| Author |
Message |
albert22
Joined: 20 Jul 2004
Posts: 94
Helped: 3
|
 22 Jan 2005 1:38 Hitag and Mifare encryption |
|
|
|
Hi,
Please. Do somebody have info. on the encryption algoritms used by this tags. I need specially the HITAG S.
I have tryied to contact Phillips but they didnt answered my emails.
thanks
|
|
| Back to top |
|
 |
The Svin
Joined: 05 Mar 2005
Posts: 37
Helped: 3
|
| 23 Dec 2005 17:12 Re: Hitag and Mifare encryption |
|
|
|
| AFAIK they whouldn't open the Hitag1 and Hitag2 encription algorithms, even under confedentional agreement.
|
|
| Back to top |
|
|
albert22
Joined: 20 Jul 2004
Posts: 94
Helped: 3
|
| 26 Dec 2005 13:14 Re: Hitag and Mifare encryption |
|
|
|
It seems that the only way to handle authentification in Hitag and Mifare is by using their chips. Although some guys offer encryption using just a PIC I guess that they are using their own algoritm to write the data but there is no auth on the card.
regards
|
|
| Back to top |
|
|
The Svin
Joined: 05 Mar 2005
Posts: 37
Helped: 3
|
| 26 Dec 2005 15:21 Hitag and Mifare encryption |
|
|
|
I found recently one doc that says:
"Because Mifare was designed originally for Electronic-Purse applications, a very high
level of security was essential to prevent fraud. Each transaction is started with a mutual
three pass authentication procedure according to the ISO 9798-2 standard. RF
communication is protected from replay attack and data communication between RWD
and card is encrypted according to the Philips triple-DES CRYPTO1 algorithm."
the doc is hxxp://www.ibtechnology.co.uk/MFprot.PDF"
If I got it right it means Mifare is just communication protocol, and crypto algo itself is Philips triple-DES CRYPTO1.
Anyway I'm not sure if I got it right.
|
|
| Back to top |
|
|
msw
Joined: 22 Jun 2007
Posts: 2
|
| 22 Jun 2007 21:24 Re: Hitag and Mifare encryption |
|
|
|
you guys are right.
the hitag 1 / 2 chips use a three pass mutual authentication.
but phillips will not publish the algorithm.
the protocol-datasheet states the following:
- onto the tag there are "logdata" and "password" (both 32 bit values) present in an secured area. the reader also knows this two values
- the logdata is a static key, used for the stream-cipher encryption
the encrypted session is established in the following way:
1.) tag generates a random number [A] and sends it to the reader
2.) reader generates a random number [B]
the value [A], which the reader got from the tag is encrypted together with [B]
the encryption is done with the "logdata", it is the encryption key
reader transmits these two encrypted values back to the tag
3.) tag decrypts [A] and [B] and compares if received [A] matches the original [A]
which it generated in step 1. if there is a match, the tag knows, that the reader
uses an legitimate key --> session established
4.) tag encrypts [B] and sends it to the reader --> reader compares this with the
original [B] -> if the values matches, reader knows, the tag is an legitimate
transponder
the connection is now encrypted.
the reader has to supply the correct "password" now, to read the secured
pages. due to the usage of random values while handshake, an reply attack is impossible.
the exact algorithm is not known.
i suggest with some reverse engineering it may be possible to find it out.
it even may be breakable, because the chip hardware cannot do very complex things (power considerations and so on, you know)
ok. thats what i know about it.
that stuff with [A] and [B] may not be fully correct, but its the general scheme.
i have to do some measurements to get more information.
if there is any information about the encryption, please post it.
i build a reader with an atmel avr device.
encryption could be implemented easily.
thank you.
|
|
| Back to top |
|
|
Ruptor
Joined: 02 Jan 2008
Posts: 1
|
|
| Back to top |
|
|
Marsel777
Joined: 07 Jan 2008
Posts: 5
|
| 07 Jan 2008 16:13 Re: Hitag and Mifare encryption |
|
|
|
This easy and simply!
|
|
| Back to top |
|
|
msw
Joined: 22 Jun 2007
Posts: 2
|
| 27 Jun 2008 17:23 Re: Hitag and Mifare encryption |
|
|
|
Very nice 
The Hitag1-Cipher should be alike...
|
|
| Back to top |
|
|
