AN10975 MIFARE SAM AV2 Documentation and Sampling
Contents
1. 11 September 2013 6 of 14 COMPANY PUBLIC 198624 NXP Semiconductors AN10975 2 2 2 3 AN10975 Available SAM MIFARE SAM AV2 Documentation and Sampling Currently NXP s MIFARE SAM portfolio consists of three SAMs Some of their features and their differences between versions are listed in the following table Table 2 Different SAMs Features MIFARE SAM AV1 P5DF072EV2 TOPD4090 MIFARE SAM AV2 P5DF081 Communication Interface ISO IEC 7816 Class A B C T 1 up to 1 5 Mbps IC interface to MFRC52X and PN51X ISO IEC 7816 T 1 up to 1 5 Mbps Class A B I C interface to MFRC52X and PN51X Cryptographic Algorithms TDEA 112 bit and 168 bit key MIFARE Crypto1 AES 128 and AES 192 TDEA 112 bit and 168 bit key MIFARE Crypto1 AES 128 and AES 192 RSA up to 2048 bit key Public Key Infrastructure PKI Yes Hash function Yes SHA 1 SHA 224 and SHA 256 Supported Product s Cryptography MIFARE Classic MIFARE Ultralight C MIFARE DESFire MIFARE DESFire EV1 MIFARE Classic MIFARE Ultralight C MIFARE Plus MIFARE DESFire MIFARE DESFire EV1 Secure host communication Yes X functionalities Yes Yes MIFARE SAM AV2 Product Modes MIFARE SAM AV2 offers two different modes MIFARE SAM AV2 in AV1 mode and MIFARE SAM AV2 in AV2 mode Some of those features are explained in the following table All infor2. AN10975 NXP B V 2013 All rights reserved 5 of 14 All information provided in this document is subject to legal disclaimers Rev 2 4 11 September 2013 198624 Application note COMPANY PUBLIC NXP Semiconductors AN1 0975 MIFARE SAM AV2 Documentation and Sampling 2 MIFARE SAM AV2 Start up information 2 1 Introduction Secure Application Module SAM is a semiconductor where the cryptographic keys can be stored and used securely SAMs are available from NXP in the following formats e Contact only module PCM 1 1 as defined in ISO IEC 7816 2 figure a e HVQFN32 The samples of SAM are delivered for your evaluation in SIM card format ID 000 embedded in ID 1 size plastic card figure b A a b Fig 1 SAM contact module and SAM Card The interface of SAM is ISO IEC 7816 3 contact only interface It supports standard communication speed according to ISO IEC 7816 3 protocol T 1 and also very high speed up to 1 5 Mbps Although the SAMs can be seen as a contact smart card from the interface point of view the SAMs do not allow creating or storing user data file structure SAMs offer moreover crypto capabilities as secret keys can be stored in the SAM securely and can be used for cryptographic functions in a secure way AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note Rev 2 4
3. MIFARE is a trademark of NXP B V MIFARE Plus is a trademark of NXP B V MIFARE Ultralight is a trademark of NXP B V DESFire is a trademark of NXP B V NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 13 of 14 NXP Semiconductors AN10975 5 Contents MIFARE SAM AV2 Documentation and Sampling 1 1 SCOP E T 3 1 2 Abbreviations ccccccccceeeeseeseceeeteneeeeeeeeeenens 4 2 MIFARE SAM AV2 Start up information 6 2 1 Introduction soonnnnnseooonnnnnnnessnnnnnnnnssnnrnnreessnnnnrnenn 6 2 2 Available SAM iiciin deinsden oenn 7 2 3 MIFARE SAM AV2 Product Modes 55 7 2 3 1 Switching MIFARE SAM AV2 from AV1 to AV2 ModE ccccccccceesseececceeeceeesseceseeeeeaeeseceeeeeeeeanesss 8 2 4 SAM DiStinCtion ccccccceessssssssssssssssssssssseees 9 2 5 MIFARE SAM AV2 Product Support Package 10 2 6 MIFARE SAM AV2 samples ccesceeeeee 11 2 6 1 MIFARE SAM AV2 Application notes 11 3 FRETEFENCCS wiaicees P A E AE E EE 12 4 Legal information s s assssssnssnnnnunnnnnnnnnnnnnnnnnnnnnnn 13 4 1 DefiNitiONS ixciscce tect ce ecties Sd Aiea ccieetate 13 4 2 DISGCIAIM ENS das ccivecird ccd siasiccastcaisaniaanesuesandeseeaaness 13 4 3 Trademarks pisiseeni 13 5 CONMLCINS iii cies div diidiccacecedivcdiacancacucdiavatievevsieietanste 14 Please be aware that important notice
4. between host and MIFARE Host Communication SAM AV2 MIFARE SAM AV2 ss For MIFARE Plus 1825xx Standard functionalities for MIFARE Plus MIFARE SAM AV2 a f For MIFARE DESFire EV1 1826xx Standard functionalities for MIFARE DESFire EV1 MIFARE SAM AV2 For MIFARE Ultralight C 1827xx Standard functionalities for MIFARE Ultralight C MIFARE SAM AV2 1828xx Standard functionalities for MIFARE Classic 1KB and For MIFARE Classic MIFARE Classic 4KB MIFARE SAM ee 1829xx X functionalities X functionalities MIFARE SAM AV2 General purpose 1830xx How to use MIFARE SAM AV2 for general purpose standard cryptographic calculation These application notes are the supplementary documents to the MIFARE SAM AV2 application notes 3 References roduct functional specification 1 read functional specification before usin 1 P5DFO081 MIFARE SAM AV2 functional specification document number 1645xx 2 MIFARE discover user manual document number 1867xx 3 MIFARE SAM AV2 System Guidance Manual document number 1869xx AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 12 of 14 NXP Semiconductors AN10975 4 Legal information MIFARE SAM AV2 Documentation and Sampling 4 1 Definitions Draft The document is a draft version only The c
5. AN10975 MIFARE SAM AV2 Documentation and Sampling Rev 2 4 11 September 2013 Application note 198624 COMPANY PUBLIC Document information Info Content Keywords MIFARE SAM AV2 Secure Key Storage DES TDEA AES RSA Key Usage Counters Abstract This application note introduces MIFARE SAM AV2 and all documentation and samples NXP Semiconductors AN1 0975 MIFARE SAM AV2 Documentation and Sampling Revision history Rev Date Description 2 4 20130911 Section 2 5 MIFARE SAM AV2 Product Support Package and Section 2 6 MIFARE SAM AV2 samples updated 2 3 20111102 Table updated in Section 2 6 MIFARE SAM AV2 samples 2 2 20111010 Table updated in Section 2 6 MIFARE SAM AV2 samples 2 1 20110721 Ref 7 updated in Fig 2 2 0 20100915 BU ID document number changed no content change 1 0 20100901 Initial version Contact information For more information please visit http www nxp com For sales office addresses please send an email to salesaddresses nxp com AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note Rev 2 4 11 September 2013 2 of 14 COMPANY PUBLIC 198624 NXP Semiconductors AN1 0975 MIFARE SAM AV2 Documentation and Sampling 1 Introduction MIFARE SAMs Secure Application Module have been designed to provide the secure storage of cryptographic keys and cryptographic functions for the terminal
6. application notes for MIFARE SAM AV2 listed in the following table each of them are describing specific features Contact your NXP support engineer regarding the availability of the application notes Table 5 MIFARE SAM AV2 Application notes bd on D men Application note ecument Addressed features number MIFARE SAM AV2 1821 xx Introduction detection of SAM type starting with a Quick Start up Guide PC SC reader MIFARE SAM AV2 Communication interfaces logical channels s F 1822xx functional types architectures product modes Interface and architecture storage MIFARE SAM AV2 Key management and personalization of MIFARE 1823xx Key Management and SAM AV2 5 5 MIFARE SAM AV2 has two types of functionalities non X and X functions 6 6 MIFARE SAM AV2 offers two modes MIFARE SAM AV2 in AV1 mode and MIFARE SAM AV2 in Application note COMPANY PUBLIC AV2 mode All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Rev 2 4 11 September 2013 11 of 14 198624 NXP Semiconductors AN10975 MIFARE SAM AV2 Documentation and Sampling cryptography ae te Document Application note Addressed features number Personalization Symmetric Key 1653xx The CMAC based key diversification algorithm Diversification supported by MIFARE SAM AV2 MIFARE SAM AV2 1824xx Secure communication
7. est One needs to register at httos www docstore nxp com Please use latest Internet Explorer or browser After valid registration and NDA please request access to Reader ICs and it is possible to download them from this website 4 4 xx stands for the version number e g 165410 is version 1 0 of document 1654 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 10 of 14 NXP Semiconductors AN10975 MIFARE SAM AV2 Documentation and Sampling 2 6 MIFARE SAM AV2 samples 2 6 1 AN10975 For direct customers from NXP samples can be requested from the local NXP representative over our secure esample desk in Hamburg ID Name Delivery Type 9352 931 23118 P5DF081 X0 T1AD2060 PCM 9352 931 21118 P5DF081HN T1AD2060 HVQFN32 8222 640 90547 P5DF081X0 T1AD2060 CARD White Card 9352 968 33151 9352 968 41118 P5DF081HN T1AR1070 HVQFN32 P5DF081X0 T1AR1070 PCM 8222 640 90787 P5DF081X0 T1AR1070 CARD White card Advanide a preferred Channel partner of the NXP Identification can support this product commercially and technically for customers which do not buy direct from NXP MIFARE SAM AV2 Application notes Application notes have been published to explain the features of SAMs together with implementation hints and examples There is a set of
8. g the Nc field Le Length filed for coding the Ne field LFI Last Frame Indicator AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 4 of 14 NXP Semiconductors AN10975 MIFARE SAM AV2 Documentation and Sampling Abbreviation Meaning LRC Longitudinal Redundancy Check LRU Latest Recently Used LSB Lowest Significant Byte MAC Message Authentication Code MSB Most Significant Byte Nc Number of bytes in the command data field Ne Number of bytes expected in the response data field P1 Parameter 1 P2 Parameter 2 PCB Protocol Control Byte PCD Proximity Coupling Device reader writer unit PCM Product Contact Module PC SC Personal Computer Smart Card PICC Proximity Integrated Circuit Card POST Point of Service Terminal PPS Protocol and Parameter Selection R APDU Response APDU oome iNan gt Gauche c ruasson 4j45 0 af RATS Request for Answer To Select RFU Reserved for Future Use SAK Select AcKnowledge SAM Secure Application Module SET Setting SIM Subscriber Identification Module SW Status word TDEA Triple Data Encryption Algorithm UID Unique Dentification number X functions The functions offered by SAM in direct connection to RC52X or PN51X using 12C
9. mation provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 7 of 14 NXP Semiconductors AN10975 Table 3 MIFARE SAM AV2 Documentation and Sampling MIFARE SAM AV2 modes Feature MIFARE SAM AV2 in AV1 mode MIFARE SAM AV2 in AV2 mode PKI Host Authentication Host communication Not available Possible with all types of keys except MIFARE Crypto1 keys 3 pass mutual authentication Only CMACed in response or plain Available Allowed only with AES 128 or AES 192 key type 4 pass mutual authentication Configurable communication plain CMACed or encrypted in both directions Secure messaging Classification of symmetric Key entries Dumping Key Only CMAC in response if configured Not available Secret key and session key can be dumped in the same way Extended to bi directional CMAC and encryption mode together with command counter Host PICC Offline change and Offline Crypto key Secret key and session key are dumped using two different commands and restrictions based on key class type Possible to restrict the secret key dump while dumping diversified ones AV2 mode is more secure than AV1 mode it is strongly recommended to use MIFARE SAM AV2 in AV2 mode MIFARE SAM AV2 is delivered from NXP in AV1 mode 2 3 1 S
10. nd Sampling 2 5 MIFARE SAM AV2 Product Support Package AN10975 There are several HW SW and documents to support you for your MIFARE SAM AV2 application development known as Product Support Package PSP Short Ordering Nr hem Name Type Description Information ID 000 size Can be requested 1 inti SANANA Hardware embedded in ID 1 through NXP local p plastic card contact Can be requested 2 a Hardware Hardware Patel through NXP local contact Boards with Can be requested 3 Reference boards Hardware RC523 for through NXP local evaluation X mode contact Product specification MIFARE SAM AV2 Document nr 4 MIFARE SAM AV2 Document Datasheet 1645xx MIFARE SAM AV2 Guidance for 5 System Guidance Document secure MIFARE rf a DI Manual SAM AV2 usage i eect Features and hints Document nr 1821xx 6 Application notes Document application notes 1830xx A C library API 7 Te Reader Lib with source code Document nr 1717xx y in ANSI C A SW tool to 8 MIFARE discover Executable evaluate MIFARE pea e ne SAM AV2 9 MIFARE discover Document PE sy ARE Document nr user Manual usag 1867xx discover A full day training 10 Standard Customer Trainin and hands on Sante ate training g workshop for the Sea developers Fig 2 MIFARE SAM AV2 Product Support Package Documents Libraries and Executables are strictly confidential therefore valid NDA is needed prior to requ
11. nformation published in this document including without limitation specifications and product descriptions at any time and without notice This document supersedes and replaces all information supplied prior to the publication hereof Suitability for use NXP Semiconductors products are not designed authorized or warranted to be suitable for use in life support life critical or safety critical systems or equipment nor in applications where failure or malfunction of an NXP Semiconductors product can reasonably be expected to result in personal injury death or severe property or environmental damage NXP Semiconductors accepts no liability for inclusion and or use of NXP Semiconductors products in such equipment or applications and therefore such inclusion and or use is at the customer s own risk Applications Applications that are described herein for any of these products are for illustrative purposes only NXP Semiconductors makes no representation or warranty that such applications will be suitable for the specified use without further testing or modification Customers are responsible for the design and operation of their applications and products using NXP Semiconductors products and NXP Semiconductors accepts no liability for any assistance with applications or customer product design It is customer s sole responsibility to determine whether the NXP Semiconductors product is suitable and fit for the customer s applications and
12. ontent is still under internal review and subject to formal approval which may result in modifications or additions NXP Semiconductors does not give any representations or warranties as to the accuracy or completeness of information included herein and shall have no liability for the consequences of use of such information 4 2 Disclaimers Limited warranty and liability Information in this document is believed to be accurate and reliable However NXP Semiconductors does not give any representations or warranties expressed or implied as to the accuracy or completeness of such information and shall have no liability for the consequences of use of such information In no event shall NXP Semiconductors be liable for any indirect incidental punitive special or consequential damages including without limitation lost profits lost savings business interruption costs related to the removal or replacement of any products or rework charges whether or not such damages are based on tort including negligence warranty breach of contract or any other legal theory Notwithstanding any damages that customer might incur for any reason whatsoever NXP Semiconductors aggregate and cumulative liability towards customer for the products described herein shall be limited in accordance with the Terms and conditions of commercial sale of NXP Semiconductors Right to make changes NXP Semiconductors reserves the right to make changes to i
13. products planned as well as for the planned application and use of customer s third party customer s Customers should AN10975 All information provided in this document is subject to legal disclaimers provide appropriate design and operating safeguards to minimize the risks associated with their applications and products NXP Semiconductors does not accept any liability related to any default damage costs or problem which is based on any weakness or default in the customer s applications or products or the application or use by customer s third party customer s Customer is responsible for doing all necessary testing for the customer s applications and products using NXP Semiconductors products in order to avoid a default of the applications and the products or of the application or use by customer s third party customer s NXP does not accept any liability in this respect Export control This document as well as the item s described herein may be subject to export control regulations Export might require a prior authorization from competent authorities Evaluation products This product is provided on an as is and with all faults basis for evaluation purposes only NXP Semiconductors its affiliates and their suppliers expressly disclaim all warranties whether express implied or statutory including but not limited to the implied warranties of non infringement merchantability and fitness for a particular p
14. s concerning this document and the product s described herein have been included in the section Legal information NXP B V 2013 All rights reserved For more information visit http www nxp com For sales office addresses please send an email to salesaddresses nxp com Date of release 11 September 2013 198624 Document identifier AN10975
15. s to access the MIFARE products securely and to enable secure communication between terminals and host backend 1 1 Scope This application note presents the information on all the available support items for application development using MIFARE SAM AV2 1 1 MIFARE Ultralight C MIFARE Classic MIFARE Plus MIFARE DESFire MIFARE DESFire EV1 AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note Rev 2 4 11 September 2013 3 of 14 COMPANY PUBLIC 198624 NXP Semiconductors AN10975 MIFARE SAM AV2 Documentation and Sampling 1 2 Abbreviations These abbreviations are used in all the MIFARE SAM AV2 application notes Table 1 Abbreviations Abbreviation Meaning AID Application ID APDU Application Protocol Data Unit API Application Programming Interface ATR Answer To Reset ATS Answer To Select C APDU Command APDU CBC Cipher Block Chaining CEK Change Entry Key CID Card Dentifier CLA Class byte CMAC Cipher based MAC CRC Cyclic Redundancy Check DES Data Encryption Standard DF DESFire FID File ID FSCI Frame Size for proximity Card Integer GPRS General Packet Radio Service HSM Hardware Security Module HVQFN32 Heatsink Very thin Quad Flat pack No leads 32 pin INS Instruction byte IV Init Vector KST Key Storage Table KUC Key Usage Counters Le Length field for codin
16. urpose The entire risk as to the quality or arising out of the use or performance of this product remains with customer In no event shall NXP Semiconductors its affiliates or their suppliers be liable to customer for any special indirect consequential punitive or incidental damages including without limitation damages for loss of business business interruption loss of use loss of data or information and the like arising out the use of or inability to use the product whether or not based on tort including negligence strict liability breach of contract breach of warranty or any other theory even if advised of the possibility of such damages Notwithstanding any damages that customer might incur for any reason whatsoever including without limitation all damages referenced above and all direct or general damages the entire liability of NXP Semiconductors its affiliates and their suppliers and customer s exclusive remedy for all of the foregoing shall be limited to actual damages incurred by customer based on reasonable reliance up to the greater of the amount actually paid by customer for the product or five dollars US 5 00 The foregoing limitations exclusions and disclaimers shall apply to the maximum extent permitted by applicable law even if any remedy fails of its essential purpose 4 3 Trademarks Notice All referenced brands product names service names and trademarks are property of their respective owners
17. witching MIFARE SAM AV2 from AV1 to AV2 Mode SAM_LockUnlock command is used to switch MIFARE SAM AV2 from AV1 mode to AV2 mode SAM master key entry of type AES can be used for this switching The commands and sequences of switching a virgin MIFARE SAM AV2 to AV2 mode are explained in 1 AN10975 All information provided in this document is subject to legal disclaimers NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 8 of 14 NXP Semiconductors AN10975 AN10975 MIFARE SAM AV2 Documentation and Sampling 2 4 SAM Distinction The historical bytes of the SAM ATR tell the type of the product Table 4 Historical bytes of different SAM SAM Historical bytes Characters corresponding ASCII MIFARE SAM 6D696661 7265205341 4D00000000 MIFARE SAM MIFARE SAM AV1 44455346697265382053414D2D58 DESFire8 SAM X MIFARE SAM AV2 4D494641524520506C75732053414D MIFARE Plus SAM 2 3 2 Internal project name 3 Internal project name All information provided in this document is subject to legal disclaimers The response of the Get Version command gives all the detail information about the SAM see also 1 NXP B V 2013 All rights reserved Application note COMPANY PUBLIC Rev 2 4 11 September 2013 198624 9 of 14 NXP Semiconductors AN10975 MIFARE SAM AV2 Documentation a
Download Pdf Manuals
Related Search