Hello,
Imagine we have an MCU connected to a NFC reader via SPI, and this reader communicates wirelessly with a MIFARE CLASSIC card. The MCU sends the authentication command to the PCD together with other data, like block number, KEY and UID. Then, the PCD performs a MUTUAL AUTHENTICATION with the card:
- The mutual authentication consist in checking that both the PCD and PICC know the same KEY.
- To prevent the keys from being sniffed during this verification, an encryption algorithm called CRYPTO1 is used.
- If mutual authentication is successful, the reader responds with an OK to the MCU.
So we could say that MCU is not involved in the authentication process. MCU ignores the CRYPTO1 algorithm.
However, in case of MIFARE DESFIRE card, we would say that mutual authentication is between the MCU and PICC (having the PCD as a bridge). So in this case the MCU in involved and it needs to apply AES algorithm. Are my statements correct?
Finally here is my quetion: what about MIFARE ULTRALIGT AES and MIFARE PLUS cards? Is in those cases the mutual authentication between PCD-PICC or MCU-PICC? Is the MCU involved so need to apply AES algorithm?
Thank you in advance, and please forgive my language mistakes.
