How MIFARE Uses Cookies

[C C]

Hi,

I'm quite new in contactless card, but I've understood both threads we discussed thanks to your elaborate explanation. Thank you very much.

---

+ 0  |  - 0

[C C]

Hi,

I see... I used to understand "clone cards" as one can clone all the user memory and manufacturer memory of a NXP card to a different non-NXP card or card emulator. So If I protect the data stored in DESFire card are properly by using master key and application key, I don't need to worry about the whole card, including the user memory and manufacturer memory, being cloned?

Thank you.
CC

---

+ 0  |  - 0

[C C]

The link to the paper is http://proxmark.nl/files/Documents/13.56%20MHz%20-%20MIFARE%20DESFire/Cloning_Cryptographic_RFID_Cards_for_25USD-WISSEC_2010.pdf

---

+ 0  |  - 0

[C C]

Hi,

Thank you very much for the elaborate explanation. It is a good advice to protect the credentials. I think DESFrie cards are with a lot of security features to protect the stored credentials.

I'm asking the question because I just read a research paper saying that it can clone DESFire card. The link is here . I'd like to know if the attack gets access to a DESFire card, which adopts both master key and application key properly, is it possible for the attacker to clone the whole card without cracking the master key or application key? By the whole card, I mean not only the memory for storing user data but also the memory for manufacturer, including the memory storing UID and keys.

---

+ 0  |  - 0

[C C]

Hi,

I got your idea. You are saying that the issuer should distribute reliable cards to end-users. I agree with that.
What confuses me is how can I know the card is the original one during the use. For example, a company issues the DESFire EV1 card as value cards, to customers. Customers can store value in the card. They can use the card value both in offline shops by tapping on a card reader and online shops by tapping to their Android phones. An application on Android is going to accept the payment by reading the card to deciding if the customer is really a registered customer and whether there is enough stored value in his card. In this scenario, the company can make sure that they issue the reliable DESFire cards to customers. However, on the application side, it also needs to make sure the card is not faked. If the card can be cloned and the app fails to detect the clone card, a cheater could abuse the card in online shops by tapping a clone card on his phone.
So I'm thinking, is it possible for an app to know the originality of the DESFire?
Thanks. Hope to here from you soon.

---

+ 0  |  - 0

[C C]

Hi,

It is really nice to know that a special release is possible. I've contacted you via your email. I'm not sure whether you have received my email, since I have not received any response yet. I use the same email address as I registered in this forum. I suspect my email address might be blocked...?

Hope to hear from you soon.
CC

---

+ 0  |  - 0

[C C]

Hi,

Thank you for replying.
Can I implement a component like "NXP Originality Checker Reader" in my own app on Android? I mean each time a user tap a registered card on the mobile phone, the app would know whether this card is the original nxp card or cloned card.

---

+ 0  |  - 0

[C C]

Hi,

The sample app can work. I'm building my own app according to the sample app. The difference is that my app is a system app on Android. The error below shows that NxpLogUtils is trying to access external storage. I'm wondering what it tries to log to external storage? It seems that a system app cannot write to external storage. Can I forbid it from logging to external storage? Thanks.

F/Environment( 732): Static storage paths aren't available from AID_SYSTEM
F/Environment( 732): java.lang.Throwable
F/Environment( 732): at android.os.Environment.throwIfSystem(Environment.java:637)
F/Environment( 732): at android.os.Environment.getExternalStorageDirectory(Environment.java:316)
F/Environment( 732): at com.nxp.nfclib.utils.NxpLogUtils.(:68)
F/Environment( 732): at com.nxp.nfclib.NxpNfcLib.registerActivity(:1408)
F/Environment( 732): at com.android.settings.CryptKeeper.initializeLib(CryptKeeper.java:631)
F/Environment( 732): at com.android.settings.CryptKeeper.onCreate(CryptKeeper.java:434)

---

+ 0  |  - 0

[C C]

Hi,

I've included the jar file into the project. It seems that some file names causing warnings.

Reading program jar [/home/chang/mako/out/target/common/obj/APPS/Settings_intermediates/classes.jar]
Warning: class [com/nxp/nfclib/plus/╦К.class] unexpectedly contains class [com.nxp.nfclib.plus.ˊ]
Warning: class [com/nxp/nfclib/╦К$2.class] unexpectedly contains class [com.nxp.nfclib.ˊ$2]
Warning: class [com/nxp/nfclib/╦К$1.class] unexpectedly contains class [com.nxp.nfclib.ˊ$1]
Warning: class [com/nxp/nfclib/╦К$if$1.class] unexpectedly contains class [com.nxp.nfclib.ˊ$if$1]
Warning: class [com/nxp/nfclib/desfire/╦Л$1.class] unexpectedly contains class [com.nxp.nfclib.desfire.ˋ$1]
Warning: class [com/nxp/nfclib/desfire/DESFireFile$╦К.class] unexpectedly contains class [com.nxp.nfclib.desfire.DESFireFile$ˊ]
Warning: class [com/nxp/nfclib/desfire/╦О.class] unexpectedly contains class [com.nxp.nfclib.desfire.?]
Warning: class [com/nxp/nfclib/desfire/╦Л.class] unexpectedly contains class [com.nxp.nfclib.desfire.ˋ]
Warning: class [com/nxp/nfclib/desfire/╦К.class] unexpectedly contains class [com.nxp.nfclib.desfire.ˊ]
Warning: class [com/nxp/nfclib/ndef/Uri$╦П.class] unexpectedly contains class [com.nxp.nfclib.ndef.Uri$?]
Warning: class [com/nxp/nfclib/ndef/Uri$╦Л.class] unexpectedly contains class [com.nxp.nfclib.ndef.Uri$ˋ]
Warning: class [com/nxp/nfclib/ndef/Uri$╦О.class] unexpectedly contains class [com.nxp.nfclib.ndef.Uri$?]
Warning: class [com/nxp/nfclib/ndef/Uri$╦К.class] unexpectedly contains class [com.nxp.nfclib.ndef.Uri$ˊ]
Warning: class [com/nxp/nfclib/icode/╩╗.class] unexpectedly contains class [com.nxp.nfclib.icode.?]
Warning: class [com/nxp/nfclib/icode/╩╝.class] unexpectedly contains class [com.nxp.nfclib.icode.?]
Warning: class [com/nxp/nfclib/icode/╦П.class] unexpectedly contains class [com.nxp.nfclib.icode.?]
Warning: class [com/nxp/nfclib/icode/╦О.class] unexpectedly contains class [com.nxp.nfclib.icode.?]
Warning: class [com/nxp/nfclib/icode/сРЭ.class] unexpectedly contains class [com.nxp.nfclib.icode.?]
Warning: class [com/nxp/nfclib/icode/╦Л.class] unexpectedly contains class [com.nxp.nfclib.icode.ˋ]
Warning: class [com/nxp/nfclib/icode/╦К.class] unexpectedly contains class [com.nxp.nfclib.icode.ˊ]
Warning: class [com/nxp/nfclib/keystore/hardware/╦Л$if.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˋ$if]
Warning: class [com/nxp/nfclib/keystore/hardware/╦Л$1.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˋ$1]
Warning: class [com/nxp/nfclib/keystore/hardware/╦Л$If.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˋ$If]
Warning: class [com/nxp/nfclib/keystore/hardware/╦О.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.?]
Warning: class [com/nxp/nfclib/keystore/hardware/╦Л$╦К.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˋ$ˊ]
Warning: class [com/nxp/nfclib/keystore/hardware/╦Л.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˋ]
Warning: class [com/nxp/nfclib/keystore/hardware/╦К.class] unexpectedly contains class [com.nxp.nfclib.keystore.hardware.ˊ]
Warning: class [com/nxp/nfclib/╦К$if.class] unexpectedly contains class [com.nxp.nfclib.ˊ$if]
Warning: class [com/nxp/nfclib/ntag/╦К.class] unexpectedly contains class [com.nxp.nfclib.ntag.ˊ]
Warning: class [com/nxp/nfclib/╦К.class] unexpectedly contains class [com.nxp.nfclib.ˊ]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/bouncycastle_intermediates/classes.jar]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/core_intermediates/classes.jar]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/core-junit_intermediates/classes.jar]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/ext_intermediates/classes.jar]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/framework_intermediates/classes.jar]
Reading library jar [/home/chang/mako/out/target/common/obj/JAVA_LIBRARIES/telephony-common_intermediates/classes.jar]
Warning: there were 30 classes in incorrectly named files.
You should make sure all file names correspond to their class names.
The directory hierarchies must correspond to the package hierarchies.
If you don't mind the mentioned classes not being written out,
you could try your luck using the '-ignorewarnings' option.
Error: Please correct the above warnings first.

---

+ 0  |  - 0

[C C]

Hi,

I think I got what you suggest. The master key should be changed at the issuer office, in which situation the card is assumed to be steady.
Thanks.

---

+ 0  |  - 0

[C C]

Hi,

Thanks for replying.
I'm afraid I didn't express the question clearly.
My question is how to deal with the sudden connection lost. As I posted, I designed 5 operations in one tap. If the connection is lost, these operations cannot be done by tapping again, for example because the key is changed in first several steps in last tap.

Thanks.

---

+ 0  |  - 0

[C C]

Hi Kevin,

SDK works fine with Android 6.0 on Nexus 6.

---

+ 0  |  - 0

[C C]

Hi,

Thanks. The example is very helpful.
So, the maximal number of keys for each application is 14. I can assign at most 14 different keys for each application to cardkeyNo (0-13) in the ChangeKey after I select the application?

changeKey(int cardkeyNo , int oldKeyNo, byte oldKeyVersion, int newKeyNumber, byte newKeyVersion, DESFireEV1.KeyType type, byte oldkeydivOption, byte newkeydivOption, byte[] divInput)

Before each access (read, write, ...), a new authentication with the corresponding key is needed, right?

---

+ 0  |  - 0

[C C]

Hi,

Thanks for replying. I still have several questions...

1. So, DESFire can only support AES 128 if I wanna to use AES algorithm?
2. If I understand correctly, the key version is not related to parity byte said in the functional specification. It is just used for control the version of each key.
3. Another question is, does application has a concept of master key? Is the key numbered 0 reserved for application master key? That is to say, if I createApplication() and specify the number of keys to be 1, does it mean there's only one key (the 0 key - master key) for this application?


Thanks~

---

+ 0  |  - 0

[C C]

Here's my progress on these questions... Correct me if I am wrong..

In Q2 and Q3, about setting the master key for application and picc.

Select the application or picc, then authenticate using the default key and mode. That is,
objDESFireEV1.authenticate(DESFireEV1.AuthType.Native, 0, (byte) 0, 0, (byte) 0, null);
Then call changeKey(). it is to change one of the card key, for master key of picc and application, the card key no should be 0.
So change the key in card key no = 0 to any other key in key store.
Next time when authenticating, use the keyno in keystore I set, and the card key no 0, to pass an authentication.

I can use this process conduct a successful authentication.

Other questions still need solving. Help is needed....

Btw, why every time I need to upload a file to get the reply published.... Is it because I have to many questions...?

---

+ 0  |  - 1

[Author]

Posts