Comparison between Mifare Classic and Mifare Plus S/X
Due to my personal reason, I need to dig deep into the specification of the three kinds of card for comparison.
1. Mifare Classic 1K
1) Memory Structure
16 sector, every sector contains 4 block: the first 3 block are value blocks, the last block is sector trailor where store the 4 block access condition, Key A and Key B.
2) Memory operation
3 Pass authentication with Key A and/or Key B is needed before any memory operation: read/write/transfer/increment, etc.
2) Security
Keys are fixed in their blocks.
In the 3 pass authentication, card generate a random number to reader, the reader calculate a response based on the key, random number and an additional input. Then together with the response, the reader generate a random number as challenge to the card, the card verifies the response, then also calculate the response and send to the reader. The reader verifies the response.
After the 3 pass authentication, the reader can access the memory location and operate the memory.
2. Mifare Plus S/X
Mifare Plus is an alternative of Mifare Desfire in case of required migration from Mifare Classic to Mifare Desfire. See the feature below for the architecture of a Mifare Plus card.
1) Memory Structure
The memory structure of Mifare Plus is no difference from Mifare Classic--fixed memory.
2) Memory Operation
A special feature of Mifare Plus is the Multi-sector authentication, and Multi-block read and write which provide a leap of communication speed-- Up to 848kbps!
Reading along, you will find that different level of security has different rule of memory operation!
3) Security
The significant difference lies on the security mechanism:
Mifare Plus as a card type offer three/four(Mifare Plus X) kind of security levels of operation.
If the card is configured as Level 1, it appear no different form Mifare Classic in normal usage: memory operation controlled by key A/B and access condition lies in between.
If the card is configured as Level 2, which is only available for Mifare Plus X, AES authentication is mandatory and that the CRYPTO1 keys are derived for each session using the results from the AES authentication, rather than being constant for a specific sector
If the card is configured as Level 3, the 3-Pass authentication before any memory operation is based on AES, after that, data manipulation commands is also secured by AES encryption based MACing method.
#edit on 2013-Dec-2
One more security level I am going to introduce to you, is security level 0.
Security level 0 is the initial delivery configuration of the Mifare Plus.
In this level, all you can do with the card is originality and update AES key. The Originality function is used to verify a card as the real the Mifare plus card. The later function is to first define the 4 essential key to any other operation, like switching to next level.
Having understand the aforementioned 4 security levels, you should find no difficulty understanding the following memory operation flow for the four SL chart.
More information about the 4 security levels of Mifare Plus:
http://tech.springcard.com/2011/mifare-plus-in-a-nutshell/
and of course specification from
http://www.mifare.net/en/products/mifare-smartcard-ic-s/mifare-plus/
Comparison of Mifare Desfire EV1 to be shared later.
Due to my personal reason, I need to dig deep into the specification of the three kinds of card for comparison.
1. Mifare Classic 1K
Mifare 1K card architecture
16 sector, every sector contains 4 block: the first 3 block are value blocks, the last block is sector trailor where store the 4 block access condition, Key A and Key B.
2) Memory operation
3 Pass authentication with Key A and/or Key B is needed before any memory operation: read/write/transfer/increment, etc.
2) Security
Keys are fixed in their blocks.
In the 3 pass authentication, card generate a random number to reader, the reader calculate a response based on the key, random number and an additional input. Then together with the response, the reader generate a random number as challenge to the card, the card verifies the response, then also calculate the response and send to the reader. The reader verifies the response.
After the 3 pass authentication, the reader can access the memory location and operate the memory.
2. Mifare Plus S/X
Mifare Plus is an alternative of Mifare Desfire in case of required migration from Mifare Classic to Mifare Desfire. See the feature below for the architecture of a Mifare Plus card.
1) Memory Structure
The memory structure of Mifare Plus is no difference from Mifare Classic--fixed memory.
2) Memory Operation
A special feature of Mifare Plus is the Multi-sector authentication, and Multi-block read and write which provide a leap of communication speed-- Up to 848kbps!
Reading along, you will find that different level of security has different rule of memory operation!
3) Security
The significant difference lies on the security mechanism:
Mifare Plus as a card type offer three/four(Mifare Plus X) kind of security levels of operation.
If the card is configured as Level 1, it appear no different form Mifare Classic in normal usage: memory operation controlled by key A/B and access condition lies in between.
If the card is configured as Level 2, which is only available for Mifare Plus X, AES authentication is mandatory and that the CRYPTO1 keys are derived for each session using the results from the AES authentication, rather than being constant for a specific sector
If the card is configured as Level 3, the 3-Pass authentication before any memory operation is based on AES, after that, data manipulation commands is also secured by AES encryption based MACing method.
#edit on 2013-Dec-2
One more security level I am going to introduce to you, is security level 0.
Security level 0 is the initial delivery configuration of the Mifare Plus.
In this level, all you can do with the card is originality and update AES key. The Originality function is used to verify a card as the real the Mifare plus card. The later function is to first define the 4 essential key to any other operation, like switching to next level.
Having understand the aforementioned 4 security levels, you should find no difficulty understanding the following memory operation flow for the four SL chart.
More information about the 4 security levels of Mifare Plus:
http://tech.springcard.com/2011/mifare-plus-in-a-nutshell/
and of course specification from
http://www.mifare.net/en/products/mifare-smartcard-ic-s/mifare-plus/
Comparison of Mifare Desfire EV1 to be shared later.
沒有留言:
張貼留言