Forum › MIFARE general topics and applications › Switch from DES to AES authentication › Reply To: Switch from DES to AES authentication
Hi Adnan,
Thanks for your reply.
I use AES mode. I've already change the PICC master key to use the AES mode, and I manage AES authentication and I think my change key command is good. I really don't understand what is wrong in my procedure. I send you all my logs for authentication and change key and I hope you could help me :
AES key : 00 … 00
Authentication with the PICC master key (00) and 0xAA command :
Ciphered RndB (received from the PICC) :
76 A4 40 10 FE A9 DE F6 42 CE CB 0B C7 9F 1C 5C
Deciphered RndB :
17 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB
RndB’:
26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
RndA (generated by the PCD):
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD
RndA and RndB’ concatenation :
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
Ciphered datas to send:
C3 95 0F 45 1D 25 84 D8 FB 3A 52 79 E7 D2 36 D3 F5 A6 65 79 7F D6 D2 57 24 03 97 F9 CE 26 BF 1D
Datas received from PICC with successful code :
4B 98 54 6C BC 27 99 7E B2 E0 58 AD 3A A8 5D EE
Session key : 82 F6 C3 29 17 26 6E C6 D8 37 5B CD 02 31 E6 FB
Authentication OK!
Change key :
New AES key = 01 … 01
CRC calculate over:
C4 80 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00
CRC value:
BC 71 57 FB
Datas to ciphered:
01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00 BC 71 57 FB 00 00 00 00 00 00 00 00 00 00 00
Ciphered datas:
8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Datas to send (without command byte):
80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Complete sent APDU buffer as input of the ScardTransmit method:
0 C4 00 00 21 80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C 00
PICC always return 0x911E
Note I work in PICC level and get key settings command returns 0x0F01
Samuel
Thanks for your reply.
I use AES mode. I've already change the PICC master key to use the AES mode, and I manage AES authentication and I think my change key command is good. I really don't understand what is wrong in my procedure. I send you all my logs for authentication and change key and I hope you could help me :
AES key : 00 … 00
Authentication with the PICC master key (00) and 0xAA command :
Ciphered RndB (received from the PICC) :
76 A4 40 10 FE A9 DE F6 42 CE CB 0B C7 9F 1C 5C
Deciphered RndB :
17 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB
RndB’:
26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
RndA (generated by the PCD):
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD
RndA and RndB’ concatenation :
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
Ciphered datas to send:
C3 95 0F 45 1D 25 84 D8 FB 3A 52 79 E7 D2 36 D3 F5 A6 65 79 7F D6 D2 57 24 03 97 F9 CE 26 BF 1D
Datas received from PICC with successful code :
4B 98 54 6C BC 27 99 7E B2 E0 58 AD 3A A8 5D EE
Session key : 82 F6 C3 29 17 26 6E C6 D8 37 5B CD 02 31 E6 FB
Authentication OK!
Change key :
New AES key = 01 … 01
CRC calculate over:
C4 80 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00
CRC value:
BC 71 57 FB
Datas to ciphered:
01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00 BC 71 57 FB 00 00 00 00 00 00 00 00 00 00 00
Ciphered datas:
8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Datas to send (without command byte):
80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Complete sent APDU buffer as input of the ScardTransmit method:
0 C4 00 00 21 80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C 00
PICC always return 0x911E
Note I work in PICC level and get key settings command returns 0x0F01
Samuel
+ 0
|
- 1