Forum › MIFARE general topics and applications › KeyA and KeyB and how to protect the contacless card from cloning? › Reply To: KeyA and KeyB and how to protect the contacless card from cloning?
Hi,
It is not required to authenticate to each block in a sector. You can imagine a sector as data container with three 16 bytes data variables and one access variable (the sector trailer). When you set the access conditions, you define the key assignment (which key should allow which access) for the three data blocks and the access condition block. Please have a look at the sample explanations in post:
What is MIFARE Classic 1K Access Bits means? How to calculate and use it?
With the successful authenticate to block 4 (sector 1) you have proven that you know the key and you can read or write (if the permissions allows that) to the data blocks. But there are two keys, so you are free to set the assess conditions e.g.: Key A or key B read a block and key B write a block (see table 8, page 14 of the data sheet – link above). In the case of only reading you use key A. But if you want to write you have to use key B and this means to authenticate with key B. To avoid authenticate twice, you find in the datasheet (table 8) for the reading access “key A or key B” and for the writing access “key B”.
In the case where the MIFARE Classic is only read or a value is decremented, you use key A and at the issuer terminal where data is changed or a value is incremented you use key B. To make the long story short: you can remove the authenticate(5,…) and authenticate(6,…) commands in your snippet (the "read for verifying" is not required, I used it only for demonstration).
I hope my explanation helps.
The MIFARE Team
It is not required to authenticate to each block in a sector. You can imagine a sector as data container with three 16 bytes data variables and one access variable (the sector trailer). When you set the access conditions, you define the key assignment (which key should allow which access) for the three data blocks and the access condition block. Please have a look at the sample explanations in post:
What is MIFARE Classic 1K Access Bits means? How to calculate and use it?
With the successful authenticate to block 4 (sector 1) you have proven that you know the key and you can read or write (if the permissions allows that) to the data blocks. But there are two keys, so you are free to set the assess conditions e.g.: Key A or key B read a block and key B write a block (see table 8, page 14 of the data sheet – link above). In the case of only reading you use key A. But if you want to write you have to use key B and this means to authenticate with key B. To avoid authenticate twice, you find in the datasheet (table 8) for the reading access “key A or key B” and for the writing access “key B”.
In the case where the MIFARE Classic is only read or a value is decremented, you use key A and at the issuer terminal where data is changed or a value is incremented you use key B. To make the long story short: you can remove the authenticate(5,…) and authenticate(6,…) commands in your snippet (the "read for verifying" is not required, I used it only for demonstration).
I hope my explanation helps.
The MIFARE Team
+ 0
|
- 0