Forum › MIFARE SDK › Set keys and do authentication to DESFire using MIFARE advanced SDK › Reply To: Set keys and do authentication to DESFire using MIFARE advanced SDK
Hi,
the keys of the DESFire reflect the fact the applications on the card can be distributed.
For example, you are the card issuer and you have one app with files and the keys 0, 1 and 2. As card issuer you have set the master key 0 and the keys 1 and 2 for your application. The file access bytes uses 1 and 2 for the keys you have set.
Now you allow a service provide to use the card for a kiosk application to pay with credits on the card. The kiosk app uses an own app and contains several files. These files are protected with keys 3 and 4 (therefore the access bytes uses 3 and 4). You do not know these keys, because it is the management of the kiosk app operator. The kiosk operator does not know your keys and cannot manipulate the files in your app.
This is the concept of delegate service providers. The card issuer is able with the master key to set system settings which is not allowed for service providers.
The DESFire EV1 supports DES/TDES 56/112/168 bit and AES with 128 bit in hardware. If you use TDES you have to authenticate with
Kind regards,
The MIFARE Team
the keys of the DESFire reflect the fact the applications on the card can be distributed.
For example, you are the card issuer and you have one app with files and the keys 0, 1 and 2. As card issuer you have set the master key 0 and the keys 1 and 2 for your application. The file access bytes uses 1 and 2 for the keys you have set.
Now you allow a service provide to use the card for a kiosk application to pay with credits on the card. The kiosk app uses an own app and contains several files. These files are protected with keys 3 and 4 (therefore the access bytes uses 3 and 4). You do not know these keys, because it is the management of the kiosk app operator. The kiosk operator does not know your keys and cannot manipulate the files in your app.
This is the concept of delegate service providers. The card issuer is able with the master key to set system settings which is not allowed for service providers.
The DESFire EV1 supports DES/TDES 56/112/168 bit and AES with 128 bit in hardware. If you use TDES you have to authenticate with
AuthenticateAuthenticateAESKind regards,
The MIFARE Team
+ 0
|
- 0