mifare classic

MIFARE DESFIRE CARDS

MIFARE is the NXP Semiconductors-owned trademark of aseries of chips widely used in contactless smartcards and proximity cards.

MIFARE products are embodied in contactless and contact smartcards, smart paper tickets, wearables and phones.

The MIFARE brand name (derived from the term MIKRON FARECollection and created by the company MIKRON) covers four families ofcontactless cards:

MIFARE Classic 

Employs a proprietary protocol compliant to parts 1–3 of ISO/IEC14443 Type A, with an NXP proprietary security protocol forauthentication and ciphering. Subtype: MIFARE Classic EV1 (othersubtypes are no longer in use).

MIFARE Plus

Drop-in replacement for MIFARE Classic with certified securitylevel (AES-128 based) and is fully backwards compatible withMIFARE Classic. Subtypes MIFARE Plus S, MIFARE Plus X and MIFAREPlus SE.

MIFARE Ultralight 

Low-cost ICs that are useful for high volume applications such aspublic transport, loyalty cards and event ticketing. Subtypes:MIFARE Ultralight C, MIFARE Ultralight EV1 and MIFARE UltralightNano.

MIFARE DESFire

Contactless ICs that comply to parts 3 and 4 of ISO/IEC 14443-4 TypeA with a mask-ROM operating system from NXP. The DES inthe name refers to the use of a DES, two-key 3DES, three-key 3DESand AES encryption; while Fire is an acronym for Fast,innovative, reliable, and enhanced. Subtypes: MIFARE DESFire EV1,MIFARE DESFire EV2.

There is also the MIFARE SAM AV2 contact smart card. This can beused to handle the encryption in communicating with the contactlesscards. The SAM (Secure Access Module) provides the secure storageof cryptographic keys and cryptographic functions.

MIFAREDESFire family

The MIFARE DESFire (MF3ICD40) wasintroduced in 2002 and is based on a core similar to SmartMX,with more hardware and software security features than MIFAREClassic. It comes pre-programmed with the general purpose MIFAREDESFire operating system which offers a simple directory structureand files. They are sold in four variants: One with Triple-DES onlyand 4 kiB of storage, and three with AES (2, 4, or 8 kiB; see MIFAREDESFire EV1). The AES variants have additional security features;e.g., CMAC. MIFARE DESFire uses a protocol compliant withISO/IEC 14443-4.[9] The contactless IC is based on an 8051processor with 3DES/AES cryptographic accelerator, making veryfast transactions possible.

The maximal read/write distance between card and reader is 10centimetres (3.9 in), but actual distance depends on the fieldpower generated by the reader and its antenna size.

In 2010, NXPannounced the discontinuation of the MIFARE DESFire (MF3ICD40) afterit had introduced its successor MIFARE DESFire EV1 (MF3ICD41) in late2008. In October 2011 researchers of Ruhr UniversityBochum[10] announced that they had broken the security of MIFAREDESFire (MF3ICD40), which was acknowledged by NXP[11] (see MIFAREDESFire attacks).

MIFARE DESFireEV1

New evolution of MIFARE DESFirecontactless IC, broadly backwards compatible. Available with 2 kiB,4 kiB, and 8 kiB non-volatile memory. Other featuresinclude:[12]

• Support for random ID.

• Support for 128-bit AES

• Hardware and operating system are CommonCriteria certified at level EAL 4+

MIFARE DESFire EV1 was publicly announced in November2006.[citation needed]

Key applications:

• Advanced public transportation

• Access management

• Loyalty

• Micropayment

MIFARE DESFireEV2

The latest evolution of the MIFAREDESFire contactless IC family, broadly backwards compatible.[13] Newfeatures include:

• MIsmartApp enabling to offer or sell memory space foradditional applications of 3rd parties without the need to sharesecret keys

• Transaction MAC to authenticate transactions by 3rd parties

• Virtual Card Architecture for privacy protection

• Proximity check against relay attacks

MIFARE DESFire EV2 was publicly announced in March 2016 at theIT-TRANS event in Karlsruhe, Germany.