Mifare Classic Key diversification

[GoogleCodeExporter]

Reported by marko@unitedtickets.ee, Jun 7, 2012
Mifare Classic uses two types of diversification, old and new. The new type is 
very very similar to DESFire diversification, actually it is 100% the same, but 
the for DESFire the final key is taken from the last 16 bytes, for the classic 
it is first 6 bytes of the last 16 bytes. Will there be a fn that simply 
returns Classic type keys?
----
Comment 1 by project member romuald@libnfc.org, Jun 7, 2012
Thanks for reporting issue.

Could you provide a patch for this feature ?

If not, we will try to take care at this issue ASAP.
----
Comment 2 by marko@unitedtickets.ee, Jun 8, 2012
No, unfortunately not due to the time constraints. Perhaps sometime in the fall 
i might get the time, for now i can only provide specifications for 
diversification.
----
Comment 3 by project member romuald@libnfc.org, Jun 8, 2012
Yes, feel free to let us some references to implement it.
Thanks
----
Comment 4 by marko@unitedtickets.ee, Jun 8, 2012
Please find the file attached
----
    Spec.pdf 
3.5 MB   Download
----
Comment 6 by project member romuald@libnfc.org, Jun 8, 2012
Thanks for attachement.

As we are quite busy with libnfc and ifdnfc right, I don't think we will 
improve libfreefare next days.
ASAP may be not enough for some users, so if any volunteer want to take this 
issue, feel free to attach patches.
----
Comment 7 by olifozzy, Aug 13, 2012
I have been trying to understand the algorithm but I am having some trouble 
understanding key diversification.

If I understand correctly we need to know the master key and the 3des key to 
compute diversified keys for a card ?

Signature should be something like : 

- GetKey(masterKey, 3desKey, uid, blockNumber);

I have some tags that looks like mifare classic but the KeyA from the first 
sector is always the same , the other keys are diversified.
Do you know if the first sector behave differently of maybe my set of tags 
doesn't use that diversification algorithm...
----
Comment 8 by marko@unitedtickets.ee, Aug 13, 2012 via email
what 3des key? No 3des key is needed. Take a look at the first post and take a 
look at DESFire diversification implementation in the project. You have to have 
master key and diversification input (which is card UID and sector number) from 
the output of desfire diversification take the first 6 bytes of last 16 
bytes(because classic keys are smaller).

Marko
----
Comment 9 by olifozzy, Aug 13, 2012
I was talking about the first part of the document (old 2ktdes based key 
diversification).

Anyway I also looked at the second part of the document and the way it is done 
for desfire in libfreefare. 
According to the document there is some padding so that diversification input 
is always 32 bytes but in libfreefare, in cmac method it use key block size 
that is only 16 bytes.
I've made some slight modification to make it work as in the document.

It still doesn't explain why i have always the same key for all my tags but 
only for the first block (sector 0x03). Maybe they used a custom key 
diversification :/
----
Comment 10 by marko@unitedtickets.ee, Aug 13, 2012 via email
could be custom diversification.

sorry, i cannot help you with older diversification.

Marko

Original issue reported on code.google.com by yob...@gmail.com on 15 Jan 2013 at 8:01

[GoogleCodeExporter]

Original report: https://code.google.com/p/nfc-tools/issues/detail?id=9

Original comment by yob...@gmail.com on 15 Jan 2013 at 8:02

Attachments:

• Spec.pdf

[GoogleCodeExporter]

Original comment by yob...@gmail.com on 15 Jan 2013 at 8:20