Reply To: KeyA and KeyB and how to protect the contacless card from cloning?

Forum MIFARE general topics and applications KeyA and KeyB and how to protect the contacless card from cloning? Reply To: KeyA and KeyB and how to protect the contacless card from cloning?

Re: KeyA and KeyB and how to protect the contacless card from cloning?

15. February 2016 at 17:06
Hi,

No, there are no two different “access rules”. The sector trailer is always the last block of a sector. For a MIFARE Classic 1K you have 16 sectors with 4 blocks for each sector. But for a MIFARE Classic 4K you have 32 sectors with 4 blocks for each sector and 8 sectors with 16 blocks!

You can arrange the data you want to save in any way. Each block has 16 bytes and if your data is binary data you can save 16 bytes in any block. If your data are ASCII characters, you can save 16 characters in each block. For example if My_data1 contains binary data if reserves 2 bytes and My_data2 8 bytes you can write it to one block. My_data2 contains non hex values, then you have to save it as ASCII characters in another block.

The pre-personalizing (the initializing of data on the card before you hand-over the card out to the end-user) could look like:
LoadKey( 1, FFFFFFFFFFFF )   // default key
LoadKey( 2, 1665FE2AE945 ) // your access key A
Authenticate( 4, 1 ) // authenticate to block 4 with key store 1 = default key
Write( 4, 58523376442200010000000000002153 ) // Write My_data1 and My_data3 to block 4
Write( 5, “es56fg87p4f2 ” ) // Write My_data2 to block 5 as ASCII bytes (with space chars at the end)
Write( 7, 1665FE2AE945XXXXXX003321FB75A356 ) // write to sector trailer the new keys
...
Authenticate( 4, 2 ) // authenticate to sector 1/block 4 with the new key A
Read( 4, ... ) // read the data back for verifying

Some remarks:
Most interfaces/drivers have a LoadKey() function to save the key for the authenticate method. This is was we do with the first two commands. The Authenticate() function refers to a key-store number instead of a key value.

Every Write() and Read() function read a complete 16-byte-block. In block 4 two variables are saved (with zero bytes in the middle). My_data2 is no binary data and must be saved as ASCII bytes.

The last command is the write to the sector trailer. With this write you overwrite the keys and the access bytes (marked as XXXXXX, please use a bit combination which is useful for you). You know the key otherwise you could not authenticate successfully. But if you want to operate again on block 4, you have to authenticate with the new key! Any access to sector 1 is possible from now on with the new keys in the sector trailer.

Now you can issue to card to the end-user.

I hope, it is clearer now, to personalize the MIFARE Classic.
The MIFARE Team
+ 0  |  - 0