Change NTAG 424 DNA Encryption Key for Production

dLawrence · ‎07-24-2024

We have extensively tested the NTAG 424 DNA in various interesting form factors and everything works great. We currently use a Python backend to decrypt the AES string using the test key and IV. Everything works as expected.

We're now ready to move to production and need to change the encryption/decryption key to something much secure. How do we go about this?

EduardoZamora · ‎07-24-2024

Hello @dLawrence

Hope you are doing well.

RFIDDiscover can be used together with PEGODA Contactless Smart Card Reader to access and handle NTAG devices, as well as for data processing. However, these tools may be intended for testing purposes and not for production.

Perhaps you could take a look at the Secure Services for the NTAG Product Family. For more information on this, please contact nfcservices.support@nxp.com.

Regards,
Eduardo.

dLawrence · ‎07-27-2024

We’re currently looking at the secure services. Thanks for that. My actual question about the software and hardware is can I CHANGE the decryption/encryption key with the RFIDDiscover and PEGODA? I know you said it isn’t for production, but we need to validate that NTAG is the right chip for us.

EduardoZamora · ‎07-29-2024

Hi,

You should be able to change the AppKeys (NTAG 424 Data Sheet, Section 8.2.4) by using RFID Discovery.

Regards,
Eduardo.

dLawrence · ‎07-24-2024

Kindly specify if there's a particular software and card reader we need to use. I'd appreciate the step process if possible.

I've looked at the RFIDDiscover tool. I've downloaded Lite and also requested an NDA to get the full version.

Thanks for your support.