- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
- Home
- :
- Identification and Security
- :
- NFC
- :
- 424 DNA AuthenticateEV2First RndA not matching
424 DNA AuthenticateEV2First RndA not matching
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
424 DNA AuthenticateEV2First RndA not matching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello!
Please bear with me, as I am very early into this wild journey of learning how to program these NFC tags.
Just recently, I purchased some NTAG 424 DNA NFC tags to play around with, and I've run into a problem that I just cannot seem to figure out. For reference, no keys have been changed since the purchase.
I'm following the authentication example on page 29 of the application note. While attempting to authenticate through the AuthenticateEV2First command, everything goes smoothly, until I get to step 24, where I need to compare my RndA with the RndA my tag sends back.
My output (after selecting application):
Tag found
>> response from part one: b0766120811175980f991df421d6996a91af
>> encoded random b: b0766120811175980f991df421d6996a
>> decoded random b: 674279214acdd6a200bf43834652a94c
>> random b rotated left: 4279214acdd6a200bf43834652a94c67
>> generated random a: 5fda3402593699c0317a3b0b564ecd2f
>> randa with randb rotated: 5fda3402593699c0317a3b0b564ecd2f4279214acdd6a200bf43834652a94c67
>> encrypted randa with randb rotated: 80f36dc666c232ef92a34c6f3be69455caa42d42ac1a082a611589035eb17b26
>> part 2 command: 90af00002080f36dc666c232ef92a34c6f3be69455caa42d42ac1a082a611589035eb17b2600
>> part two command response: b780a3690c43a3d61e418713ecd248d3e46cf86a0c222cffe01271f3aac2684a9100
>> part two command response without response code: b780a3690c43a3d61e418713ecd248d3e46cf86a0c222cffe01271f3aac2684a
>> decrypted part two command response: c89c58aeac5522d827ec583ee326ff77985445ef000000000000000000000000
>> card rnda: efac5522d827ec583ee326ff77985445
As you can see, my generated RndA (5fda3402593699c0317a3b0b564ecd2f) and the RndA that the card sends back (efac5522d827ec583ee326ff77985445) do not match. I have no idea why this might be happening. I thought maybe my encrypting/decrypting method might be flawed while figuring out RndB, but then I noticed that on page 48 of the data sheet, if my RndB was wrong, my Part 2 response would indicate that with response code 91AE, but my Part 2 response code is fine (9100), so my keys and everything appear to be fine.
Any help on this would be incredibly appreciated!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey!
It's been a minute, but I think I remember. I was using NodeJS for this, and subsequently the built-in crypto package. Throughout the whole process I was using the same "Cipher" instance for my decrypting, which is wrong. I found out I was supposed to create a new Cipher instance per decryption I believe. I'm not sure if this helps, but that's what I can remember.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you, @jbean, for your response.
Could you clarify, 'Throughout the whole process, I was using the same "Cipher" instance for my decryption, which is wrong. I found out that I was supposed to create a new Cipher instance per decryption.'
Which ciphertext do you mean?
BR, Shaghayegh.
