How to guarantee the operation has been done to card

[C C]

Hi,


I'm using DESFire card. What I'm trying to do with one tap is as follow.

1 authenticate with the old picc master key
2 change picc master key
3 create applications
4 authenticate to the new application
5 create files

However, I encounter an embarrassing situation. Due to the instability of the tap, the operations are stopped after changing the picc master key (step 2). That means the picc key is changed but the application is not created. When I tap the card again, the process is started from step 1. The problem comes that the authentication cannot pass, because the picc master key is changed. This could obsess users when the app is released.

How to guarantee the intended operations within one tap? Is there any solution?

Thanks.

---

+ 1  |  - 1

[mifaresdk]

Hi,

first, you can create keys without applications. It is a good practice to use several keys for your purposes and let the master key (key number 0) only for administrative tasks. I recommend to create a key number 1 for the access permissions of your application.

When you want to create a new key, you should authenticate with the new key to proof, you are know the key before change it. This key is used to protect your application. At the end you should change the master key from default to a secret one you only know.

Kind regards,
The MIFARE TEam

---

+ 1  |  - 1

[C C]

Hi,

Thanks for replying.
I'm afraid I didn't express the question clearly.
My question is how to deal with the sudden connection lost. As I posted, I designed 5 operations in one tap. If the connection is lost, these operations cannot be done by tapping again, for example because the key is changed in first several steps in last tap.

Thanks.

---

+ 0  |  - 0

[mifaresdk]

Hi,

“connection lost” means the card was removed from the reader? This may occurs in the end users use case. But in this scenario you will never change a key!

Changing one of the keys is part of the personalization process in the issuer’s office. Here the card is properly connected until all tasks are done. When we exclude a “tear-down” issue (removing the card) then an error occurs at the change key operation. He it is useful to know the error number.

If the DESFire is connected and selected with the reader, a session starts, maybe encrypted with a session key. This session stay until an error occurs or the reader deselect the card. You cannot pick-up a previous and continue for security reasons.

Kind regards,
The MIFARE Team

---

+ 0  |  - 0

[C C]

Hi,

I think I got what you suggest. The master key should be changed at the issuer office, in which situation the card is assumed to be steady.
Thanks.

---

+ 0  |  - 0

[mifaresdk]

Hi,

yes exactly!

I do not see any use case to change a key in an end-user scenario.

Changing a key means to send the key itself between reader and the card. You do this only in your own (protected) environment but never in the field.

Kind regards,
The MIFARE Team

---

+ 0  |  - 0

[Author]

Posts