Mifare Desfire Technology


Published on

1 Comment
  • The Mifare Classic RFID card is fundamentally just a memory storage device, where the memory is divided into segments and blocks with simple security mechanisms for access control. They are ASIC based and have limited computational power. Thanks to their reliability and low cost, these cards are widely used for electronic wallet, access control, corporate ID cards, transportation or stadium ticketing.
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Mifare Desfire Technology

  1. 1. Mifare Has 2 type Technology : • Mifare Sector/Block Card (Classic Mifare) • Mifare Desfire (File System, More secured, fast & reliable) with Crypto • DES (Data Encryption Standard ) • What is Crypto in Desfire Cards
  2. 2. The DESFire® platform is a memory technology like the Mifare Classic, but with enhanced file handling and security features. DESFire ® Platform Differences MF3IC40 MF3IC21–EV1 MF3IC41-EV1 MF3 IC D80 Memory Size 4k 2k 4k 8k Internal Use 256 bytes Free Space 4096 bytes 2272 bytes 4832 bytes 7936 bytes Max. Applications 28 28 28 28 Max. Files per Application 16 32 32 32 Crypto DES, TDES DES, TDES DES, TDES DES, TDES Life 10 Years 10 years 10 Years 10 years DESFire® AIDs DESFire® allows up to 32 applications on a card. Every application has a three byte Application Identifier (AID) by means of which it can be found and selected.
  3. 3. Cryptographic Security Implementation • Authenticity – implementation using challenge - response • Confidentiality – implementation using data encryption • Integrity – implementation using message signature • Non-repudiation – implementation using message signature
  4. 4. DES - Data Encryption Standard • symmetrical key algorithm • manipulate data in 8 bytes block • only known attack is exhaustive key search, 2 to the power of 56 computations • 2 million years for today’s PC @1ms per computation or a few hours with special designed hardware, parallel processing • security can be increased using triple DES
  5. 5. Symmetrical Algorithm • Symmetrical e.g. DES (or triple DES) – good for many-to-one and one-to-one security for e.g. bank customers , Personal Identification & Verification – simple key management (Public & Private) – Cannot achieve non-repudiation
  6. 6. DES plain text, P DES Z=DES(K,P) know K, P, can find Z easily know K,Z, can find P easily know P,Z, impossible to find key, K K except exhaustive search -1 ciphered text,Z P=DES(K,Z) -1 DES
  7. 7. DES / Triple DES  Single DES uses single length key (8 bytes), K(8)  3DES uses double length key (16 bytes), K(16) = KL(8) | KR(8) or KA(8) | KB(8)  If the left and right part are the same, 3DES reduces to single DES  Allows smooth migration from single DES to 3DES  Least significant bit of each byte not used
  8. 8. Triple DES 3-DES Encryption 3-DES Decryption Plain Text Cipher Text Left Key DES Left Key DES-1 Right key DES-1 Right key DES Left Key DES Left Key DES-1 Ciphered Text Plain Text Z=3DES(K,P) P=3DES-1 (K,Z)
  9. 9. MAC - Message Authentication Code Single DES message I.V. xor xor xor key DES DES DES K mac=MAC(Kmac,message)
  10. 10. MAC - Message Authentication Code Triple DES message I.V. xor xor xor key DES DES DES K -1 DES DES mac=3MAC(Kmac,message)
  11. 11. Hash a cryptographic function takes a variable length message returns a fixed length hash value also known as a Message Digest function examples MD5(128 bits), SHA(160 bits) analogous to a message finger print no key is involved usage - signature on message’s hash is as good as signature on the message
  12. 12. Public Key Algorithm each party gets a public key and a private (secret) key which is unique public key is published (free read access) private key is secret (known only to the party) public key is certified by a key certification body - key certificate the public key of the certification body is public read access
  13. 13. Encryption Using Public Key Algorithm  Check receiver public key certificate with CA public key  Check public key revocation list  Generate random 3DES key  Encrypt message using 3DES  Encrypt 3DES Key using other party public key  Append encrypted 3DES key with encrypted message Decryption Using Public Key Algorithm  Decrypt 3DES key using the private key  Use decrypted 3DES key to decrypt the message
  14. 14. Decryption Using Public Key Algorithm  Decrypt 3DES key using the private key  Use decrypted 3DES key to decrypt the message
  15. 15. Application • Advanced public transportation • High secure access control • Event ticketing • E-Government • Identity Verification without Central connectivity • E-Purse ( Canteen, Laundry & any payment) Available file types The files within an application can be any of the following types: • Standard data files • Backup data files • Value files with backup • Linear record files with backup • Cyclic record files with backup
  16. 16. Q&A THANKS Zahir B. Malik