Forum › MIFARE general topics and applications › Picking the right key for DESFire EV2 cards when UIDs are unreliable/unavailable › Reply To: Picking the right key for DESFire EV2 cards when UIDs are unreliable/unavailable
Hi Mario,
This is a special configuration setting to set the UID to random in the anti-collision. In this case I would have a file with read permission 0x0E and communication mode “plain” (all other files should be protected with keys). This file can be read without authentication and give some hints about the key. In and of itself, knowing this data this is not a security problem, it is only a piece for subsequent method.
Usually, it is no practicable to manage a lot of keys in the reader terminal. I would prefer using diversified keys. There is a root key for all cards, but with a “unique diversification value” the authentication key is generated. The unique diversification value could be the data from the readable file and the authentication key is different for all cards.
The TapLinx team
This is a special configuration setting to set the UID to random in the anti-collision. In this case I would have a file with read permission 0x0E and communication mode “plain” (all other files should be protected with keys). This file can be read without authentication and give some hints about the key. In and of itself, knowing this data this is not a security problem, it is only a piece for subsequent method.
Usually, it is no practicable to manage a lot of keys in the reader terminal. I would prefer using diversified keys. There is a root key for all cards, but with a “unique diversification value” the authentication key is generated. The unique diversification value could be the data from the readable file and the authentication key is different for all cards.
The TapLinx team
+ 1
|
- 0