NTAG 424 / TagXplorer Diversification

UIDJames · ‎09-02-2024

Dear NXP community,

I am able to follow and calculate AES-128 key table 2: https://www.nxp.com/docs/en/application-note/AN10922.pdf

However, how would that translate to the diversified input in the TagXplorer, I don't get the same outputs when I diversify the key. I can find it nowhere in the documentation, can someone tell me what algorithm is used to generate the diversified key for ntag424 in TagXplorer, so I can calculate this also on my backend side?

EduardoZamora · ‎09-02-2024

Hello @UIDJames

Hope you are doing well.

Please, consider that TagXplorer is no longer supported and information about it was kept for historical reference only. We recommend using our TapLinx SDK as well as RFIDDiscover and TagWriter iOS | Android. Also. I will recommend you using PEGODA Contactless Smart Card Reader together with RFIDDiscover.

App Note you referred (Symmetric key diversifications) is, in fact, a good starting point, and it only describes key diversification based on CMAC as the suggested method.

Additionally, you can consult NTAG 424 DNA and NTAG 424 DNA TagTamper features and hints, Chapter 6 Personalization, Section 6.16 Changing the Key.

Regards,
Eduardo.

View solution in original post

UIDJames · ‎09-10-2024

Thank you for your explanation Eduardo.
I have used my own key diversification method.
I hope I can get access to tools you mentioned such as RFIDDiscover cause now I'm still using TagXplorer.

Thanks

UIDJames · ‎09-03-2024

Thank your recommendation to use RFIDDiscover and TapLinx SDK. I already have a Omnikey 5022 smart reader I'm assuming that will work just as fine! I have requested access for the RFIDDiscover and hope I can code APDU commands with it.

I took a good look at section 6.16.1 but some things are unclear for me.

Step 1 KSesAuthMAC = 5529860B2FC5FB6154B7F28361D30BF9
Step 2 KSesAuthENC = 4CF3CB41A22583A61E89B158D252FC53

Where are these values coming from?

Step 3 clear
SteP 4 suddenly we get the diversified new key by UID: F3847D627727ED3BC9C4CC050489B966

My question would by how is it diversified? What UID is used (+ maybe extra input like in the symmetric key diversification file)? , and why can the diversified input be only 31 HEX characters?

In the Symmetric key versification document table 3. step 8 Diversification input (M) = 04782E21801D803042F54E585020416275
was used, which made it clear.

In case of the ntag424 do you still use CMAC too for diversification or just AES-encryption?

It is very interesting I really want to figure this out!
I know I can come up with my own diversification process and TagXplorer is discontinued but I still want to know how it works, I need to understand it.
But I need a few more puzzle pieces I hope you can help me out with this!

Let me know if something is unclear from my side or if you understand my confusion!

Greetings,

JamesUID

EduardoZamora · ‎09-03-2024

Hi,

Section 6.16.1 is part of a personalization procedure, which describes some optional steps and is used only as an example. Final steps shall be defined and configured according to your requirements as some parameters used for the procedure (such as de UID) shown in the document are just examples, and they may depend on your real/physical device. For this reason, it is recommended to use our software tools and compatible readers from our portfolio since they can help you avoid implementation issues and speed up your tests and development, and because our support scope is limited to their usage.

Encryption and CMAC Session Keys are calculated in previous steps; for example, you could refer to section 6.14 AuthenticateAESNonFirst with key 0x00.

Regards,
Eduardo.

UIDJames · ‎09-09-2024

Hey Eduardo,

Thank you for your reply, however I'm still stuck with the same question.
How the example came up with:
New Key = AES-Diversified New Key by UID = F3847D627727ED3BC9C4CC050489B966

How is it diversified and with what UID / input Message?

How are step 1,2,3 turned into 4?

Thank you in Advance!

EduardoZamora · ‎09-10-2024

Hi,

The exact parameters should not be relevant since the steps listed in the document are just an example, and since the procedure for making diversification input is only a proposal, and it would only require it to be unique for unique PICC.

Please, allow me to reiterate that the procedure will depend entirely on the characteristics of your real tag and your actual requirements. Please, consider using RFID Discover for the tests.

Regards,
Eduardo.

EduardoZamora · ‎09-02-2024

Hello @UIDJames

Hope you are doing well.

Please, consider that TagXplorer is no longer supported and information about it was kept for historical reference only. We recommend using our TapLinx SDK as well as RFIDDiscover and TagWriter iOS | Android. Also. I will recommend you using PEGODA Contactless Smart Card Reader together with RFIDDiscover.

App Note you referred (Symmetric key diversifications) is, in fact, a good starting point, and it only describes key diversification based on CMAC as the suggested method.

Additionally, you can consult NTAG 424 DNA and NTAG 424 DNA TagTamper features and hints, Chapter 6 Personalization, Section 6.16 Changing the Key.

Regards,
Eduardo.