How to limit negative verification attemps with Ultralight EV 1

Forum / MIFARE SDK / How to limit negative verification attemps with Ultralight EV 1

  • 10. January 2017 at 19:48
    How can I limit the number of negative verification attempts of a Ultralight EV 1 tag using the Taplinx SDK?

    Regards.
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    11. January 2017 at 9:35
    Hi Francisco,

    There is no “failure counter” in TapLinx as I know. But I will ask the development team if negative attempts can be checked or limited.

    The TapLinx Team

    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    13. January 2017 at 15:36
    Perfect. Do you know when I will have an answer to the question?

    Regards.
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    13. January 2017 at 16:50
    Hi Francisco,

    I got the answer: there is no “failure counter” in TapLinx.

    For effective attack protection, this feature must be implemented in the tag, and not in movable software library. The MIFARE Ultralight C is not a high security product, so the Ultralight does not support such feature.

    If it is important for you, please have a look to our JCOP Smartcard products. Here you will find such features.

    The TapLinx Team
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    13. January 2017 at 16:55
    Sorry but that is an very inadequate answer. As clearly stated in the title I am asking for Ultralight EV 1, not Ultralight C.

    According to this document (http://www.nxp.com/documents/data_sheet/MF0ULX1.pdf), as stated in page 17, section 8.6.2; Ultralight EV 1 does in fact count with such feature. I just want to know if Taplinx SDK provides access to that feature in Ultralight EV 1.

    Am I missing something?

    Regards
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    16. January 2017 at 10:09
    Hi Francisco,

    Sorry, my mistake. Yes, the Ultralight EV1 has a protection mechanism for memory access. And it is not supported by TapLinx, as the development team replies.

    The TapLinx Team

    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    16. January 2017 at 14:10
    Thank you very much for your answer.
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    1. February 2017 at 15:36
    For anyone interested in this feature, after some trial and error I was able to write the corresponding bits in the tag with the following code:

    ultralightEV1.enablePasswordProtection(true, 0); // Must be called before writing the tries page since it overwrites the corresponding page, enablePasswordProtection will write 00000000 or 10000000 on the corresponding byte if provided with false and true respectively
    ultralightEV1.authenticatePwd(myKey);


    //Write the limit tries byte, must be done after enablePasswordProtection
    int indexNumTries = ultralightEV1.getTotalMemory() - 12; // Index of associated byte
    int pageTries = indexNumTries / 4; // Index of associated page
    byte[] dataPage = ultralightEV1.read(pageTries); // We read the associated page with the value written by enablePasswordProtection
    byte[] finalPage = new byte[4]; // We create the page to write since dataPage has 16 bytes as documented by taplinx
    System.arraycopy(dataPage, 0, finalPage, 0, 4);
    finalPage[0] = (byte)(dataPage[0]|0x07); // The least 3 significant bytes are the number of tries, we are setting a max of 7 invalid tries but any value from 0 to 7 is valid (note that 0 disables the protection)

    ultralightEV1.write(pageTries, finalPage); //Write the page


    Do note that any call to enablePasswordProtection will delete the bytes since it uses the most significative bit of the associated byte to signal if read is password protected and, instead of doing the proper byte operations with the current value of the page, the library will simply overwrite the byte value with 00000000 or 10000000, efectivelly disabling the tries protection.

    Hopefully this feature will be supported by taplinx in the future but in the meantime this works.
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    7. February 2017 at 14:02
    Hello Jorge,

    As feedback: I made a change request to the TapLinx development team to support the authenticate limit of the UltraLight EV1 also in TapLinx (the UltraLight EV1 defines a variable AUTH0). I got the response that the team has accepted the change request and implement a new method to set this limit.

    This new feature comes likely with the next release.

    Regards,
    The TapLinx team
    + 0  |  - 0

    Re: How to limit negative verification attemps with Ultralight EV 1

    7. February 2017 at 14:11
    Hi,

    that's great news for me. Thanks a lot.

    Regards
    + 0  |  - 0
Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.