Can we write and rewrite on the ntag 424 dna in offline mode by choosing the secret keys?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we write and rewrite on the ntag 424 dna in offline mode by choosing the secret keys?

3,350 Views
kicedric78
Contributor III

Hello how are you? I am currently working on a project and the goal is to be able to write to a ntag 424 dna. A device should be able to read and modify ntag information (all offline) while respecting security standards. Ideas on steps and suggestions of an Nfc encoder will be welcome

hello jonathaniglesias

7 Replies

3,213 Views
Jonathan_Iglesias
NXP TechSupport
NXP TechSupport

Hi KI CEDRIC BIENVENU
Hope you are doing great, what do you mean by devices? do you want to use a phone to modify it, so anybody can download an application you will develop and modify the tag ?well in this case  I would not recommend  that this happen in the field,  if you create an application that modifies the tags in the field  it would work I dont see an issue with it, the thing is that  if you do not ensure that the phone is really secure, like excluding rooted phones, phones without an internal secure element. your  keys will be stored in a non secured memory therefore they can be retrieved and used to damage your tags or your project or by device you mean a reader in some known areas where people can  visit there and do the modifications ? this is a different case but it might take away this experience that NTAG 424 is used for. if you want to discuss information that you do not feel comfortable discussing in public  please create a case  in our internal system and put the link of this case for reference. Support | NXP 

BR

Jonathan

0 Kudos

3,213 Views
kicedric78
Contributor III
the reader / encoder will be in a fixed location and the developed application will only be accessible to the manager of the device. In this case, is key storage problematic? then each tag should be different from the others by authentication. my concern is which field used for user data and how to manage keys
0 Kudos

3,213 Views
Jonathan_Iglesias
NXP TechSupport
NXP TechSupport

Hi KI CEDRIC BIENVENU,

Hope you are doing great, well in this case I would recommend using a smartcard like DESFire family, if you check our latest  DESFire EV3 it supports the SUN messages as the NTAG 424 in case you want to  use this type of information structure. DESFire  has more key sets, the capability of diversifying the key. the only inconvenience is that DESFire information is secured under NDA ( Non Disclosure Agreement) this means that all the information, tools and support should be delivered using secured communication channel, since this is a public forum we cannot discuss information under NDA. let me know if  you are your interest for this or if you want to stay with NTAG 424 . 

BR

Jonathan

3,213 Views
kicedric78
Contributor III
thanks for the recommendation but someone recommended the mifare ultralight range to me as I want to put them on paper. can they do the trick?
pastedImage_1.png
0 Kudos

3,213 Views
Jonathan_Iglesias
NXP TechSupport
NXP TechSupport

well, this depnds entirely on the application you will have, if the information inside the tag will be something like some loyalty points, something that grants the authenticity of a product or something like that, I would not recommend the Ultralight family, if the information or the application is  kind of disposable,  or you do not require high security, ultralight can do the job, as you may know ultralight does not implement  much security, we have the EV1 which has a 32bit password and the C which has an authentication DES,  that is all this last one does not encrypt,  just authenticates. so depending on the information inside of the tag is the product you will be having I assumed you are working on an application that requires high security that is why I can recommend an NTAG 424, Plus or DESFire.

without deeper information about the product I cannot give a accurate recommendation.

BR

Jonathan

3,213 Views
kicedric78
Contributor III
Indeed the application needs to authenticate and encrypt the data.
We will have as information on the app an amount (money), and information on the holder of the ticket.
finally the ntag 424 dna or the desfire?
0 Kudos

3,212 Views
Jonathan_Iglesias
NXP TechSupport
NXP TechSupport

as explained in the inbox message I have sent to you, the best would be that you use a card for that type of applications, like a DESFire or a Plus.  due to the main purpose of this card, you will know that the information is stored in a secured place and only the readers that you want will have access to it. I invite you to check our DESfire family which is mostly under NDA( Non  Disclosure Agreement ) as well as the Plus Family. the DESFire light is public  and available in our webpage.

BR

 

Jonathan

0 Kudos