MIFARE EV3/EV2 Change ATS when using native Auth (D40) and SAM AV3

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MIFARE EV3/EV2 Change ATS when using native Auth (D40) and SAM AV3

734 Views
vojkoglaser
Contributor I

Hi.

I have tried to change ATS on MIFARE EV3 card while authenticate with default DES key and was not successful. Not using SAM AV3 nor by manually calculating session keys.

After successful authentication, I have constructed required ATS, added CRC16 and padding according to documentation (at least I think so:) ). But when sending to SAM I got wrong CRC or padding error if using decryption method or the command is rejected by the card if using encription method.

I have pegoda reader and RFIDDiscover and when I use SAM the result is the same. The only way that I managed to change ATS is by using key store (without SAM).

I have even tried some reverse engineering and try to decrypt encrypted message with session key provided in pegoda log (using online calculators or self coding algorithms), which successfully decrypted only first 8 bytes. The next 8 bytes are scrambled (instead of other part of CRC and padding).

I guess I'm missing one step or some key settings that would enable generation of properly encrypted/decrypted D40 messages with SAM AV3. Any suggestions how this should be implemented if using SAM AV3?

BTW, changing ATS using EV2 authentication works like a charm. At least with desfire EV2 cards (unfortunately not with EV3 -> still waiting for docs).

Best regards

Vojko

Labels (1)
0 Kudos
Reply
1 Reply

690 Views
danielchen
NXP TechSupport
NXP TechSupport

Hi @vojkoglaser 

 

MIFARE family is secured by NDA (Non-Disclousre-Agreement),   it means all the information and support should be provided to the customers who have active NDA through a secure channel.

 

I would suggest you create a ticket for your question.

 

Regards

Daniel

0 Kudos
Reply