帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

key diversification

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

key diversification

‎02-13-2019 12:17 PM
4,041 次查看
robneff
Contributor I

I'm working on a card reader using the SAM AV2 chip that will read cards using key diversification.  I understand the diversification algorithm, but there are steps to "encrypt x using AES".  I assume AES is built into the AV2 chip, but I don't see commands to simply encrypt an input, using a key from the key store.

In the NXP Reader library there is the phCryptoSym_Encrypt( ) command, that seems to implement AES in the library itself, but that means we need to get the key from the key store on the AV2 chip, which reduces the security level.  Am I looking at this right?

#nxp reader#sam av2#key diversification

0 项奖励
回复
6 回复数

‎02-20-2019 09:26 AM
3,753 次查看
robneff
Contributor I

As update, I have read AN10922 and AN10957. That doesn't help with my core question: can I encrypt data on the AV2 chip using a key in the AV2 Keystore?  The only solution I've found is to set the flag for dumping the secret key, read the key back to the host side, then using the NXP Reader Library to encrypt the data, all on the host side.  I'd rather not bring the key back to the host side ever. The AV2 certainly has the capability of doing it all on the chip, it seems like a security risk to force the host to store the secret key with dump flag set (in fact, the documentation describing the keystore says exactly that).

0 项奖励
回复

‎02-26-2019 10:19 AM
3,753 次查看
vicentegomez
NXP TechSupport
NXP TechSupport

Hi Rob 

You got the answer on the internal thread.

Regards

Vicente 

回复

‎07-15-2022 09:32 AM
3,281 次查看
Anssi
Contributor I

Where is the internal thread?

I am trying to diversify as well av2 key but I am not able to dump it either. Any help?

 

AuthAV2key is false for master and key dump is allowed. CuK is ff and type picc. What I am doing wrong? Resp 6985

0 项奖励
回复

‎05-02-2019 09:06 AM
3,753 次查看
robertorebolled
Contributor I

Hello Vicente:

I have the same question that Rob have, can you please help me?.

Best regards,

Roberto Rebolledo.

0 项奖励
回复

‎03-07-2019 05:12 PM
3,753 次查看
robneff
Contributor I

That did work for me.  I thought these forums were password protected, but at any rate, I did get the response off-line and it worked for me.  If I had read AN1830 or picked up some clues in other docs, that would have helped me also.

0 项奖励
回复

‎02-19-2019 01:37 AM
3,753 次查看
jimmychan
NXP TechSupport
NXP TechSupport

For your information : https://www.nxp.com/docs/en/application-note/AN10922.pdf 

0 项奖励
回复