Uploaded on

 

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,499
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
52
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Mifare cards presentation Yann ROBERT Technical expert 18-04-2011
  • 2. Introduction In Gemalto, Mifare products are called “Celego” Mifare 1 K => Celego Mifare 1K Mifare 4 K => Celego Mifare 4K Celego range describes generic contactless products dedicated to transport and access control Mifare 1K and 4K are compliant with ISO 14443-1, -2, -3 Type A (ISO 14443 -2) Unique and permanent serial number Anti-collision based on ISO 14443-3 Mutual authentication (ISO 9798-2) Encrypted data communication Security management sector per sector
  • 3. Introduction ISO 7816-1 7816 1 dimension Inductive power supply Proximity Transaction y (8 to 10cm) Antenna E²PROM memory PVC card body Security features Read / Write RF transmissions (encrypted)
  • 4. Introduction Specifications S ifi i ISO/IEC 14443-1 : Physical characteristics ISO/IEC 14443-2 : Radio frequency power and signal interface ISO/IEC 14443 3 : Initialisation and Anticollision 14443-3 Mifare 1K: • MF1S5009 - Mainstream contactless smart card - 27 July 2010 - NXP Mifare 4K: • MF1S7009 - Mainstream contactless smart card - 26 July 2010 - NXP Mifare 1K and 4K are NOT ISO14443-4 compliant
  • 5. Introduction Memory Mifare 1 K Mifare 4 KB Chip / Size Serial number Access condition Memory Organization Mifare 1 KB Authentication Data encryption Acces Keys A K Type of data Mifare Ultralight + SRIX512 Back-up mechanism Transaction time Paper ticket & Thin PET card Pure cless memory card Mifare 4 K Mifare 1 Kbytes NXP, Infineon Mifare 4 Kbytes NXP only RF INTERFACE 4 bytes SECURITY Yes Yes 16 sectors * 4 blocks 32 sectors * 4 blocks 8 sectors * 16 blocks Mutual, Mifare 3 passes Yes 2 keys per sector (6 bytes) k t b t ) APPLICATION Data Block Value Blocks: EPurse For value Blocks Low cost application < 100ms Security
  • 6. Introduction Bonding i B di wires Antenna te a Transparent PVC Micromodule White PVC Card body C db d ISO dimensions
  • 7. Introduction Reader to card Type A Data rate Modulation Bit coding 0 1 Card to reader : 106 kbit/s : 100% ASK : Modified Miller 0 0 1 Type A Subcarrier : f0/16 = 847 kHz Data rate : 106 kbit/s Subcarrier modulation : OOK Bit coding : Manchester 1 0
  • 8. Mifare mappings
  • 9. Mifare 1K Electrical Mapping Sector Block Block 0: Manufacturer information (UID,...) (UID ) 0 0 1 2 3 Security block 1 0 1 2 3 15 0 1 2 3 Data block 1 block 1 sector Mifare 1K = 16 bytes y = 64 bytes = 16 sectors = 1024 bytes = 1Kbytes A block, is the smallest addressable element AC are defined for each block
  • 10. Mifare 4K Electrical Mapping 31 32 39 0 1 2 3 0 .. 15 0 .. 15 8 sectors of 16 blocks o 0 0 1 2 3 32 sectors of 4 blocks s Sector Block Block 0: Manufacturer information (UID,...) (UID ) Data block y Security block 1 block = 16 bytes Sector 0 to 31 = 64 bytes for each sector Sector S t 32 t 39 = 256 b t f each sector to bytes for h t Mifare 4K = (32 x 64) + (8 x 256) = 2048 + 2048 = 4096 bytes = 4Kb 4Kbytes A block, is the smallest addressable element Sector t S t 0 to 31 : AC are d fi d f each bl k defined for h block Sector 32 to 39: AC are defined for 5 blocks
  • 11. Mifare Data Block Types Mifare data blocks exist in 2 formats: Transparent blocks Value blocks : data read or written are not interpreted by the card : special format and coding dedicated to purse functions (Increment / Decrement commands) Value format: Value: 4 bytes number in hexadecimal “V4 V3 V2 V1” loaded d t d in l d d and stored i reverse order i th bl k d in the block V1 V2 V3 V4 V1 V2 V3 V4 V1 V2 V3 V4 X X X X X : means complement of X = (X Xor FF) Example: Value = 12 34 56 78 78 56 34 12 87 A9 CB ED 78 56 34 12 FF 00 FF 00
  • 12. Mifare security Each sector is protected by a “Security Block” Each block in a sector has its own Access Conditions (“AC”) 00 01 02 03 04 05 06 07 08 09 Key A (6 bytes) Access Cond Cond. (3 bytes) Data (1 byte) 10 11 12 13 14 15 B Key B (6 bytes) Security Block format A Authentication with a sector can be done with key A or key B Proprietary symmetric algorithm To access a sector: authentication with Key A or Key B is mandatory a session key is created for the authenticated sector all communication b t ll i ti between th reader and a sector i ciphered with th session k the d d t is i h d ith the i key
  • 13. Mifare Manufacturer Code Block Block 0 sector 0 is called the “Manufacturer block”, the content : is written by the chip manufacturer (NXP Infineon) (NXP, can be read without authenticating with sector 0 can never be modified (write is not allowed) Mifare cards can be ordered with 4 or 7 bytes UID y 00 01 02 03 04 UID (4 bytes) LRC UID (7 bytes) 05 06 07 08 09 10 11 12 13 14 15 08 04 00 XX XX XX XX XX XX XX XX 08 04 00 XX XX XX XX XX XX UID : Unique IDentifier LRC: Longitudinal R d d LRC L it di l Redundancy Ch k on UID Check XX..XX: Chip manufacturer reserved areas Chip information: • 08 : SAK • 04 00 : ATQA
  • 14. Access conditions
  • 15. Mifare Access Conditions Access conditions are d fi d defined: A di i for each block : Mifare 1K and Mifare 4K sectors 0 to 31 for 5 blocks : Mifare 4K sectors 32 to 39 Access conditions f each bl k are stored i th sector A diti for h block t d in the t Security Block Access conditions f a data block (transparent or value) ( ) for for the Security Block itself Eight sets of access conditions are available for the four following commands Read / Write / Add / Subtract
  • 16. Mifare Data Block Access Conditions A.C. Set No. Add A.C. Set Selection Write AC2 AC1 AC0 Transfer a se Transfer Restore Read Subtract Restore A or B A or B 0 0 0 0 A or B 1 0 0 1 A or B never never 2 0 1 0 A or B never never never 3 0 1 1 B never never 4 1 0 0 B never never 5 1 0 1 never never never 6 1 1 0 B B 7 1 1 1 never never B A or B B A or B never A or B A or B A or B never
  • 17. Mifare Security Block Access Conditions y A.C. Set No. No A.C. Set Selection . AC2 AC1 AC0 Key A Read Write AC + B9 Read Write Key B Read Write 0 0 0 0 never A or B A or B never A or B A or B 1 0 0 1 never A or B A or B A or B A or B A or B 2 0 1 0 never never A or B never A or B never 3 0 1 1 never B A or B never B 4 1 0 0 never B A or B never never B 5 1 0 1 never never A or B never never 6 1 1 0 never never A or B never never never 7 1 1 1 never never A or B never never never B B
  • 18. Mifare Access Condition Storage 00 01 02 03 04 05 09 Key A (6 bytes) Security Block 06 07 08 Access Cond. (3 bytes) Data (1 byte) AC1 7 6 5 AC2 AC2 4 3 2 Byte 6 1 0 7 6 5 10 11 12 13 14 15 Key B (6 bytes) AC0 AC0 4 3 2 Byte 7 1 0 7 6 5 AC1 4 3 2 Byte 8 ACn: complemented value of AC (AC Xor FF) 1 0
  • 19. Access Conditions Definition example R Block 0 Block 1 Block 2 Transparent N Transparent A/B Value A/B W A N N B AC2 AC1 AC0 S N N N N B A/B AC n° 7 AC n° 2 n AC n° 6 Key A R W Block 3 Security AC + B9 R W Key B R W N A/B B N N N 1 0 1 1 1 1 1 0 0 AC2 AC1 AC0 AC n° 5 1 0 1
  • 20. Access Conditions Calculation AC2 AC1 AC0 Block 0 1 1 1 Block 1 0 1 0 Block 2 1 1 0 Block 3 1 0 1 1 1 0 1 0 1 1 1 1 0 0 1 7 6 3 7 4 5 4 AC2 2 1 0 AC1 6 5 AC0 Security Block Access Conditions: 1 0 0 0 0 0 1 0 1 1 0 1 0 1 1 7 1 7 6 5 4 3 2 Byte 6 0 Inversed 6 5 4 3 2 1 0 0 1 0 1 1 1 0 1 Byte 7 0 7 Inversed 6 5 4 3 2 1 Byte 8 Inversed AC1 AC2 AC2 AC0 AC0 AC1 0
  • 21. Mifare weaknesses
  • 22. Mifare weaknesses Mifare cryptography is proprietary and has been broken Key length is small (48 bits) algorithm is badly designed It is now possible to make Mifare 1K, 4K clone cards as oduced e ge e a o o a e cards called NXP has introduced a new generation of Mifare ca ds ca ed “MifarePlus”: AES-128 cryptography Certification AEL4+ ISO 14443 -1, -2, -3, -4 compliant
  • 23. Mifare emulation
  • 24. Mifare emulation on contactless JavaCards Infineon and NXP propose on some of their smart card chips to h t have Mifare 1K or 4K emulation Mif l ti Mifare zone Mifare Classic protocol EEPROM zone Contactless JavaCard with Mifare emulation ISO14443-4 (T CL) (T=CL) protocol Contactless reader
  • 25. Mifare emulation on contactless JavaCards An incompatibility problem may happen on the “ATS available ATS check” A card will supports ATS only if it is compliant with ISO14443-4 (T=CL). This is known when the card answers the SAK
  • 26. Mifare emulation on contactless JavaCards WUPA (0x52) ATQA (0x00 02) ANTICOLLISION ANTICOLLISION SEL: 0x93 NVB: 0x20 CARD ANSWER SELECT SELECT SEL: 0x93 NVB: 0x70 IUD: 0x12345678 BCC: 0x08 CRC_A: CRC A: A23C b8 x x x b7 x x x b6 x 1 0 b5 x x x b4 x x x b3 1 0 0 SELECT ACKNOLEDGE (SAK) Mifare Classic 4K IUD: 12345678 BCC 08 SAK SAK: 20 CRC_A: 70FC b2 x x x b1 x x x Meaning Cascade bit: IUD not complete IUD complete, card compliant with ISO14443-4 IUD complete, card NOT compliant with ISO14443-4 p , p Select AcKnowledge (SAK) coding Card type Mifare Classic 1K ANTICOLLISION Answer Mifare Classic SAK 0x08 (NXP) 0x88 (Infineon) 0x18 SAK values Mifare emulation SAK 0x28 0x38
  • 27. www.justaskgemalto.com