• Integrated Circuits IGBTs MOSFETs Discrete Semiconductors RF and Microwave Passives Motors & Actuators Microphones & Speakers Connectors Electronic Materials Thermal Management LCD&LED Displays Automation & Control Power & Batteries Test & Measurement Mechanical and Metal Parts Tools

System level security measures for MIFARE installations

2021-09-16
chips,MIFARE DESFire EV2,MIFARE Plus EV1,NXP
Introduction:
●When designing contactless systems, e.g. based on MIFARE DESFire or MIFARE Plus it is important to design the system such that it is resilient against attacks, of course in a balance between costs, risks and impact when some of those risks materialize.
●MIFARE DESFire EV2 and MIFARE Plus EV1 both have Common Criteria (CC) EAL5+ certification and are thereby the chips which currently have the highest certified resilience against attacks of chips for similar purposes in the industry. It means that these chips have been tested to withstand attacks with power analysis, light attacks and many more and found to be able to withstand those attacks.
●Like for any chip that has Common Criteria certification of any level, MIFARE Plus and MIFARE DESFire having CC certification does not mean with absolute certainty that these chips can never be successfully attacked at any time in future. Attack methods get increasingly more sophisticated and so do the defenses that NXP builds into the chips. Unlike security in PCs, which can be generally updated and thereby increased over time, the MIFARE Plus and MIFARE DESFire chips are as they are and new defenses can (and will) only be built into future generations of chips.
●The systems in which those chips are deployed can be designed such that if there ever would be an attacker being able to successfully attack the chip that the impact of this attack is limited and that the damage can be repaired.
●This document describes design considerations for systems deploying MIFARE Plus or MIFARE DESFire to reduce the chances of attacks being successful and then to reduce the impact in the unlikely case that an attack was successful.
●This document does not describe security design for the backend of such systems, e.g. the way in which terminals are connected to the central IT system.
●This document was written with the scope of the chips that have the highest resistance against attacks. However, for other chips, like MIFARE DESFire EV1 (the predecessor MIFARE DESFire EV2) and MIFARE Ultralight the same considerations hold. For of MIFARE Classic there is a separate document, see [1], with some other countermeasures which are specific for that type of chip.
●In this document, the term „MIFARE card“ refers to a contactless card with an embedded MIFARE IC.

NXP

MIFARE DESFire EV2MIFARE Plus EV1

More

Part#

chips

More

More

Application note & Design Guide

More

More

Please see the document for details

More

More

English Chinese Chinese and English Japanese

22 April 2020

Rev. 2.1

AN10969;196521

217 KB

Data section preview(2pages)
- The full preview is over. If you want to read the whole 22 page document,please Sign in/Register -
Download
  • +1 Like
  • Add to Favorites

Recommend

All reproduced articles on this site are for the purpose of conveying more information and clearly indicate the source. If media or individuals who do not want to be reproduced can contact us, which will be deleted.

Integrated Circuits

Discrete Components

Connectors & Structural Components

Assembly UnitModules & Accessories

Power Supplies & Power Modules

Electronic Materials

Instrumentation & Test Kit

Electrical Tools & Materials

Mechatronics

Processing & Customization

Contact Us

Email: