Mifare Desfire Cards
MIFARE is the NXP Semiconductors-owned trademark of a series of chips widely used in contactless smart cards and proximity cards. MIFARE products are embodied in contactless and contact smart cards, smart paper tickets, wearables and phones.
The MIFARE brand name (derived from the term MIKRON FARE Collection and created by the company MIKRON) covers four families of contactless cards :
- MIFARE Classic : Employs a proprietary protocol compliant to parts 1–3 of ISO/IEC 14443 Type A, with an NXP proprietary security protocol for authentication and ciphering. Subtype: MIFARE Classic EV1 (other subtypes are no longer in use).
- MIFARE Plus : Drop-in replacement for MIFARE Classic with certified security level (AES-128 based) and is fully backwards compatible with MIFARE Classic. Subtypes MIFARE Plus S, MIFARE Plus X and MIFARE Plus SE.
- MIFARE Ultralight : Low-cost ICs that are useful for high volume applications such as public transport, loyalty cards and event ticketing. Subtypes: MIFARE Ultralight C, MIFARE Ultralight EV1 and MIFARE Ultralight Nano.
- MIFARE DESFire : Contactless ICs that comply to parts 3 and 4 of ISO/IEC 14443-4 Type A with a mask-ROM operating system from NXP. The DES in the name refers to the use of a DES, two-key 3DES, three-key 3DES and AES encryption; while Fire is an acronym for Fast, innovative, reliable, and enhanced. Subtypes: MIFARE DESFire EV1, MIFARE DESFire EV2.
There is also the MIFARE SAM AV2 contact smart card. This can be used to handle the encryption in communicating with the contactless cards. The SAM (Secure Access Module) provides the secure storage of cryptographic keys and cryptographic functions.
MIFARE DESFire family
The MIFARE DESFire (MF3ICD40) was introduced in 2002 and is based on a core similar to SmartMX, with more hardware and software security features than MIFARE Classic. It comes pre-programmed with the general purpose MIFARE DESFire operating system which offers a simple directory structure and files. They are sold in four variants: One with Triple-DES only and 4 kiB of storage, and three with AES (2, 4, or 8 kiB; see MIFARE DESFire EV1). The AES variants have additional security features; e.g., CMAC. MIFARE DESFire uses a protocol compliant with ISO/IEC 14443-4.[9] The contactless IC is based on an 8051 processor with 3DES/AES cryptographic accelerator, making very fast transactions possible.
The maximal read/write distance between card and reader is 10 centimetres (3.9 in), but actual distance depends on the field power generated by the reader and its antenna size. In 2010, NXP announced the discontinuation of the MIFARE DESFire (MF3ICD40) after it had introduced its successor MIFARE DESFire EV1 (MF3ICD41) in late 2008. In October 2011 researchers of Ruhr University Bochum[10] announced that they had broken the security of MIFARE DESFire (MF3ICD40), which was acknowledged by NXP[11] (see MIFARE DESFire attacks).
MIFARE DESFire EV1
New evolution of MIFARE DESFire contactless IC, broadly backwards compatible. Available with 2 kiB, 4 kiB, and 8 kiB non-volatile memory. Other features include:[12]
- Support for random ID
- Support for 128-bit AES
- Hardware and operating system are Common Criteria certified at level EAL 4+ MIFARE DESFire EV1 was publicly announced in November 2006.[citation needed].
Key applications :
- Advanced public transportation
- Access management
- Loyalty
- Micropayment
MIFARE DESFire EV2
The latest evolution of the MIFARE DESFire contactless IC family, broadly backwards compatible.[13] New features include :
- MIsmartApp enabling to offer or sell memory space for additional applications of 3rd parties without the need to share secret keys
- Transaction MAC to authenticate transactions by 3rd parties
- Virtual Card Architecture for privacy protection
- Proximity check against relay attacks
MIFARE DESFire EV2 was publicly announced in March 2016 at the IT-TRANS event in Karlsruhe, Germany.
