AN12696 MIFARE SAM AV3 - For MIFARE DESFire Rev. 1.3 — 14 July 2020 Application note 521513 COMPANY PUBLIC Document information Information Content Keywords MIFARE SAM AV3, MF4SAM3, TDEA, AES, RSA, MIFARE DESFire EV2, MIFARE DESFire EV3 Abstract This application note presents some examples of using MIFARE SAM AV3 for MIFARE DESFire in S-mode.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
AN12696MIFARE SAM AV3 - For MIFARE DESFireRev. 1.3 — 14 July 2020 Application note521513 COMPANY PUBLIC
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 3 / 34
1 Introduction
MIFARE SAMs (Secure Application Module) have been designed to provide the securestorage of cryptographic keys and cryptographic functions for the terminals to access theMIFARE products1 securely and to enable secure communication between terminals andhost (backend).
1.1 ScopeThis application note presents examples of using MIFARE SAM AV3 (referred to SAMin this document, if not otherwise mentioned) for MIFARE DESFire EV3 and previousversions. In this document, the SAM is used in S-mode (X interface is described in docnr. 5219xx). There is a set of application note for MIFARE SAM AV3; each of them isaddressing specific features. The list of application note is given in [4].
This application note is a supplement document for application development usingMIFARE SAM AV3. Should there be any confusion please check MIFARE SAM AV3 datasheet [1]. Best use of this application note will be achieved by reading this specification[1] in advance.
Note: This application note does not replace any of the relevant data sheets,application notes or design guides.
In this document, the term „MIFARE DESFire card“ refers to a MIFARE DESFire IC-based contactless card.
All examples in this document are relevant for all MIFARE DESFire EV3, MIFAREDESFire EV2 and MIFARE DESFire EV1 products, if not explicitly stated otherwise!
1.2 AbbreviationRefer to Application note “MIFARE SAM AV3 – Quick Start up Guide” [4].
1.3 Examples presented in this documentThe following symbols have been used to mention the operations in the examples:
= Preparation of data by SAM, PICC or host.
> Data sent by the host to SAM or PICC (if not mentioned, SAM).
< Data Response from SAM or PICC (if not mentioned, SAM).
C-APDU:
CLA INS P1 P2 Lc Data (nc) Le
R-APDU:
Response data SW1 SW2
Please note, that the numerical data are used solely as examples. They appear inthe text in order to clarify the commands and command data.
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 4 / 34
Any data, values, cryptograms are expressed as hex string format if not otherwisementioned, e.g., 0x563412 in hex string format represented as “123456”. Byte [0] = 0x12,Byte [1] = 0x34, Byte [2] = 0x56.
1.4 S interfaceThe host is managing the communication to SAM and MIFARE DESFire EV2.
Figure 1. Architecture in non-X interface
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 5 / 34
2 Using MIFARE SAM AV3 for MIFARE DESFire
MIFARE SAM AV3 can be used to perform all the crypto and security features offeredby MIFARE DESFire EV3, MIFARE DESFire EV2 and MIFARE DESFire EV1. If nototherwise stated, the examples are valid for all MIFARE DESFire versions.
2.1 Downloading the MIFARE DESFire keys to SAM from HostDownloading of different keys is explained in [5]. The SAM key entry settings are differentfor different types of crypto used in MIFARE DESFire. The incorrect setting will result toauthentication error. In the following table different options are shown:
Table 1. SAM Key Entry setting for different MIFARE DESFire KeysSAM Key entrysetting
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 8 / 34
If the reference is to be made to the DESFire key number in step 3, Key selection byDESFire key number has to be chosen in P1. In case the DESFire Application (DF_AID= AE0102) has to be selected in SAM using SAM_SelectApplication before step 1. TheData field will then contain the DESFire key number (03) (see the next example) hereinstead of SAM key entry number 01.
2.2.2 MIFARE DESFire Authentication, key type AES-128 (diversified key)
This example applies for all MIFARE DESFire types that support EV1 securemessaging (MIFARE DESFire EV1 and above)
In this example key entry number 3 will be used, which has the following attributes
Key Version A = 01
Key Version B = 02
Key Version C = 03
DF_AID = AE0102
DF_KeyNo = 03
KeyNoCEK = 00
KeyVCEK = 00
RefNoKUC = FF
SET = 2400
DO NOT allow dump Session key
DO NOT allow crypto with secret key
Keep IV
Key type: AES 128
ExtSET = 01 (Diversification is not mandatory).
In this example, we use the Key Version “01” for authentication. The reference is to theDESFire key number instead of SAM key entry number.
P1 = 03; key diversification,key selection is by DESFire keynumber. Data field is DESFirekey number, version number,Ek(RndB received in step2) and diversification input(8804084561801D808804084561801D80).
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 11 / 34
Key type: AES 128
ExtSET = 01 (Diversification is not mandatory).
In this example, we use the Key Entry “06” and KeyVersion "01" for authentication. Thereference is to the SAM key entry number instead of DESFire key number.
P1 = 80; EVx authenticationType, AuthenticateFirst, no keydiversification, key selection is bykey entry number. Data field isSAM key entry number, versionnumber and Ek(RndB received instep 2).
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 12 / 34
1. Encipher the data to be written using SAM.2. Send the encrypted data to DESFire.3. Verify CMAC returned by DESFire using SAM. For DESFire Native 3DES mode, this step is
not required.Figure 3. Encrypted write data file using SAM
2.3.1 Encrypted Write to Data file using SAM, 3KTDES mode
DESFire application is authenticated using 3KTDES mode.
File Id = 01;
Offset where to write = 000000;
No of bytes to write = 0B0000 ;( 11 byte to write).
Data = 0102030405060708091011.
File communication type = Encrypted.
Table 6. Write data file encrypted using SAM, 3KTDES modestep Indication Data / Message Comment
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 16 / 34
2.7 Changing MIFARE DESFire Key using MIFARE SAM AV3MIFARE SAM AV3 supports the functionality of changing all keys in the MIFAREDESFire, card master key (key number 0 at card level) and application keys (keynumber 0 up to 13 in applications). Before changing the key, MIFARE DESFire card orapplication must be authenticated using the correct key using SAM.
2.7.1 Changing DESFire Card Master Key TDES native to AES
In this example, MIFARE DESFire EV2 card crypto type and key are changed to AESmode from DESFire native mode.
The old key is DESFire native key SET = “0000”, ExtSET = “01”
The new key is AES 128 key SET = “2400”, ExtSET = “01”
Table 10. SAM_ChangeKeyPICC for changing card master keystep Indication Data / Message Comment
Authentication using SAM with a key entry of DESFire native type and PICC class.
1SAM_ChangeKeyPICCC-APDU to SAM
> 80C40110040200030000
MIFARE DESFire current PICC master key= SAM key entry nr. 02 and version 00.MIFARE DESFire new PICC = SAM keyentry nr. 02 and version 00.b0 of P1 is set as it is case 2, see detail in[9], b4 of P2 is set as the card master key ischanged.
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 17 / 34
step Indication Data / Message Comment
1SAM_ChangeKeyPICCC-APDU to SAM
> 80C40110040300030100
MIFARE DESFire current PICC master key= SAM key entry nr. 03 and version 00.MIFARE DESFire new PICC = SAM keyentry nr. 03 and version 01.b0 of P1 is set as it is case 2, see detail in[9], b4 of P2 is set as the card master key ischanged.
MIFARE DESFire application keys can be changed using MIFARE SAM AV3. In thefollowing, one example is shown.
The current key is AES 128 key SET = “2400”, ExtSET = “01”
The new key is AES 128 key SET = “2400”, ExtSET = “01”
Application is authenticated using application change-key key using SAM.
Table 12. Change application key number 1 using SAMstep Indication Data / Message Comment
1SAM_ChangeKeyPICCC-APDU to SAM
> 80C422000B03000301041D7461801D8000
P1 = 22; Application key case 1see detail in [9]. New key will bediversified using CMAC-based keydiversification.DivInp = 041D7461801D80 (7-byteUID of MIFARE DESFire).P2 = 0x01; key number 0x01 will bechanged.
MIFARE DESFire application keys can be changed using MIFARE SAM AV3. In thefollowing, one example is shown.
The current key is AES 128 key SET = “2400”, ExtSET = “01”
The new key is AES 128 key SET = “2400”, ExtSET = “01”
Application is authenticated using application master key (key nr. 0) using SAM.
Table 13. Change application master key using SAMstep Indication Data / Message Comment
1SAM_ChangeKeyPICCC-APDU to SAM
> 80C423000B03000301041D7461801D8000
P1 = 23; case 2, see detail in [9].New will be diversified using theCMAC-based key diversification.DivInp = 041D7461801D80 (7-byteUID of MIFARE DESFire).P2 = 0x00; key number 0x00 will bechanged.
4 Response ofDESFire card < 00 Status “00” and CMAC.
2.8 Full Transaction example using EV2 Secure MessagingFollowing is an example of a full transaction using EV2 Secure Messaging,demonstrating the use of SAM_Apply_SM / SAM_Remove_SM commands. Thetransaction looks like the following:
The example assumes to have a card with an application containing a StdDataFile, aRecordFile and a ValueFile. Key number 0x01 is used for read access to those files, key
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 19 / 34
number 0x02 is used for writing. CardKey number 0x00(Application Master Key) is notused in this example.
The KeyEntry used in SAM AV3 is number 0x02, which is configured as a PICC Key. Theplain key values are
• AA000000000000000000000000000000, version 0x00• AA333333333333333333333333333333, version 0x01• AA666666666666666666666666666666, version 0x02
The key versions represent the corresponding MIFARE DESFire card key number. Noother special setting is needed for this key entry.
2.8.1 AuthenticateFirst with CardKey 0x01
This example shows the second authentication with CardKey Number 0x01 is used,which corresponds to SAM AV3 KeyEntry 0x02 Version 0x01. Still, AuthenticateFirstcommand is used.
Table 14. Examplestep Indication Data / Message Comment
SAM_AuthenticatePICC, P1 =0x80 (EVx authentication, no keydiversification), P2 = 0x00, data fieldconsists of key number, key version,AuthMode (EV2) and the 16 bytechallenge
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 20 / 34
2.8.2 Read data file
After a successful authentication, the standard data file can be read in CommMode.Full(fully enciphered + CMAC). For this purpose, the SAM AV3 provides the SAM_Apply_SMand SAM_Remove_SM commands. Those commands automatically prepare dataframesthat can be transmitted to, and decrypt dataframes coming from a MIFARE DESFirePICC, given the CommMode.
DataFile to reader: 0x00
Offset: 0x000000
Length: 0x0F0000 (15 byte)
Table 15. Examplestep Indication Data / Message Comment
1 SAM_Apply_SM > 80AE001008BD000000000F000000
The SAM_Apply_SM commandcreates the CMAC for the givencommand to send. The commandalone is "BD000000000F000000".As CommMode, given in P2 = 0x10,only CommMode.MAC is used, asthere is no data to encrypt.
2 CMAC ofcommand input < C0B3B4A1C4F426D99000 The SAM replies with the CMAC.
3
Send ReadDatacommand+ CMAC toDESFire
> BD000000000F0000C0B3B4A1C4F426D9
Command + CMAC are transmittedto the DESFire PICC.
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 21 / 34
Table 16. Examplestep Indication Data / Message Comment
1 SAM_Apply_SM > 80AE0000010100
This command is needed tomaintain internal transactioncounters (R_Ctr, W_Ctr) in the SAMAV3 in sync with the PICC. The datafield in the command only containsthe data field of the DESFirecommand (in this case 0x01), P2=0x00 means CommMode.Plain
2 Status word < 9000The status word of the SAM. Nodata is returned, as the commandwill be sent in plain
3 Command sent toDESFire PICC > 6C01 Get ValueCommand sent to
DESFire
4 Response in plain < 0009000000DESFire Response. The value in thevalue file is 0x09000000 (4 byte LSBfirst)
2.8.4 AuthenticateFirst with CardKey 0x02
This example shows the second authentication with CardKey Number 0x02 is used,which corresponds to SAM AV3 KeyEntry 0x02 Version 0x02. Still, AuthenticateFirstcommand is used.
Table 17. Examplestep Indication Data / Message Comment
SAM_AuthenticatePICC, P1 =0x80 (EVx authentication, no keydiversification), P2 = 0x00, data fieldconsists of key number, key version,AuthMode (EV2) and the 16 bytechallenge
SAM_Apply_SM command, takingthe whole DESFire command inplain, with an offset byte in front.The offset is the number of bytesbelonging to the DESFire commandheader (here: 0x08 [command code+ file number + 3 byte file offset + 3byte length] )
Command header + encrypted data+ CMAC to be sent to DESFirePICC. The comple frame is longeras the configured receive buffer ofthe DESFire, therefore chaining isneeded.
4 Status Byte:Chaining < AF
status code: AF indicates that theDESFire PICC is ready for the nextframe
5 Second part > AFBA9CC5E9 Second part of the command frame
6 Status byte +CMAC < 009BA3CB8F59EADE44 status byte 0x00 + CMAC
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 23 / 34
step Indication Data / Message Comment
7 SAM_Remove_SM > 80AD001009009BA3CB8F5
9EADE4400
SAM_Remove_SM command. Asthere is no data to decrypt, P2 =0x01 (CommMode.MAC), the datafield contains the status byte + 8byte CMAC
8 Status word < 9000 Status word of the SAM, indicatingsuccess
2.8.6 Debit
The debit command reduces the value in the value file by a given amount.
CommMode.Full
Value: 0x01000000 (4 byte LSB first)
Table 19. Examplestep Indication Data / Message Comment
1 SAM_Apply_SM > 80AE00300702DC010100000000
SAM_Apply_SM command.The command will be sent inCommMode.Full (P2 = 0x30). Theplay load of this command is thelength of the DESFire commandheader (0x02), the DESFirecommand header itself (0xDC01,command code 0xDC + File numberof the ValueFile 0x01) and the valueto be debited.
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 24 / 34
Table 20. Examplestep Indication Data / Message Comment
1 SAM_Apply_SM > 80AE001001C700
SAM_Apply_SM command withP2 = 0x01 for CommMode.MAC.Data field of the command is theCommitTransaction command code0xC7
2 CMAC forcommand < 066E6991B44751BA9000 8 byte CMAC + status word
3 CommitTransaction+ CMAC > C7066E6991B44751BA Frame to be sent to DESFire PICC:
command code + CMAC
4 Status byte +CMAC < 00A67A477A0EF1D152 Response: Status byte + CMAC
5 SAM_Remove_SM > 80AD00100900A67A477A0
EF1D15200
SAM_Remove_SM command. Asthere is no data to decrypt, P2 =0x01 (CommMode.MAC), the datafield contains the status byte + 8byte CMAC
6 Status word < 9000 Status word of the SAM, indicatingsuccess
2.9 Delegated Application ManagementThis section shows two examples of how to create delegated applications and changethe DAM Keys on a DESFire EV2 Card. This feature is exclusive for MIFARE DESFireEV2 and MIFARE DESFire EV3. Details about how delegated applications work can befound in the MIFARE DESFire EV2 datasheet or in features and hints respectively in theMIFARE DESFire EV3 datasheet and features and hints.
2.9.1 Card issuer
The delegated application feature allows card issuers to sell/rent space on their cardsto 3rd parties. Therefore, the card issuer needs to personalize the card in a way thatallows a card user to install applications from 3rdparties, so called application provides,on the card. Therefore, some information needs to be secretly shared between the cardissuer and the application provider, in order to allow the application to be installed in anappropriate slot on the card.
The following example gives an idea on how a MIFARE SAM AV3 can be used to handlethe keys and data on the card issuer side.
2.9.2 Card issuer - example
In this example, a possible way to use SAM AV3 in combination with the delegatedapplication feature on DESFire is shown. The example is intended to make use of allthe possibilities on SAM AV3. It is not mandatory to use it exactly like this in a realapplication(for example, the DAM Default Key does not need to be stored in a SAM)
The structure in the SAM for this example shall look like the following (all Keys key typeAES128):
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 25 / 34
Table 21. Key structure of the Master-SAMKeyNo
intended use Key V 0x00 Key V 0x01 comment
0x01 PICC Keys FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Key version 0x00: PICCMasterKeyKey version 0x01:DAMAuthKey
0x02 DAM Keys, KeyClass PICC
11111111111111111111111111111111
22222222222222222222222222222222
Key version 0x00:DAMMACKeyKey version 0x01:DAMEncKeyused only to activateDAM Keys on theMIFARE DESFire EV2
0x03 DAM Default KeyAES192
000000000000000000000000000000000000000000000000
-
DAM default Key,used to initialize theApplication key(s).Export secret needs tobe allowed
0x04DAM Keys,Key ClassOfflineCrypto
see KeyNo 0x02 V0x00
see KeyNo 0x02 V0x01
Key version 0x00:DAMMACKeyKey version 0x01:DAMEncKeysame Key values asin KeyNo 0x02, butdifferent Key Class.Those Keys can beused for OfflineCryptopurposes(generating theDAMMAC)
First of all, the DAM Keys on the MIFARE DESFire EV2/EV3 card need to be activated.This happens with a ChangeKey Command, targeting the DAMAuthKey(0x10),DAMMACKey(0x11) and DAMEncKey(0x12). For this, the card needs to beauthenticated with the PICC Master Key (KeyNo 0x00, KeyV 0x00). This is not shownhere explicitly, see DESFire EV2 Authentication.
Additionally to above mentioned Keys, th "old Key" for the DAM Keys is needed for theChangeKey command. for a fresh card, this key is all zeros. The examples use the thirdkey entry in KeyNo 0x01, with KeyVersion 0x02.
Note: Due to reasons regarding backwards compatibility, the ChangeKeyEV2 commandneeds to be used, otherwise, the card key number 0x1y cannot be specified.
Table 22. Change DAM Keysstep Indication Data / Message Comment
1ChangeKeyCommand toSAM AV3
> 80C400200600100102010100
Change Key EV2, KeySett number0x00, card key number 0x10, oldkey no 0x01, version 0x02(all zerosAES128 key), new key number0x01, version 0x01 (DAMAuthKey)
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Repeat this also for the Card Keys 0x11 and 0x12. (0x11: use SAM Key 0x02 version0x00; 0x12: use SAM Key 0x02 version 0x01)
Now, the card is prepared for creating delegated applications on it. In order for anapplication provide to be able to create delegated applications, the application provideralso needs a DAMMAC, and an encrypted DAMDefaultKey. This ensures, that nobodyexcept the dedicated application provider can create a delegated application on the card,as no one else can forge this DAMMAC, as the key is only known to the card issuer.Also, an application provider can only create a delegated application with the propertiesnegotiated with the card issuer, as otherwise, the DAMMAC would not fit.
Table 23. Create the Encrypted DAM DefaultKey and DAMMACstep Indication Data / Message Comment
1 Export value ofDAMDefault Key > 80D6000002030000 Dump secret key entry 0x03 version
0x01
2 Value of the Key <0000000000000000000000000000000000000000000000009000
Key value and SW1SW2
3 DAMDefaultKeyVersion = 00
4 Get 7 randombytes > 8084000007 for padding
5 Response < F5E876FEE275609000 7 Byte random + SW1SW2
Generate the DAMMAC with in step11 generated input
15 returned MAC < FD5D929451161283E5B95C012261412B9000 MAC + SW1SW2
16 DAMMAC = 5D941683B901612B
The DAMMAC is truncated like inthe EV2 secure messaging scheme:every second byte is taken for thefinal 8-byte MAC
Everything needed from the card issuer is in place. The card issuer can now transfer theDAMAuthKey, the EncK and the DAMMAC to the application provider. This can be donewith SAM AV3, or any other secure channel (not in scope of this example).
2.9.3 Create a Delegated Application
In this example, the application provider receives all needed data stored in a SAM AV3,called the "Slave-SAM".
Table 24. Key structure of the Slave-SAMKeyNo intended use Key V 0x00 Comment
0x11 PICC Key AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Key Version 0x00:DAMAuthKeya KUC can be applied to thisKey to limit the number ofusages, hence the numberof application installations.In this example, the Keyvalue of this Key is notknown to the applicationprovider
This key entry is used tostore the DAMMAC, henceit is not a real key, just usedfor data storage. Exportsecret needs to be allowed.
Note: For more security, Keys 0x12 and 0x13 should be only accessible if a hostauthentication with a secret key shared between card issuer and application provider isactive. This can be achieved by setting KeyNoAEK to an additionally present host key, orthe SAM master key.
Table 25. Create delegated applicationstep Indication Data / Message Comment
The application provider can now authenticate with the DAMAuthKey using the SAM AV3(seeDESFire EV2 Authentication). We assume, the data from Key 0x12 and 0x13 is already dumped.
1 Send to MIFAREDESFire EV2 > C91234560000004000EF81
Create Delegated Application0x123456 with parametersagreed with card issuer(Step 11 inTable 23)
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 29 / 34
2.10 MIFARE DESFire Light and SAM AV3MIFARE DESFire Light is a subset of the MIFARE DESFire family. For MIFARE SAMAV3 in S-mode, all examples shown in this document also apply for MIFARE DESFireLight. The only difference is, that commands sent to a MIFARE DESFire Light, need tobe transferred in the ISO7816-4 APDU format(See datasheet). This is not influenced bythe MIFARE SAM AV3 at all.
For X-mode, especially for the command DESFire_AuthenticatePICC andDESFire_ChangeKeyPICC, bit 6 of P2 needs to be set, in order to use ISO7816-4 APDUformat. Other than that, everything works according to a DESFire EV2.
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Application note Rev. 1.3 — 14 July 2020COMPANY PUBLIC 521513 31 / 34
4 Legal information
4.1 DefinitionsDraft — A draft status on a document indicates that the content is stillunder internal review and subject to formal approval, which may resultin modifications or additions. NXP Semiconductors does not give anyrepresentations or warranties as to the accuracy or completeness ofinformation included in a draft version of a document and shall have noliability for the consequences of use of such information.
4.2 DisclaimersLimited warranty and liability — Information in this document is believedto be accurate and reliable. However, NXP Semiconductors does notgive any representations or warranties, expressed or implied, as to theaccuracy or completeness of such information and shall have no liabilityfor the consequences of use of such information. NXP Semiconductorstakes no responsibility for the content in this document if provided by aninformation source outside of NXP Semiconductors. In no event shall NXPSemiconductors be liable for any indirect, incidental, punitive, special orconsequential damages (including - without limitation - lost profits, lostsavings, business interruption, costs related to the removal or replacementof any products or rework charges) whether or not such damages are basedon tort (including negligence), warranty, breach of contract or any otherlegal theory. Notwithstanding any damages that customer might incur forany reason whatsoever, NXP Semiconductors’ aggregate and cumulativeliability towards customer for the products described herein shall be limitedin accordance with the Terms and conditions of commercial sale of NXPSemiconductors.
Right to make changes — NXP Semiconductors reserves the right tomake changes to information published in this document, including withoutlimitation specifications and product descriptions, at any time and withoutnotice. This document supersedes and replaces all information supplied priorto the publication hereof.
Suitability for use — NXP Semiconductors products are not designed,authorized or warranted to be suitable for use in life support, life-critical orsafety-critical systems or equipment, nor in applications where failure ormalfunction of an NXP Semiconductors product can reasonably be expectedto result in personal injury, death or severe property or environmentaldamage. NXP Semiconductors and its suppliers accept no liability forinclusion and/or use of NXP Semiconductors products in such equipment orapplications and therefore such inclusion and/or use is at the customer’s ownrisk.
Applications — Applications that are described herein for any of theseproducts are for illustrative purposes only. NXP Semiconductors makesno representation or warranty that such applications will be suitablefor the specified use without further testing or modification. Customersare responsible for the design and operation of their applications andproducts using NXP Semiconductors products, and NXP Semiconductorsaccepts no liability for any assistance with applications or customer productdesign. It is customer’s sole responsibility to determine whether the NXPSemiconductors product is suitable and fit for the customer’s applicationsand products planned, as well as for the planned application and use ofcustomer’s third party customer(s). Customers should provide appropriatedesign and operating safeguards to minimize the risks associated withtheir applications and products. NXP Semiconductors does not accept anyliability related to any default, damage, costs or problem which is basedon any weakness or default in the customer’s applications or products, orthe application or use by customer’s third party customer(s). Customer isresponsible for doing all necessary testing for the customer’s applicationsand products using NXP Semiconductors products in order to avoid adefault of the applications and the products or of the application or use bycustomer’s third party customer(s). NXP does not accept any liability in thisrespect.
Export control — This document as well as the item(s) described hereinmay be subject to export control regulations. Export might require a priorauthorization from competent authorities.
Evaluation products — This product is provided on an “as is” and “with allfaults” basis for evaluation purposes only. NXP Semiconductors, its affiliatesand their suppliers expressly disclaim all warranties, whether express,implied or statutory, including but not limited to the implied warranties ofnon-infringement, merchantability and fitness for a particular purpose. Theentire risk as to the quality, or arising out of the use or performance, of thisproduct remains with customer. In no event shall NXP Semiconductors, itsaffiliates or their suppliers be liable to customer for any special, indirect,consequential, punitive or incidental damages (including without limitationdamages for loss of business, business interruption, loss of use, loss ofdata or information, and the like) arising out the use of or inability to usethe product, whether or not based on tort (including negligence), strictliability, breach of contract, breach of warranty or any other theory, even ifadvised of the possibility of such damages. Notwithstanding any damagesthat customer might incur for any reason whatsoever (including withoutlimitation, all damages referenced above and all direct or general damages),the entire liability of NXP Semiconductors, its affiliates and their suppliersand customer’s exclusive remedy for all of the foregoing shall be limited toactual damages incurred by customer based on reasonable reliance up tothe greater of the amount actually paid by customer for the product or fivedollars (US$5.00). The foregoing limitations, exclusions and disclaimersshall apply to the maximum extent permitted by applicable law, even if anyremedy fails of its essential purpose.
Translations — A non-English (translated) version of a document is forreference only. The English version shall prevail in case of any discrepancybetween the translated and English versions.
Security — While NXP Semiconductors has implemented advancedsecurity features, all products may be subject to unidentified vulnerabilities.Customers are responsible for the design and operation of their applicationsand products to reduce the effect of these vulnerabilities on customer’sapplications and products, and NXP Semiconductors accepts no liability forany vulnerability that is discovered. Customers should implement appropriatedesign and operating safeguards to minimize the risks associated with theirapplications and products.
4.3 Licenses
ICs with DPA Countermeasures functionality
NXP ICs containing functionalityimplementing countermeasures toDifferential Power Analysis and SimplePower Analysis are produced and soldunder applicable license from CryptographyResearch, Inc.
4.4 TrademarksNotice: All referenced brands, product names, service names andtrademarks are the property of their respective owners.
MIFARE — is a trademark of NXP B.V.DESFire — is a trademark of NXP B.V.MIFARE Plus — is a trademark of NXP B.V.MIFARE Ultralight — is a trademark of NXP B.V.MIFARE Classic — is a trademark of NXP B.V.NXP — wordmark and logo are trademarks of NXP B.V.
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Tab. 11. SAM_ChangeKeyPICC for changing cardmaster key .......................................................16
Tab. 12. Change application key number 1 usingSAM .................................................................17
Tab. 13. Change application master key using SAM ..... 18Tab. 14. Example ...........................................................19Tab. 15. Example ...........................................................20Tab. 16. Example ...........................................................21Tab. 17. Example ...........................................................21Tab. 18. Example ...........................................................22Tab. 19. Example ...........................................................23Tab. 20. Example ...........................................................24Tab. 21. Key structure of the Master-SAM .................... 25Tab. 22. Change DAM Keys ......................................... 25Tab. 23. Create the Encrypted DAM DefaultKey and
DAMMAC .........................................................26Tab. 24. Key structure of the Slave-SAM ...................... 27Tab. 25. Create delegated application ...........................28
NXP Semiconductors AN12696MIFARE SAM AV3 - For MIFARE DESFire
Date of release: 14 July 2020Document identifier: AN12696
Document number: 521513
Contents1 Introduction ......................................................... 31.1 Scope .................................................................31.2 Abbreviation ....................................................... 31.3 Examples presented in this document ...............31.4 S interface ......................................................... 42 Using MIFARE SAM AV3 for MIFARE
DESFire ................................................................ 52.1 Downloading the MIFARE DESFire keys to
SAM from Host ..................................................52.2 Authenticating MIFARE DESFire using the
SAM ................................................................... 62.2.1 MIFARE DESFire Authentication, key type
AES-128 (non-diversified key) ........................... 62.2.2 MIFARE DESFire Authentication, key type
AES-128 (diversified key) .................................. 82.2.3 MIFARE DESFire Authentication, key type
AuthenticateFirst .............................................. 102.3 Encrypted Write to data file using SAM ........... 112.3.1 Encrypted Write to Data file using SAM,
3KTDES mode .................................................122.4 Encrypted Read from data file using SAM ....... 132.4.1 Encrypted Read from Data file using SAM,
3KTDES mode .................................................132.5 Write data (C)MAC communication ................. 142.5.1 CMACed Write to Data file using SAM, AES
mode ................................................................142.6 Read data (C)MAC communication ................. 152.6.1 MACed Read from Data file using SAM, AES
mode ................................................................152.7 Changing MIFARE DESFire Key using
2.9.3 Create a Delegated Application .......................272.10 MIFARE DESFire Light and SAM AV3 ............ 293 References ......................................................... 304 Legal information ..............................................31