Search code examples
authenticationcryptographyaesmifaredesfire

Authenticate Mifare DESFire

I try to Authenticate on a Mifare DESFire chip via PC/SC. sofar I could select the Application but now I´m stuck at calculating the RndA_dec.

I use his/her code And try to reconstruate the following example:

    *** Authenticate(KeyNo= 0, Key= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (AES))
Sending:  00 00 FF 05 FB <D4 40 01 AA 00> 41 00
Response: 00 00 FF 14 EC <D5 41 00 AF ED DA F0 C5 D9 A7 CF 42 B8 80 8B E2 01 38 99 A1> 16 00
* RndB_enc:  ED DA F0 C5 D9 A7 CF 42 B8 80 8B E2 01 38 99 A1
* RndB:      D8 10 00 44 4B 97 6F 48 34 0D CD E3 4D 7A B1 7C
* RndB_rot:  10 00 44 4B 97 6F 48 34 0D CD E3 4D 7A B1 7C D8
* RndA:      C2 A1 E4 7B 96 A5 58 9F AA E9 0C 03 FE 6D 00 A7
* RndAB:     C2 A1 E4 7B 96 A5 58 9F AA E9 0C 03 FE 6D 00 A7 10 00 44 4B 97 6F 48 34 0D CD E3 4D 7A B1 7C D8
* RndAB_enc: D8 10 5F 87 4E 2C A5 7B 76 C3 54 A8 06 6B 0D 78 80 B0 C4 EC 39 9D BF 25 34 38 DB 46 D7 5F 8F 60
Sending:  00 00 FF 24 DC <D4 40 01 AF D8 10 5F 87 4E 2C A5 7B 76 C3 54 A8 06 6B 0D 78 80 B0 C4 EC 39 9D BF 25 34 38 DB 46 D7 5F 8F 60> 5D 00
Response: 00 00 FF 14 EC <D5 41 00 00 45 9C 76 B7 1A B9 F1 73 64 13 F5 AC D7 3E 7D F9> 02 00
* RndA_enc:  45 9C 76 B7 1A B9 F1 73 64 13 F5 AC D7 3E 7D F9
* RndA_dec:  A1 E4 7B 96 A5 58 9F AA E9 0C 03 FE 6D 00 A7 C2
* RndA_rot:  A1 E4 7B 96 A5 58 9F AA E9 0C 03 FE 6D 00 A7 C2
* SessKey:   C2 A1 E4 7B D8 10 00 44 FE 6D 00 A7 4D 7A B1 7C (AES)

But with the following input Key and InitVector, I get this exception:

var key = StringToByte("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
var initVector = StringToByte("00 00 00 00 00 00 00 00");

enter image description here

When I use a 16 Byte initvector I get the following Exception at this line:

   var RndA = StringToByte("C2 A1 E4 7B 96 A5 58 9F AA E9 0C 03 FE 6D 00 A7");
   ShowBytes(RndA, "RndA");

   var RndA_dec = decryptor.TransformFinalBlock(RndA, 0, RndA.Length);
   ShowBytes(RndA_dec, "RndA_dec");

enter image description here

My first question is: Should I change the CryptoServiceProvider from 3DES to AES when I want to Authent with AES? Second Question: How to calculate the right input?

Solution

  • I´ve found the solution with this post: www.mifare.net

    enter image description here