 17

mifare DESFire Application Example Up to 28 different applications per card Up to 16 different files per application Application 0x 00 00 02 File 0x03 File Appl 0x07 File 0x 00 00 02 0x0C File 0x04 Appl 0x 00 00 03 Appl 0x 00 00 01 Semiconductors 18

mifare DESFire Application Example Application # 0x 00 00 02 contains 4 Files: File 0x03: Application Value File 0x 00 00 02 lower limit: -10 File upper 0x03 limit: +2000 File MACed Data 0x07 File 0x0C File 0x04 File 0x0C: File 0x07: Backup Data File File Size: 30 bytes 3DES encrypted Data Standard Data File File Size: 30 bytes Plain Data File 0x04: Cyclic Record File Record Size: 10 bytes # of Records: 21 MACed Data Semiconductors 19

mifare DESFire Application Example KEY 0 Application # 0x 00 00 02 contains 4 Files and 5 keys: KEY 1 KEY 2 KEY 3 KEY 4 Application 0x 00 00 02 File 0x03 File 0x0C File 0x07 File 0x04 free never R W R&W C R W R&W C R W R&W C R W R&W C File 0x0C: File 0x03: File 0x04: File 0x07: Value File Standard Data File Cyclic Record File Backup Data File Semiconductors 20

mifare DESFire Backup Management Transaction oriented approach On application level, Multiple write commands can be issued. Completed transaction has to be validated by a CommitTransaction command. If not validated or aborted, a full rollback of all writes happens. Either ALL writes are done or NO writes are done. Application data is always consistent Semiconductors 21

Backup Data File mifare DESFire Data File Backup Valid Image Image 1 Write updates mirror image Write Data Image 2 CommitTransaction validates updated Image Valid Image Image 1 Image 2 Semiconductors *Data File Backup Management requires a Backup Data File. 22

Value File mifare DESFire Value File Backup Valid Image Image 1 Image 2 Image 1 Image 2 Write updates mirror image Write Valid Image CommitTransaction validates updated Image Image 1 Image 2 Image 1 Image 2 Semiconductors 23

mifare DESFire Record File Backup Record File Current Record Write Data Current Record Record #1 Record #2 Record #3 Record #n-1 Record #n Record #1 Record #2 Record #3 Record #n-1 Record #n Write into next empty Record CommitTransaction validates new Record # Semiconductors 24

mifare DESFire Memory Mapping 1 The mifare DESFire EEPROM area is allocated in blocks of 32 bytes. Blank Chip The blank chip in delivery state uses 4 blocks for Manufacturer data and Administration. Card Administration The card administration requires 1 block per 4 created applications. This memory is re-used after Delete Application. Semiconductors 25

mifare DESFire Memory Mapping 2 Application For each created application n blocks are required with: n = 1+ int keys ( + 1) 2 blocks number of keys number of blocks 0 1 1 2 2 2 3 3 4 3 5 4 6 4...... This memory cannot be re-used after Delete Application, but only after FormatPICC. Semiconductors 26

mifare DESFire Memory Mapping 3 File Administration Every 2 nd file entry uses 1 block, beginning with 2 nd generated file. number of files number of blocks 1 0 2 1 3 1 4 2 5 2 6 3 7 3...... This memory is re-used after Delete File. Semiconductors 27

mifare DESFire Memory Mapping 4 Data The data of a Standard Data File requires n blocks with: n = 1+ int filesize ( + 31) blocks 32 Standard Data File Backup Data File file size number of blocks number of blocks 1 1 2 2 1 2... 1 2 32 1 2 33 2 4 34 2 4... 2 4 64 2 4 65 3 6......... Semiconductors 28

mifare DESFire Memory Mapping 5 The data of a Backup Data File requires 2x n blocks The Value Data File requires 1 block, independent on value or limits. The Record File requires n blocks with: n = 1+ int recordsize number of records ( + 31) blocks 32 Semiconductors 29

mifare DESFire Transaction Time Command Sequence (typical transport transaction): Establish protocol according to to ISO ISO 14443-4 Application Application Selection Selection mutual mutual 3pass 3pass Authentication Authentication Read Read Standard Standard Data Data File File (( 48 48 bytes bytes 3DES 3DES MACed MACed )) Read Read Backup Backup Data Data File File (( 48 48 bytes bytes 3DES 3DES MACed MACed )) Read Read Value Value (( 12 12 bytes bytes 3DES 3DES MACed MACed )) Read Read Record Record File File (( 48 48 bytes bytes 3DES 3DES MACed MACed )) Write Write to to backup backup file file (( 48 48 bytes bytes 3DES 3DES MACed MACed )) Append Append record record to to record record file file (( 48 48 bytes bytes 3DES 3DES MACed MACed )) Modify Modify value value file file (( 12 12 bytes bytes 3DES 3DES MACed MACed )) CommitTransaction CommitTransaction Deselect according to to ISO ISO 14443-4 Transaction Time Time 3DES 3DES MACed for for Read Read 156 156 byte, byte, Write Write 108 108 byte byte (incl. (incl. Backup): @ 106 kbaud: <130ms* @ 212 kbaud: <110ms* @ 424 kbaud: <100ms* * Includes communication PCD - PICC, does NOT include reader data handling Semiconductors 30

DESFire Delivery Types Sawn Wafer on FFC MOA4 Contactless Module 150µm thickness MF3ICD4001DW/V5 330µm thickness MOA4: MF3MOD4001DV/4 Semiconductors 31

mifare DESFire Development Tools MF EV70x based on on the the Pegoda Reader, contains: USB USB Pegoda Reader (RD70x) Datasheets & Documents on on a CD CD 5 Mifare Cards PEGODA Reader + mifare DESFire Sample Cards MF DESFire UI UI (Demo-SW) Debug Client SW C-library (incl. Source Code) Sample Cards Semiconductors 32

mifare DESFire Facts Fully ISO 14443A compliant, up to part 4 Unique 7 byte serial number ISO cascade level 2 4 KByte EEPROM, 1ms erase, 1ms program Fast Data Transfer, up to 424 Kbit/s Mutual Three Pass Authentication DES/3DES Data Encryption on RF-channel Data Authenticity by 4 byte 3DES MAC Flexible File System Up to 28 Applications per card Up to 14 3DES keys per Application, with key versioning Up to 16 Files per Application Automatic backup mechanism for all available file types Semiconductors 33

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information