Forum Stats

  • 3,752,119 Users
  • 2,250,461 Discussions
  • 7,867,732 Comments

Discussions

Mifare DESfire card Authentication!!!!!

843851
843851 Member Posts: 19,484
edited Jun 30, 2009 11:08AM in Java Card
Does the Philips Mifare DESfire card authentication (3 pass) follows the standard CBC DES\3DES
en-\decipher operations or are there some modifications.
Any idea of CBC DES "send mode" & "receive mode" as stated in the card spec.
«13

Comments

  • 843851
    843851 Member Posts: 19,484
    Look in "Mifare DES Fire Features and Hints V1.0". Chapter 2.3.3 contains the DES algorithms used by the DES Fire Card. If you use these algorithms an authentication will be possible.
    Be careful with the resultig session key. If you authenticate with a single DES the session key will also be a single DES. (Copy the first 8 Bytes into the following 8 Bytes)

    Good luck!
  • 843851
    843851 Member Posts: 19,484
    Thats Great Sir
    Thank you
    Thanks for the help
  • 843851
    843851 Member Posts: 19,484
    Important observation: it is not the usual CBC computation.

    The second block of data is XOR'd before the DES. (I was told it is 'inverted CBC' -- RSA's site says

    there are over 7 ways to do triple DES!). My CBC algorithms all XOR'd the data with previous block after

    the DES. The Philips documentation diagrams it correctly, but it's not obvious.

    So although your first block (rndA) will be correct (because ICV is 0's), your rndB' will not - and you get AE,

    authentication error.
  • 843851
    843851 Member Posts: 19,484
    Hi,can u please send me that 3DES decrypting algorithm for that 3-pass mutual Authentication.my mail id is [email protected]
  • 843851
    843851 Member Posts: 19,484
    edited Jun 20, 2008 12:51AM
    Hello
    I need help. I working with DesFire card.
    I want to authenticate a card. Specifics of desfire card says that master key of card is 0x00(16 Bytes).So it means i have to use DES for enciphering/deciphering.

    1-) Authenticate = > Send 0x0A(command) 0x00(KeyNo) Response => AF 91 79 BA 9A AE 1C 71 F2

    So RNDB which enciphered with masterkey is => 91 79 BA 9A AE 1C 71 F2

    2-)Then i deciphered RNDB(i used DES with init-vector 0x00(8 Bytes), master-key 0x00(8 Bytes)) so clear RNDB = > 0F 67 06 85 0E 2F A4 03

    3-) Then I rotated left RNDB. RNDB' = > 67 06 85 0E 2F A4 03 0F

    4-) I selected RNDA as 11 22 33 44 55 66 77 88

    5-) (RNDA + RNDB') = > 11 22 33 44 55 66 77 88 67 06 85 0E 2F A4 03 0F

    5-) I deciphered (RNDA + RNDB') value with using DES function mode CBC-1 and i obtained CD 72 DF C6 E6 D0 40 A4 63 15 30 22 6F 75 4F 8D

    6-)As a final i sent this last value with 0xAF => AF CD 72 DF C6 E6 D0 40 A4 63 15 30 22 6F 75 4F 8D
    and i got 0xAE that it means authenticate error.

    Can You check this values? I don't know where is the fault.

    Thanks very much for helping.
  • 843851
    843851 Member Posts: 19,484
    Hello all,

    Could you please help me with DESFire command set? I was not able to find any documents describing DESFire command set anywhere, If you have such document could you please let me know where I can get it.

    Thanks in advance
  • 843851
    843851 Member Posts: 19,484
    Hello.

    Write you e-mail. I will send for you DesFire card documents.
  • 843851
    843851 Member Posts: 19,484
    Hi can someone please send this document: "Mifare DES Fire Features and Hints V1.0". on email [email protected]
    Thanks
  • 843851
    843851 Member Posts: 19,484
    HI Can someone send me the "Mifare DES Fire Features and Hints V1.0". doc also to ftb06600 at gmail.com

    thanks
  • 843851
    843851 Member Posts: 19,484
    Hello All,

    Could you give me the Mifare DESFire document??? Thanks
    email: [email protected]
This discussion has been closed.