Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

Security Level 3 (SL3) Capabilities Slide 1 Security Level 3 (SL3) Capabilities Slide 2 Security Level 3 (SL3) Capabilities Slide 3 Security Level 3 (SL3) Capabilities Slide 4 Security Level 3 (SL3) Capabilities Slide 5 Security Level 3 (SL3) Capabilities Slide 6
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

0 Likes

Share

Download to read offline

Security Level 3 (SL3) Capabilities

Download to read offline

The Security Level (SL) concept of NXP’s MIFARE Plus EV2 IC allows for a step-by-step upgrade of the system’s security by switching only certain applications to a higher security level. The highest security level, SL3, offers support for AES-128 based secure messaging and thus helps to prove authenticity, confidentiality and integrity of transactions.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Security Level 3 (SL3) Capabilities

  1. 1. EXTERNAL NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V. A U G U S T 4 T H 2 0 2 0 Florian Mikulik Senior Product Support Engineer, NXP Security Level SL3 Capabilities A MIFARE Plus® EV2 KEY FEATURE VIDEO
  2. 2. 1EXTERNAL MIFARE Plus EV2 – SECURITY LEVEL 3 CAPABILITIES U P G R AD E Y O U R S Y S T EM S S E C U R I T Y Authenticity, Confidentiality and Integrity based on AES-128 Virtual Card Concept to be used in smartphone- based installations ISO7816 APDU format support • Security Level 3 offers support for AES-128 based secure messaging, to provide authenticity, confidentiality and integrity to every transaction • Once a MIFARE Plus EV2 product-based card is switched to SL3, it also offers support for the Virtual Card Architecture concept, which helps to manage a MIFARE Plus EV2 product-based card in a multi-application environment, designed for e.g. mobile phones performing contactless transactions, holding more than one “virtual card”  MIFARE Plus EV2 product-based card acts as a single “virtual card”, but supports necessary command infrastructure to be indistinguishable from a multi-VC mobile phone, maintaining privacy for card holder • In SL3, the MIFARE Plus EV2 supports ISO7816-4 compliant VC selection (ISOSelect), compliant with Java Card and GlobalPlatform standards
  3. 3. 2EXTERNAL MIFARE Plus EV2 – SECURITY LEVEL 3 CAPABILITIES S E C U RE M E S S AG I N G • Security Level switch is done through an AuthenticateFirst command targeting Block 9003h (SL3SwitchKey) • A switch to SL3 disables the use of CRYPTO-1 completely − Data and memory architecture of the card does not change at all – Block/Sector based memory model stays the same • Initial memory space for CRYPTO-1 keys can now be used as additional user memory (+11 byte per sector) − AES keys are stored outside the User Memory • Plain or encrypted data access can be defined per Block • Transaction management with session keys is possible via AuthenticateFirst and AuthenticateNonFirst • Several options for read commands − MAC on command − MAC on response − Data encrypted or plain • Several options for write/value commands − MAC on command − MAC on response − Data is always encrypted • Additional features (TMAC, Transaction Timer, multi-block read/write, VCA) can be used
  4. 4. 3EXTERNAL MIFARE Plus EV2 – SECURITY LEVEL 3 CAPABILITIES I S O / I E C 7 8 1 6 -4 V I R T U AL C AR D AR C H I T E C T UR E • MIFARE Plus EV2 supports ISOSelect and is complaint with Java Card and Global Platform mechanisms • Using MIFARE Plus EV2 in Security Level 3 and ISO/IEC 7816-4 wrapped communication frames supports mobile operations VC concept using ISO/IEC 7816-4 compliant selection method Enables smartphone support in infrastructures Transit Pass Transit Pass
  5. 5. 4EXTERNAL MORE INFORMATION ABOUT THE TRANSACTION TIMER FEATURE Item Number Availability Datasheet - MIFARE Plus EV2 DS5223 NXP DocStore (confidential) Application Note - MIFARE Plus EV2 Features and Hints AN5762 NXP DocStore (confidential) Application Note - MIFARE Plus EV2 personalization commands AN5763 NXP DocStore (confidential) Application Note - Card coil design notes for MIFARE Plus EV2 AN5759 NXP DocStore (confidential) Application Note - Comparison between MIFARE Plus EV2 and previous types AN5760 NXP DocStore (confidential) Application Note – Originality Signature Validation AN5764 NXP DocStore (confidential) RFID Discover Software SW1866 NXP DocStore (confidential) NXP Reader Library (Windows based) SW1717 NXP DocStore (confidential)
  6. 6. NXP, THE NXP LOGO AND NXP SECURE CONNECTIONS FOR A SMARTER WORLD ARE TRADEMARKS OF NXP B.V. ALL OTHER PRODUCT OR SERVICE NAMES ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS. © 2020 NXP B.V.

The Security Level (SL) concept of NXP’s MIFARE Plus EV2 IC allows for a step-by-step upgrade of the system’s security by switching only certain applications to a higher security level. The highest security level, SL3, offers support for AES-128 based secure messaging and thus helps to prove authenticity, confidentiality and integrity of transactions.

Views

Total views

262

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

12

Shares

0

Comments

0

Likes

0

×