Discussion Board

Results 1 to 2 of 2
  1. #1
    Registered User
    Join Date
    Jan 2009

    Mifare emulation MF_Password

    This is a question specific to Java Card development (applets not MIDlets), and more specifically Mifare cards/architecture. Any help would be really appreciated!

    Using the G&D JCSuite toolkit I'm developing an applet which reads/writes data to the Mifare emulation element. The problem I'm getting is that when I set the sector trailer to some specific keys, I cannot read or write data from the data-blocks within the sector - I effectively lock the Mifare sector even though I know the keys.

    So, from the MF_Password generation document:


    There are examples of generating the MF_Password for 3 different keys, and I can verify my applet generates the same correct password. When I set the keys:

    KeyA: A0 A1 A2 A3 A4 A5 KeyB: B0 B1 B2 B3 B4 B5

    i.e. a write-block of 16 bytes:


    Into block 7 (Sector 1 Block 3).

    If I read back the data from Block 4, I get no error & valid data - everything works as expected.

    If however (and unexplicably) I write the keys:

    KeyA: 4D 3A 99 C3 51 DD KeyB: 1A 98 2C 7E 45 9A

    i.e. the write-block of 16 bytes:


    Into the same block, and then try to read back the corresponding block (like the example above). I get a security error as if I specified the wrong keys.

    How can the keys function correctly for one set, but not another. When I can verify that MF_Password is being generated correctly (using the JCSuite debugger).


  2. #2
    Registered User
    Join Date
    Jan 2009

    Re: Mifare emulation MF_Password

    I guessed that it would be difficult to get a response from this, but I've solved it by some some miracle and I'll post the answer for all googlers in future.

    There is a simple error in the generation of DKeyA which is written just below the examples in the document (in the link from original post). The last example which has the keys "4D 3A 99 C3 51 DD" as mentioned above is actually INCORRECT. So, my algorithm had a bug which meant it was generating the same incorrect results as the examples from the document. Details of what the example should read, and my letter to NXP are below.


    Dear NXP,

    I am writing to you to inform you of a mistake in the publicly available document:

    “Secure Access to MIFARE Memory on Dual Interface Smart Card ICs”

    Reference AN02105. There is an example key generated against input data of Key A as 4D 3A 99 C3 51 DD and Key B as 1A 98 2C 7E 45 9A. The mistake is an incorrect evaluation of DKeyA, it should read:

    9A 74 32 86 A2 BA 58 00

    The 7th bit is 58 NOT 1A. This consequently effects the final result, which should now read:

    A4 7F 84 D4 70 62 09 2B

    It seems that in the example for DKeyA byte 6 you have evaluated the order of KeyA incorrectly, as the foot-note below the examples advises against.

    I thought I would bring this to your attention because we have lost a couple of days debugging the password generation algorithm, and thought it was particularly important as the example advises against this easy mistake (but gives an example that includes it).

    I have now fully tested my algorithm using the internal Mifare emulation on some G&D Java Card applets, and I’m happy to provide the source-code if you would like.



    I have every confidence that they will ignore me, but FYI.


Similar Threads

  1. keys for mifare 4k emulation on 6212 classic?
    By ttmyks in forum Near Field Communication
    Replies: 1
    Last Post: 2008-11-06, 21:49
  2. Omnikey reader Mifare emulation & 6131
    By super_beda in forum Near Field Communication
    Replies: 5
    Last Post: 2008-05-13, 12:14
  3. Mifare Emulation mode problem
    By esunilkumare in forum Near Field Communication
    Replies: 4
    Last Post: 2008-02-15, 14:38
  4. Multiple mifare card emulation?
    By waaij in forum Near Field Communication
    Replies: 0
    Last Post: 2007-07-25, 10:56
  5. Problem with S40 5th Edition emulation, NCF 1.2 and BT dongle
    By nevillesatz in forum Bluetooth Technology
    Replies: 1
    Last Post: 2007-07-05, 10:52

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts