Hi, I'm designing with the #NT3H2111/#NT3H2211
There is a register AUTHLIM that can be used to limit negative authentication attempts.
Page39 of the datasheet:
8.7.2 Limiting negative verification attempts
To prevent brute-force attacks on the password, the maximum allowed number of negative password authentication attempts can be set using AUTHLIM. This mechanism is disabled by setting AUTHLIM to a value of 000b, which is also the initial state of NTAG I2C plus.
If AUTHLIM is not equal to 000b, each negative authentication verification is internally counted. As soon as this internal counter reaches the number 2AUTHLIM, any further negative password authentication leads to a permanent locking of the protected part of the memory for the specified access modes. Independently, whether the provided password is correct or not, each subsequent PWD_AUTH fails.
Any successful password verification, before reaching the limit of negative password verification attempts, resets the internal counter to zero.
So here is my question:
How permanent is the locking of the protected part of the memory?
Is this "permanent locking" until the device (power-on-)reset ? Or until the next time a NFC-device (smartphone) is presenting itself?
Or is it really permanent turning the device useless?
I cannot find the answer in the datasheet or AN11786.
Solved! Go to Solution.
Hi Paul,
Yes, your understanding is correct. After reaching the AUTHLIM, the protected part of the memory will be in a permanent locking, that cannot be reversed.
Regards,
Ricardo
Hi Ricardo,
Thank you for your answer. Can you then confirm the following conclusion:
In applications where an accredited user in possession of a valid password must be able to write in the protected memory, the use of the AUTHLIM feature can lead to sabotage through brute force techniques. This would result in the definitive destruction of the device, as the accredited user would no longer be able to use it afterward due to the permanent locking of the protected part of the memory, which cannot be reversed.
Is this correct? (in which case we will not be able to use this feature - a possibility to reset the permanent locking only by the I2C-side would have been the better solution)
Best Regards,
Paul.
Hi Paul,
Yes, your understanding is correct. After reaching the AUTHLIM, the protected part of the memory will be in a permanent locking, that cannot be reversed.
Regards,
Ricardo
Hello,
Hope you are doing well. As mentioned on the DataSheet, As soon as this internal counter reaches the number 2AUTHLIM, any further negative password authentication leads to a permanent locking of the protected part of the memory for the specified access modes. Independently, whether the provided password is correct or not, each subsequent PWD_AUTH fails.
Regards,
Ricardo