Newsletter October2009

MIFARE, a trusted brand name in identification industry for ticketing applications, was launched in 1994. As of March 2009, more than 650 cities in more than 50 countries have adopted to MIFARE solutions. More than one billion cards have been issued, of which more than 800 million cards have been used as tickets. More than 10 million readers have been deployed in the field. This segment has been supported by more than 800 MIFARE solution providers consisting of card / reader makers, solution developers and system integrators. Apart from ticketing application, there are more than 40 application types have been developed and deployed across industry categories. One must be wondering, why is all this being mentioned now in this article? Well, in the 24th Chaos Communication Congress, two Virginia University students showed how weak this Cyrpto1 algorithm is and how easily it could be broken. The goal of these presentations was to prove that the Crypto1 algorithm, which was introduced in 1994, is now weak enough to be broken into using normal computers. It was a pointer to the industry to open their eyes and ask them to shift to some cryptography which is more complex and difficult to break. After about thirteen years i.e., in 2007 someone was able to reverse the Crytpo1 algorithm and discover that the random number generator is nothing but a 16-bit linear function. This was considered to be quite secured in 1994, but today with the fast multi-core processors in personal computers, this algorithm could be easily reversed with some basic understanding. To enhance the complexity, NXP asked for some time to come up with a solution to this problem with complex cryptographic functions and the result is MIFARE PLUS. In this article we would know further what is MIFARE PLUS and how should a system based on MIFARE CLASSIC be migrated to MIFARE PLUS in different stages / levels. The key features of MIFARE PLUS that make systems more secured and faster than MIFARE Classic are:

• 7-byte UID instead of an old 4-byte UID
• Simple fixed memory structure backward compatible with MIFARE CLASSIC
• Usage of Advanced Encryption Standard (AES) instead of Cyrpto1: US Government approval for AES to be used on all secret documents beyond 2030
• True Random Number Generator (TRNG) tested against AIS 20
• Composite Common Criteria EAL 4+ certification for IC
• Freely configurable Access Conditions (Anti tear function for consistent deployment of changing keys and access conditions)
• Extra memory space to store the AES keys (A & B) for all sectors, instead of 48-bit keys
• Increased speed upto 848kbit/s, as against 106kbit/s
• Transmission security using CMAC (Cipher Message Authentication Code) as per NIST 800-38B
• Random UID, supporting anti-privacy features
• Write operations increased from 100K to 200K cycles
• Two variants: Standard (S) and eXpert (X), for simplified and full features sets
• eXpert (X) variant supports data encryption using AES keys, proximity checks to avoid relay attacks, faster transactions and support for Value block over Standard (S) variant.

So let’s see what MIFARE PLUS has to offer us and how it secures us. So to incorporate all this features of MIFARE PLUS in the existing MIFARE CLASSIC system, a road path has been designed and prepared, but made available public for the first time via this newsletter. A simple equation to the solution says that the cards definitely need to be replaced, whereas the readers could be simply upgraded (for existing readers) or re-designed (for new projects). In general, a Project Manager or Technical Officer has to follow a set of identified function points for MIFARE PLUS migration, while switching their projects. To know more on these function points, please write to us at support@advanide.com and we assure you of our fullest support required to migrate your projects.

The table below shows the different levels and the status / migration path of cards and readers, in each level.

Level	MIFARE Cards	MIFARE Readers	Explanation
Level 0	The project already has the MIFARE CLASSIC cards in the system, whereas the MIFARE PLUS cards can co-exist in the system.	No change	MIFARE PLUS card IC has AES keys as well as 48-bit keys as per MIFARE CLASSIC, so unless the AES keys are enabled, the MIFARE PLUS cards can co-exist and behave as MIFARE CLASSIC cards. The system as whole i.e., MIFARE PLUS cards, MIFARE CLASSIC cards and the readers behave as MIFARE CLASSIC System, and features of MIFARE PLUS remains un-utilized. All new cards being issued are MIFARE PLUS cards.
Level 1	The project already has the MIFARE CLASSIC cards in the system, but they would now be slowly removed from the system. The MIFARE PLUS cards are now going to dominate the system	Readers are now empowered using the MIFARE SAM AV2 (if the existing hardware supports external SAM, if not, then reader hardware has to be changed). Details on how to upgrade the readers is shown in next section of this article	Readers are empowered with MIFARE SAM AV2, which supports 48-bit key system as well as AES keys. They poll the card, differentiate them and accordingly run the application.
Level 2	MIFARE CLASSIC Cards are all removed / migrated from the system. All the cards are MIFARE PLUS with AES authentication. Also AES Keys are updated in the card using the anti-tearing feature. MIFARE PLUS Standard doesn’t support the AES authentication and MIFARE Classic crypto support simultaneously, whereas MIFARE PLUS eXpert does.	Readers are now using a mandatory AES keys for authentication and no more usage of 48bit keys; however the data encryption is still done using Crypto1 algorithm (on MIFARE PLUS eXpert version only).	Tests of all applications, i.e., readers and embedded application along with backend, is a must before proceeding to Level 2. If tests are not conducted or partial tested products are introduced, the system may collapse. Also if any MIFARE CLASSIC card is still there in the field, they will not function resulting in end-users’ grievances, which has to be pre-planned.
Level 3	Since this is for new installations, all cards are MIFARE PLUS with a mandatory AES authentication. In this level, apart from the mandatory AES authentication, the data is also encrypted using the AES keys and a full host of features on MIFARE PLUS eXpert version only. See list below.	All readers are pre-designed to handle the MIFARE PLUS authentication using AES, but no backward compatibility to support MIFARE Classic.	This level can be considered as ‘an extension of LEVEL 2’, where all the cards are now MIFARE PLUS and all the installed readers doesn’t support MIFARE Classic OR ‘Configurations for fresh installations’.

In Level 3 MIFARE PLUS eXpert version supports the following features, which MIFARE PLUS Standard version doesn’t:
• Data Encryption with AES keys
• Full Virtual Card concept support
• Proximity Check (protection against Relay Attacks)
• Extra commands to transact faster
• Support for Value blocks

Upon close observation, the migration from MIFARE Classic to MIFARE PLUS at any Level requires an upgrade or replacement of the key component i.e., the reader. Most of the times, this is the only component which is prone to attacks, sabotage and raising false alarms for disclosing behavior. In this component migration process, we guide you on how to upgrade or replace the readers and with MIFARE PLUS around, what are the necessary components required in a reader. A RFID reader normally consists of a micro-controller programmed with embedded application and an interface (protocol handling, command flow and data interpretation) to the Reader IC, supporting communication with the card. NXP’s MFRC series Reader ICs has built in Crypto1 crypto functions, whereby the SAM is not mandatory for a reader to function. As mentioned in the beginning, there are 10 million RFID readers installed in the industry, most of them not provisioning a SAM. Keys to the cards in such a reader are stored either inside the reader IC or hardcoded into the embedded application residing onto the controller. This enhances a faster transaction time with auto-select of sectors and thereby authenticating them with the pre-stored keys. Both the methods of keys storage are not secured and this could be a disaster for the system. There are three options or methods to upgrade the RFID reader hardware in this migration process. To get the detailed information on the upgrade options, please write to us at support@advanide.com. We can definitely help you along with NXP, to resolve your queries with respect to migration of your systems from MIFARE Classic to MIFARE PLUS. Meanwhile, below is the list of all documents, libraries and tools that are available on request from NXP. Please write to us, and we will assist your further to get these documents, libraries and tools:

• On the MIFARE PLUS Card IC
    o Preliminary data sheet for MIFARE Plus MF1PLUSx0 Mainstream contactless smart card IC for fast and easy solution development
    o Release Note MIFARE Plus Waffle Packs Engineering Samples

• Reader libraries
    o MIFARE Plus RD701 (PEGODA) Reader Library Engineering Samples
    o User Manual MIFARE Plus RD701 (PEGODA) Reader Library Engineering Sample
   o MIFARE Plus RC52x Reader Library Engineering Samples

• Demo Software
    o MIFARE Plus PC Demo Software Suite '42' (Alpha Version) for Engineering Samples
    o MIFARE Plus PC Demo Software Suite '42' User Manual for Engineering Samples

• Security recommendations
    o MIFARE Plus Key Diversification - Application Note

• Documentation, libraries and software for MIFARE SAM AV2

TOP

Back