https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958011#M70 <P>Hi,</P> <P>What are the keys you are referring to? Some auth processes may involve calculations, and not a raw key exchange. However, it depends on the PICC being used, and this information is under NDA and secured in the Secure Files.</P> <P>Regards,<BR />Eduardo.</P> Thu, 19 Sep 2024 20:55:23 GMT EduardoZamora 2024-09-19T20:55:23Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1955050#M66 <P>Hello NXP community,</P><P>I’m currently working with the PN5190 frontend and have a couple of questions regarding its SPI communication with the microcontroller.</P><OL><LI>Is SPI communication encrypted when exchanging sensitive data?</LI><LI>Can we store the secret key for DESFire directly on the frontend?&nbsp;If not, what is the recommended method for secure key storage? Additionally, I couldn’t find detailed documentation on the encryption technology used for communication and key management. Could you point me in the right direction for this?</LI></OL><P>Thanks in advance for your help!</P> Mon, 16 Sep 2024 08:36:52 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1955050#M66 alaahamo 2024-09-16T08:36:52Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1956976#M68 <P>Hello&nbsp;<a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/238508">@alaahamo</a>,</P> <P>A pure SPI communication based on Commands, Responses and Events is used to connect with host controller for configuration, NFC data exchange and high-level NFC protocol implementation. More information on this can be found in <A href="https://www.nxp.com/docs/en/user-manual/UM11942.pdf" target="_blank">PN5190 instruction layer</A>.</P> <P>Key handling will depend on your setup/hardware; for example, you could consider using a <A href="https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-sam:MC_71422" target="_blank">MIFARE SAM</A>. These devices offer secure storage and strong protection of highly sensitive keys.</P> <P>If you are looking for information about DESFire devices, as some of the information and software supporting DESFire is under NDA (Non-Disclosure Agreement), the information is not public, and it is secured under Secure Files. Please consult the <A href="https://www.nxp.com/support/support/non-disclosure-agreement-faqs:NDA-FAQS" target="_blank">Non-Disclosure Agreement FAQs</A> and <A href="https://www.nxp.com/support/support/secure-access-rights:SEC-ACCESS" target="_blank">Secure Access Rights | NXP Semiconductors</A> for more information.</P> <P>Regards,<BR />Eduardo.</P> Wed, 18 Sep 2024 21:40:10 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1956976#M68 EduardoZamora 2024-09-18T21:40:10Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1957421#M69 Hi Eduardo,<BR /><BR />Thank you for your response.<BR /><BR />I was searching for the way the keys are exchanged between the microcontroller and the frontend.<BR />I think, in the lib they are using an encryption algorithm, when the key are in exchange process. My question is: Which kind of encryption algorithm is used there? There is no documentation regarding the SPI encryption.<BR />Are the keys are shared and static? Do we have to change them?<BR /><BR />Best regards,<BR /><BR />Hamo Thu, 19 Sep 2024 08:22:36 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1957421#M69 alaahamo 2024-09-19T08:22:36Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958011#M70 <P>Hi,</P> <P>What are the keys you are referring to? Some auth processes may involve calculations, and not a raw key exchange. However, it depends on the PICC being used, and this information is under NDA and secured in the Secure Files.</P> <P>Regards,<BR />Eduardo.</P> Thu, 19 Sep 2024 20:55:23 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958011#M70 EduardoZamora 2024-09-19T20:55:23Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958668#M71 Hi,<BR /><BR />I'm referring to the PICC_MasterKey_DES and PICC is used.<BR /><BR />Regrads,<BR />Hamo Fri, 20 Sep 2024 09:24:39 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958668#M71 alaahamo 2024-09-20T09:24:39Z https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958989#M72 <P>Hi,</P> <P>Assuming that you are working with <A href="https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-desfire/mifare-desfire-ev3-high-security-ic-for-contactless-smart-city-services:MF3DHx3" target="_blank">MIFARE DESFire EV3</A> devices, information is not public and may be under Secure Files. For more information, please refer to the <A href="https://www.nxp.com/support/support/secure-access-rights:SEC-ACCESS" target="_blank">Secure Access Rights | NXP Semiconductors</A>.</P> <P>Regards,<BR />Eduardo.</P> Fri, 20 Sep 2024 18:22:17 GMT https://community.nxp.com/t5/Hardware/PN5190-security/m-p/1958989#M72 EduardoZamora 2024-09-20T18:22:17Z