>> RFID Knowledge >> About Mifare
About Mifare
The technology is embodied in both cards and readers (also referred to as a Proximity Coupling Device which is suitable to use).
The MIFARE name covers seven different kinds of contactless cards :
MIFARE Ultralight
low-cost ICs that employ the same protocol as MIFARE Classic, but without the security part and slightly different commands
MIFARE Ultralight C
the first low-cost ICs for limited-use applications that offer the benefits of an open 3DES cryptography
MIFARE Classic (Standard)
employ a proprietary high-level protocol instead of ISO/IEC 14443-4, with an NXP proprietary security protocol for authentication and ciphering.
MIFARE Plus
drop-in replacement for MIFARE Classic with certified security level (AES 128 based)
MIFARE DESFire EV1
are smartcards that comply to ISO/IEC 14443-4 with a mask-ROM operating system from NXP.
MIFARE Proximity, SmartMX
are NXP Semiconductors brand names for smartcards that comply to ISO/IEC 14443-4.
MIFARE DESFire EV1
MIFARE Classic (Standard)
The MIFARE Classic card is fundamentally just a memory storage device, where the memory is divided into segments and blocks with simple security mechanisms for access control. They are ASIC based and have limited computational power. Thanks to their reliability and low cost, those cards are widely used for electronic wallet, access control, corporate ID cards, transportation or stadium ticketing.
The MIFARE Classic 1K offers 1024 bytes of data storage, split into 16 sectors; each sector is protected by two different keys, called A and B. They can be programmed for operations like reading, writing, increasing value blocks, etc.). MIFARE Classic 4K offers 4096 bytes split into forty sectors, of which 32 are same size as in the 1K with eight more that are quadruple size sectors. MIFARE Classic mini offers 320 bytes split into five sectors. For each of these card types, 16 bytes per sector are reserved for the keys and access conditions and can not normally be used for user data. Also, the very first 16 bytes contain the serial number of the card and certain other manufacturer data and are read only. That brings the net storage capacity of these cards down to 752 bytes for Classic 1k, 3440 bytes for Classic 4k, and 224 bytes for Mini.
The simplicity of the basic cards means that they are inexpensive, which is largely the reason for their success in large-scale deployments, such as Oyster card.
The MIFARE Classic encryption Crypto-1 can be broken in about twelve seconds on a laptop, if approx. 50 bits of known (or chosen) key stream are available. This attack reveals the key from sniffed transactions under certain (common) circumstances and/or allows an attacker to learn the key by challenging the reader device.
The attack proposed in recovers the secret key in about 40ms on a laptop. This attack requires just one (partial) authentication attempt with a legitimate reader.
Additionally there are a number of attacks that work directly on a card and without the help of a valid reader device. These attacks have been acknowledged by NXP. In April 2009 new and better card-only attack on MiFare Classic has been found. It was first announced at the Rump session of Eurocrypt 2009. This attack will be presented in July 2009 at SECRYPT 2009 conference. The full description of this latest and fastest attack to date can also be found in the IACR preprint archive. The new attack improves by a factor of more than 10 all previous card-only attacks on MiFare Classic, has instant running time, and it does not require a costly precomputation. The new attack allows to recover the secret key of any sector of MiFare Classic card via wireless interaction, within about 300 queries to the card. It can then be combined with the nested authentication attack in the Nijmegen Oakland paper to recover subsequent keys almost instantly. Both attacks combined and with the right hardware equipment such as proxmark3, one should be able to clone any MIFARE Classic card in not more than 10 seconds. This is much faster than previously thought.
MIFARE Ultralight
The MIFARE Ultralight has only 512 bits of memory (i.e. 64 bytes), without cryptographic security. The memory is provided in 16 pages of 4 bytes.
This card is so inexpensive it is often used for disposable tickets such as the Football World Cup 2006.
MIFARE Ultralight C
Introduced at CarteS 2008, MIFARE Ultralight C is part NXP's low-cost MIFARE offering (disposable ticket). With 3DES, MIFARE Ultralight C uses a widely adopted standard, enabling easy integration in existing infrastructures. The integrated 3DES authentication provides an effective countermeasure against counterfeit of tickets (ticket cloning).
Key features:
- Fully ISO / IEC 14443 A 1-3 compliant (including Anti-collision)
- 1536 bits (192 bytes) EEPROM memory
- Protected data access via 3-pass 3DES authentication
- Memory structure as in MIFARE Ultralight (pages of 4 byte)
- Backwards compatibility to MIFARE Ultralight due to compatible command set
- 16 bit one-way counter
- Unique 7 bytes serial number (UID)
Key applications for MIFARE Ultralight C are Public Transportation, Event Ticketing, Loyalty and NFC Forum Tag Type 2.
MIFARE Proximity, SmartMX
MIFARE Proximity and SmartMX are microprocessor based cards. The hardware does nothing on its own, it has to be programmed with dedicated software - an operating system. Most of the time, the microprocessor is coupled to a co-processor dedicated to fast cryptographic computations (e.g., Triple DES, AES, RSA, etc.). These cards are capable of executing complex operations that are as secure and fast as operations on contact based cards. Both are, in fact, also available as a contact based card, or with multiple interfaces, and offer a high degree of flexibility. These cards are capable of supporting a range of both proprietary and open operating systems, including the Java CardTM operating system (JCOP).
Depending on the installed software, the card can be used for almost any kind of application. This kind of card is mostly used where a high level of security is required (e.g., secure travel documents, electronic passports, payment cards, etc.), and is certified by independent parties such as Common Criteria. The hardware of the SmartMX is Common Criteria certified at EAL5+ by the Bundesamt fur Sicherheit in der Informationstechnik, BSI, which means that it is highly resistant to tampering such as, for instance, reverse engineering attacks, fault/glitch attacks, or power analysis attacks. Each operating system on top of the hardware requires its own certification in order for the entire product to be certified.
MIFARE DESFire
The MIFARE DESFire is another NXP microprocessor platform, based on a similar core as MIFARE Proximity/SmartMX, with more hardware and software security features than the standard MIFARE Classic chips. It is sold already programmed with a general purpose software (the DESFire operating system) that offers a simple directory structure with files, similar to what is typically found on smart cards. DESFire cards are sold on four variants. One with Triple-DES only and 4Kbyte of storage and three with AES having storage capacity of 2, 4 and 8 KB (see DESFire EV1). The AES variants also have additional security features, i.e. CMAC. It is using a standards compliant (ISO/IEC 14443-4) protocol The card is based on a 8051 processor with 3DES and AES crypto accelerator, making really fast transactions possible.
The maximal read/write distance between card and reader is 10 cm (4 inches), but actual distance depends on the field power generated by the reader and its antenna size.
MIFARE DESFire EV1
(previously called DESFire8)
New evolution of DESFire card, broadly backwards compatible. Available with 2KB, 4 KB and 8KB NV-Memory. Other features include:
- Support for random ID
- Support for 128-bit AES
- Hardware and Operating System is Common Criteria certified at level EAL 4+
DESFire EV1 was publicly announced in November 2006.
MIFARE Plus
MIFARE Plus is a replacement card for the MIFARE Classic. It provides an easy upgrade of existing infrastructures toward high security. The applicative data management is identical to the MIFARE Classic, however the security management requires the modification of the installed reader base. Other features include:
- 2Kbytes or 4Kbytes of memory
- 7 or 4 bytes UID. Optional supporting random UID
- Support for 128-bit AES
- Common Criteria certified at level EAL 4+
- MIFARE Plus S for simple migration or MIFARE Plus X with many eXpert commands
- Security upgrade with cards in the field.
It differs from DESFire EV1 in not being as flexible as the latter.
MIFARE Plus has been publicly announced in March 2008 with availability of first samples in Q1 2009.
MIFARE Plus, when used in older transportation systems that do not yet support AES on the reader side, still leaves an open door to attacks. Though it helps to mitigate threats from attacks that broke the Crypto-1 cipher through the weak random number generator, it does not help against attacks that do not take into account the weak random number generator. Such attacks are the brute force attacks and cryptoanalytic attacks.
* Any question or inquiry about RFID card and RFID related products, please send email to info@oprfid.com, we will reply you within 24 hours, thanks |
