 |
|
| If you can't view the Datasheet, Please click here to try to view without PDF Reader . |
|
|
|
| If you can't view the Datasheet, Please click here to try to view without PDF Reader . |
|
|
| Datasheet File OCR Text: |
| 1. general description nxp semiconductors have developed the mifare sam av1 (secure application module) for use with readers and terminals that have a smartcard slot for contact smartcards supporting iso/iec 7816 class a, class b and class c. the transport protocol complies with iso/iec 7816-3 (t=1 protocol ). instructions are coded according to iso/iec 7816-4. secured communication when used in combination with a reader ic supporting innovative "x" features, mifare sam av1 provides a significant boost in performance to the reader along with faster communication between reader and module. the "x" feature is a new way to use the sam in a system with sam connected to the microcontroller and the reader ic simultaneously. the connection between the sam and the reade r is performed using security protocols based on symmetr ic cryptography (tdea and aes). 2. features and benefits 2.1 cryptography �? supports mifare crypto1, tdea (tri ple des encryption algorithm) and aes cryptography �? supports mifare 1k, mifare 4k, mi fare desfire, mifare desfire ev1 �? secure storage of keys (key usage counters) �? 128 key entries for symmetric cryptography �? key diversification 2.2 communication �? up to four logical channels; simultaneous multiple card support �? secure host ? sam and back end ? sam communication with symmetric cryptography 3 pass authentication for confidentiality and integrity �? supports high speed baud rates up to 1.5 mbit/s �? supports iso 7816 baud rates �? true random number generator (trng) 2.3 delivery types �? available in wafer, pcm 1.1 module, or hvqfn package P5DF072EV2/t0pd4090 mifare sam av1 rev. 3.1 ? 14 june 2010 189731 product short data sheet public
P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 2 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 3. applications �? public transportation �? access management �? electronic toll collection �? car parking �? school and campus cards �? employee cards �? internet cafs �? loyalty 4. quick reference data 5. ordering information table 1. quick reference data symbol parameter conditions min typ max unit v dd supply voltage class a: 5 v range 4.5 5.0 5.5 v class b: 3 v range 2.7 3.0 3.3 v table 2. ordering information type number package name description version p5df072ew1/t0pd4090 ffc 8 inch wafer (sawn; 150 m thickness; on film frame carrier; electronic fail die marking according to secsii format) not applicable P5DF072EV2/t0pd4090 pcm1.1 contact chip card module (super 35 mm tape format, 8-contact) sot658-1 p5df072ehn/t0pd4090 hvqfn32 plastic therma l enhanced very thin quad flat package; no leads; 32 terminals; body 5 x 5 x 0.85 mm sot617-3 P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 3 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 6. block diagram 7. functional description 7.1 contact interface the pad assignment and the electrical characteristics are fully compliant with iso/iec 7816 (part 2 and part 3). the mifare sam av1 operates with class a, class b and class c interface devi ces. an internal charge pump provides the eeprom programming voltage. note that pad c6 is not a programming voltage input but is an output line for the clock signal for i 2 c-bus communication to the mfrc52x reader chip. pad c8 is used as the data line to the rea der chip. these two pads for connection to the mfrc52x are the only ones deviating from the iso standard pin assignment. 7.2 external clock freq uency and bit rates the basic operating frequency of the mifa re sam av1 is 3.5712 mhz. with this frequency the standard bit rates can be reached using iso/iec 7816 transmission factors f and d. the maximum specified bit rate in all cases is 1.5 mbit/s. 7.3 uid/serial number the sam ic features a 7 byte unique serial number that is programmed into a locked part of the non-volatile memory that is reserved for the manufacturer. th is uid is fixed and cannot be changed. the uid can be obtained by using the sam_getversion command. fig 1. block diagram 001aal95 2 c2 rst_n c3 clk_n c7 io1 i/o uart iso 7816 rom eeprom ram memory management unit secure microprocessor core clock generation clock filter security sensors reset generation voltage regulator timers 16-bit t0 16-bit t1 crc16 fast true random number generator crypto1 co- processor 3des co- processor aes co- processor P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 4 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.4 cryptography and key handling 7.4.1 des and 3des cryptography both des and 3des keys consisting of 112 bits are stored in strings of 16 bytes; 3des keys consisting of 168 bits are stored in strings of 24 bytes. 7.4.2 aes cryptography aes keys are stored in strings of 16 bytes or 24 byte s depending on whether it is an aes 128-bit key or an aes 192-bit key. aes always operates with 16 bytes. therefore data st reams are always padded to lengths that are multiples of 16 bytes. all cryptographic operations are done in cipher block chaining mode, which defines the result of the previous operation to be the init vector of the next cryptographic operation. for sending data the cbc send mode is appl ied, for receiving it is always cbc receive mode. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 5 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.4.3 mifare cryptography mifare keys are stored in the same space as aes and 3des keys using the following scheme: ? mifare standard key a in byte 0 to byte 5 of the 16 byte field ? key number (keyno) of the mifare stan dard key diversification key for mifare key a in byte 6 of the 16 byte field ? key version of the mifare standard key di versification key fo r mifare key a in byte 7 of the 16 byte field ? mifare standard key b in byte 8 to byte 13 of the 16 byte field ? keyno of the mifare standard key diversif ication key for mifare key b in byte 14 of the 16 byte field ? key version of the mifare standard key di versification key fo r mifare key b in byte 15 of the 16 byte field remark: mifare key versions can only be stored for a key pair a and b. 7.4.4 key versioning the mifare sam av1 reserves three bytes in a key entry to store the version of the three available keys in the entry. this version byte contains the key version for all kinds of keys (des, 3des, aes and mifare). the version in formation must be included se parately in every key entry of type aes or mifare wh en it is updated by the changekeyentry command. 7.4.5 key diversification mechanisms a main feature of the mifare sam av1 allows diversification of an y kind of keys (aes, des, 3des and mifare). the following diversification mechanisms are implemented: ? diversification of mifare keys using a 3des key ? diversification of 3des keys using the key to diversify itself ? diversification of aes keys using the key to diversify itself 7.4.6 key storage the mifare sam av1 uses a key storage table (kst) in order to store and manage keys and attributes related to keys. the kst holds 128 entries. every entry cont ains positions to store three (3)des, two 3key3des, three aes128, tw o aes192 or six mifare keys plus their attributes. every key entry is referred to by its index, the keyno. 7.4.6.1 key reference number keyno is the index of the entry in the kst and can have the value 00h to 7fh. keyno 00h is defined as the sam master key: ? the three/two key versions stored in keyno 00h are used for host authentication after reset in case bit 10 of the configuration settings set of key 00h is set to logic 1 P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 6 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.4.7 key usage counters in order to count and limit the number of authentications a key entry can be used for, mifare sam av1 stores a table of 16 key usag e counter entries, 00h to 0fh, which are automatically incremented each time a defined key entry is used for authentication. 7.4.7.1 reference number the property refnokuc codes the reference number of the key usage counter. refnokuc is the index of the entry in the table and can have the value 00h to 0fh, therefore 16 key usage counters can be stored. 7.4.7.2 limit this field stores the current limit for this key usage counter. it is only possible to use a key that is linked to this counter for authenticatio n if the current value (s ee below) is smaller than the current limit. as soon as the current value is equal to, or higher than, the current limit, the usage of all key entries linked to this counter is prohibited. if the limit is changed to a valu e lower than the current value, the usage of all key entries linked to this counter is prohibited. 7.4.7.3 key reference number to change the current kuc entry in order to change the kuc, a successful au thentication by the host application of the sam is necessary. the keynockuc defines t he reference number of the kst which is used for this. please refer to the descrip tion of the sam_authent icate_host command. 7.5 mifare sam av1 command set 7.5.1 sam configuration commands sam_disablecrypto this command allows the permanent and irreversible disabling of the cryptographic functionality of the sam. 7.5.2 sam key handling commands sam_changekeyentry this command updates any key entry of the kst. sam_getkeyentry the sam_getkeyentry command allows reading t he contents of the key entry specified in the parameter keyno. sam_changekucentry this command updates any key usage counter entry stored in the mifare sam av1. always the limit, keynockuc and keyvckuc have to be sent. sam_getkucentry the sam_getkucentry command allows readi ng the data of the key usage counter entry specified within th e parameter refnokuc. this command can be issued witho ut valid (host) authentication. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 7 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 sam_changekeypicc this command generates the cryptogram that has to be sent to the picc in order to change any key stored in the picc. both the current and the new key need to be stored in the kst to execute this comma nd. this means a new picc key needs to be loaded into the sam prior to i ssuing this command. sam_dumpsessionkey the command sam_dumpsessionkey can be used to retrieve the session key generated by the sam. the session key could be retrieved either in plain or encrypted with the session key of any logical channel. a crc is appended before encryption as usual. sam_disablekeyentry the sam_disablekeyentry command disables a key entry. after executing this command, the corresponding disable flag in the key entry is set and the key entry cannot be used anymore for authentic ation and key change procedur es. the key entry can still be read by a sam_getkeyentry command. to r eactivate the entry, a sam_changekeyentry command has to be issued. a ll fields in the key entry ca n still be changed by this command even if the entry has been disabled. sam_changekeymifare this command is intended to change a key in a mifare card. the command allows: ? a prepared encrypted stream to be written to a mifare 1k or 4k card containing the desired keys and the given access conditions ? reading out a single mifare key to be used for any kind of mifare transaction in a host system directly in the latter case, the key can be retrieved encrypted from the sam using the current available session key of the channel (host authentication required). the first case requires an active mifare authentication for produc ing the stream to be sent to the card. 7.5.3 sam security related commands sam_authenticatehost the command sam_authenticatehost is used to run a mutual 3-pass authentication between the sam and host system. sam_selectapplication the command sam_selectapplication is the equivalent of the selectapplication command of desfire. the sam generates a list of available keys linked to the specified application id as defined in the key entry property ?df_aid?. sam_authenticatepicc in this procedure both the picc as well as the sam device show in an encrypted way that they posses the same secret which especially means the same key. this procedure not only confirms that both entiti es are permitted to do operations on each other but also creates a session key which can be used to keep the further commu nication path secure. as the name ?session key? implicitly indica tes, each time a new aut hentication procedure is successfully completed a new key for fu rther cryptographic operations is obtained. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 8 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 sam_loadinitvector the command sam_loadinitvector is used to load an init vector for the next cryptographic operation into the mifare sam av1. the loaded init vector will be ap plied in the next cryptographi c operation independent from the ?keep iv? setting of the key entry except for the authenticati on commands where the init vector is reset to zero. sam_authenticatemifare in this procedure, both the mifare card as well as the sam device show in an encrypted way that they possess the same secret which especially means the same key. sam_killauthentication invalidates any kind of authentication in the logical channel th e command is issued. sam_isoauthenticatepicc in this procedure both the picc as well as the sam device show in an encrypted way that they posses the same secret which especially means the same key. this procedure not only confirms that both entities are permitted to operate on each other but also creates a session key which can be used to keep the communication path secure. as the name ?session key? implicitly in dicates, each time a new authentication procedure is successfully completed a new key for further cryptographic operations is obtained. sam_isogetchallenge this is the first part of an iso compliant authentication sequence returning a random number. the command can obviously also be used for simply generating a random number but it has to be taken into account th at the sam internally is set into a state indicating that an authentication procedure is ongoing. consequently, the command that is called after getting the random number is aborted (except sam_isoexternalauthenticate). after aborting, the sam resets its state and returns to normal operation. for a complete and valid authentication procedure, the three commands sam_isogetchallenge, sam_isoexternalauthent icate and sam_isointernalauthenticate have to be called subsequently without interrupting the sequence by another command. sam_isoexternalauthenticate this command is part of an iso compli ant authentication procedure consisting of sam_isogetchallenge, sam_isoex ternalauthenticate and sam _isointernalauthenticate. it can be used by a host for authenticating the sam. such an authentication proves that both th e sam and the host contain the same secret, namely a des, 3des or aes key, and generates a se ssion key for furt her cryptographic operations. sam_isointernalauthenticate this command is part of an iso compli ant authentication procedure consisting of sam_isogetchallenge, sam_isoex ternalauthenticate and sam _isointernalauthenticate. it can be used by a host for authenticating the sam. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 9 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 such an authentication proves that both th e sam and the host contain the same secret, namely a des, 3des or aes key, and generates a se ssion key for furt her cryptographic operations. 7.5.4 sam data processing commands sam_verify_mac the sam_verify_mac command verifies the ma c which was sent by the desfire picc or any other system based on the given mace d plain text data and the currently valid cryptographic key. to do so, the plain data is enciphered in cipher block chaining send mode. padding bytes (if applicable) are generated internally for cryptographic operation. sam_generate_mac the sam_generate_mac command creates a mac which is meant to be sent to the desfire picc or any other system based on th e given plain text data and the currently valid cryptographic key. to do so, the plain data is enciphered in cipher block chaining send mode. padding bytes (if applicable) are appended automatically for cryptographic operations but are not transmitted. sam_decipher_data the sam_decipher_data command deciphers data packages sent by a desfire picc, any other system or a mifare card based on the currently valid cryptographic key and returns plain data to the pcd. to do so, the plain data is deciphered in cbc receive mode. crc and padding bytes are checked for validity automatically. sam_encipher_data the sam_encipher_data command creates data packages which are meant to be sent to a desfire picc or any other system based on the given plain text data and the currently valid cryptographic key. to do so, the plain data is enciphered in cipher block chaining send mode. crc and padding bytes are appended automatically. 7.5.5 sam general commands sam_getversion the sam_getversion command returns manufacturing related data of the sam. 7.5.6 sam power saving commands sam_sleep forces the sam to put a connected mfrc52x into sleep mode and itself into idle mode to reduce power consumption. the sam will answer the command and afte rwards switch to idle mode. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 10 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.5.7 mfrc52x control commands rc_readregister read the content of one or more register(s) of the connected reader chip. the command allows the reading of 255 registers with one command. if a register address is listed more than once in the data field, the content of this register will be re-read every time. the sam does not check if the address of the mfrc52x is a valid register address. rc_writeregister write the content of one or more regi ster(s) of the connected reader chip. the command allows the writing to 127 registers with one command. if a register address with its related content is listed more than once in the data field, the content of this register will be re-written every time. the sam will not check if the address of the mfrc52x is a valid register address. rc_rfcontrol this command allows the radio frequency field to be turned off and on. the basic behavior is the reset functionality wher e the controller turns off the field for the time given in the data field. if a zero value is passed, the field is totally turned off. after turning off the field, to turn it on again, the command can be issued with any value other than zero. take into account that the passed time value also in this case will force the sam to wait this additional time until turning on the field again. the unit for the time value is milliseconds. rc_init establishes the serial connection between sam and mfrc52x and initializes the reader chip with the register values stored in the selected register value set. rc_loadregistervalueset stores a customer defined register value set for the mfrc52x in the non-volatile memory of the sam. this set can then be used for initializing the reader chip with the rc_init command. the address and the related value for the register have to be placed consecutively in the command data field of the apdu. a register value set can store a ma ximum of 31 initialization values. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 11 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.5.8 iso14443-3 type a card activation commands iso14443-3_request_wakeup issue a request or wake-up command. iso14443-3_anticollision_select perform bit-wise anticollision and select. t he anticollision and the following select are performed according to the select code in the data field. the selection can be carried out for a vari able amount of cascade levels. the select codes have to be listed in th e data field subsequently. t he sam will take the parameters exactly and use them as select code. therefore to fully select a card with a triple uid, the data field has to be of three bytes length indicating 93h, 95h and 97h whereas the data field has to be of one byte length indicating 93h if a single size uid card is to be selected. if the select code indicates a cascade level of 93h and 95h, and the uid of the card consists only of four byte s, the sam exits th e command and re turns the sak and the uid of the card. if the select code indicates a cascade level of 93h, and the uid consists of more than four bytes, the sam also exits the command and re turns the sak and the first three bytes of the uid but indicates with a sp ecial return code th e incompleteness of the uid separately. the caller has then to take care about cont inuing the procedure on his own by calling the command once more with a highe r select code. the uid bytes already returned will not be returned a second time. the same applies for a select code of 95h if the uid is of ten bytes length (suggest that a selection with code 93h is implemented first). iso14443-3_activateidle carries out one or several request - anticollis ion - select sequences and returns the sak and the uid of the selected card(s). the atqa is returned for every request issued, this means for every newly activated card. due to the fact that the resulting atqa is the or-function of all atqas, the value may change frequently. iso14443-3_activatewakeup the command reactivates and selects a card that has previously been set to halt state. the command takes the uid of the card to reactivate. iso14443-3_halta the command puts a selected card into halt state. iso14443-3_transparentexchange exchange bytes/bits transparently. the sam takes the user data and sends it without changing, inserting or appending any content to the contactless card. appending a crc, time-out settings, etc. have to be configured by directly writing to the mfrc52x registers. take into account that switching settings of the reader chip influence all subsequent sam commands proposing the correct reader ch ip settings, i.e. iso14443-4_exchange. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 12 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 7.5.9 mifare commands mf_authenticate performs an authentication with a mifare ca rd. the mifare key has to be stored in the sam and is referenced by a parameter in the command data field. the key can be diversified if necessary. mf_read read one or several blocks of a mifare card and return the data. if more than one block is read, the sam accesses the blocks in th e same order as addresses listed in the command data field. the order of the returned data is the same as the order of addresses in the data field. mf_write write one or several blocks of a mifare card . if more than one block is written, the sam accesses the blocks in the same order as addresses listed in the command data field. the command supports writing 16 bytes encrypted for mifare 1k and 4k cards as well as writing 16 bytes or 4 bytes plain for mifare ultralight cards. the length can be selected by bit 0 of parameter byte p2. if 16 bytes bl ock write is selected, the sam decides whether encryption shall be used by checking the authe ntication state. if a mifare authentication has been completed, the data is encrypted. encrypted writing of 4 byte blocks is not supported. mf_valuewrite write one or several value blocks of a mifare ca rd. if more than one block is written, the sam accesses the blo cks in the same order as addresses listed in the command data field. since a mifare card uses 12 bytes fo r storing a four-byte value, the address to write in the last four bytes has to be sp ecified by the user (?address? parameter). mf_increment increment one or several value blocks on a mifare card. every increment is confirmed automatically by sending the transfer command directly afterwards. the user has to define the source address of the value block to be incremented and the destination address of the value block to store the result. if more than one block is incremented, the sam accesses the blocks in the same order as add resses listed in the command data field. if incrementing of a block fails , the sam returns the 4-bit stat us code of the mifare card in the lower nibble and the hexadecimal value ?f? in the higher nibble of the status byte sw2. no information about the block write error is provided. be aware that some blocks may have been updated already. mf_decrement decrement one or several value blocks on a mifare card. every decrement is confirmed automatically by sending the transfer comma nd directly afterwards. the user has to define the source address of the value block to be decremented and the destination address of the value block to store the result. if more than one block is decremented, the sam accesses the blo cks in the same order as addresses listed in the command data field. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 13 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 mf_restore copy one or several value blocks on a mifare card. if more than one block is copied, the sam accesses the blo cks in the same order as addresses listed in the command data field. the order of the status code is the same as the order of addresses in the data field. if copying of a block fails, the sam returns the 4- bit status code of the mifare card in the lower nibble and the hexadecimal value ?f? in th e higher nibble of the status byte sw2. no information about the block write error is prov ided. be aware that some blocks may have been updated already. mf_authenticateread performs an authentication with subsequent reading of blocks on a mifare card. the command allows authenticating and reading several differen t blocks on the card within one command. several blocks can be read without re-authenticating, but also several blocks with different authentications. for each block address needing a new authentication, the key to authenticate with and whether it shall be diversified has to be specified. if a key is used for accessing different blocks but a new authentication is necessary, these blocks have to be listed cons ecutively in the data field and the re-use to be indicated by a flag. if more than one block is read, the sam accesses the blocks in the same order as addresses listed in the command data field. the order of the returned data is the same as the order of addresses in the data field. mf_authenticatewrite performs an authentication wit h subsequent writing of blocks on a mifare card. the command allows authenticating and writing seve ral different blocks on the card within one command. several blocks can be written without re-authenticating, but also several blocks with different authentications. for each bloc k address needing a new authentication, the key to authenticate with and whether it shall be diversified has to be specified. if a key is used for accessing different blocks, these blo cks have to be listed consecutively in the data field and the re-use to be indicated by a flag. if more than one block is written, the sam accesses the blo cks in the same order as addresses listed in the command data field. mf_changekey this command is intended to change a key in a mifare card. the command offers the possibility to prepare and write an encrypted data stream to a mifare 1k or 4k card containing the desired keys and the given ac cess conditions. the first case requires an active mifare authentication for producin g the stream to be sent to the card. 7.5.10 iso14443-4 type a commands iso14443-4_rats_pps execute a combined rats and pps sequence to prepare a card for t=cl data exchange. iso14443-4_init initialize the t=cl protocol. the intent of th is command is to configure the protocol for data exchanges. this is nece ssary if a card was already activated and configured for doing data exchanges without using the iso14443-4_rats_pps command. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 14 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 iso14443-4_exchange exchange bytes according to is o/iec 14443-4 t=cl protocol. iso14443-4_presencecheck check if an activated card is still in the field. iso14443-4_deselect deselect an activated card. th e cid is freed by this command . if the deselect fails, the cid will not be freed and cannot be used for activati ng another card. th is behavior might be overridden by setting a flag in the p1 byte. iso14443-4_freecid free one, more, or all currently assigned cids. this command might be necessary if several deselect commands failed and the cids we re not forced to be freed but the card is deactivated or no longer available in the field. 7.5.11 desfire related commands desfire_authenticatepicc in this procedure both the picc as well as the sam device, show in an encrypted way that they posses the same secret which especially means the same key. this procedure not only confirms that both entiti es are permitted to do operations on each other but also creates a session key which can be used to keep the communication path secure. as the name ?session key? implicitly indicates, ea ch time a new authentication procedure is successfully completed a new key for further cryptographic operations is obtained. desfire_changekeypicc this command generates the cryptogram that has to be sent to the picc in order to change any key stored in the picc. both the current and the new key need to be stored in the kst to execute this command. be aware that this command may have some limitations, see ref. 3 . desfire_writex write data encrypted or maced on a desfire picc. this command shall be used to issue the changekeysettings, writedata, credit , debit, limitedcredit or writerecord command. it takes the data to be sent to the desfire and applies the encryption or macing mechanism starting from an indicated i ndex. the user is responsible for providing the correct command frame including the command code, the parameter bytes and the plain data as specified for the desfire picc. the indication from which position on the crypto mechanism shall be app lied will normally be the firs t data byte of the command frame. the sam will automatically adapt the am ount of bytes to send to the picc after encryption of data or adding the mac, respectively. desfire_readx read encrypted or maced data from the desfire picc. this command shall be used to issue the readdata, getvalue, or readrecords command. it takes the data to be sent to the desfire and applies the decryption and mac verification mechanism to the received data. afterwards the sam returns the decryp ted or verified plain data. the user is responsible for providing the correct command frame including the command code and the parameter bytes as spec ified for the desfire picc. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 15 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 8. limiting values [1] stresses beyond those listed may cause permanent damage to the device. these are stress ratings only and functional operation of the devic e at these or any other condi tions beyond those indicated under ?recommended operating conditions? is not implied. exposure to absolute maxi mum rated conditions for extended periods may affect device reliability. [2] mil standard 883-d method 3015; human body model; c = 100 pf, r = 1.5 k ; t amb = ? 25 to +85 c. [3] depending on appropriate thermal resistance of the package. 9. abbreviations table 3. limiting values [1] in accordance with the absolute maximum rating system (iec 60134). voltages are referenced to vss (ground = 0 v). symbol parameter conditions min max unit v dd supply voltage ? 0.5 +6.0 v v i input voltage on any signal pad ? 0.5 v dd + 0.5 v i i input current dc; on pads io1, io2 or io3 - 15.0 ma i o output current dc; on pads io1, io2 or io3 - 15.0 ma i lu latch-up current v i <0vorv i >v dd - 100 ma v esd electrostatic discharge voltage on pads vdd, vss, clk, rst, io1, io2, io3 [2] - 4.0 kv p tot /pack total power dissipation per package [3] -1 w table 4. abbreviations acronym description aes advanced encryption standard aid application identifier apdu application protocol data unit appdata application data atr answer to reset ats answer to select atqa answer to request, type a authent authentication auth mode authentication mode cbc cipher block chaining cid card identifier cmdcode command code cmdsettings command settings crc cyclic redundancy check curval current value of key usage counter cwt character waiting time des data encryption standard P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 16 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 df_aid desfire aid df_keyno desfire key number dfkeyno desfire key number div diversification dri divisor receive integer dsi divisor send integer eeprom electrically erasable pr ogrammable re ad only memory ekno(x) encrypted number ?x? ek(x) encrypted ?x? fifo first in first out fips federal information processing standard fsc frame size for card fsci frame size for card integer fsd frame size for device fsdi frame size for device integer fwi frame waiting time integer ins instruction code iso international organization for standardization iv initial vector keycompmeth key compilation method keyno key reference number keynocek key reference number of change entry key keynockuc key reference number to change the current kuc entry keynom key reference number of mifare key keyv key version keyvcek key version of change entry key keyvckuc key version to change the current kuc entry keyvm key version of mifare key kst key storage table kuc key usage counter lfi last frame indicator loadreg number of register value set to be loaded lrc longitudinal redundancy check lsb least significant byte mac message authentication code mad mifare application directory msb most significant byte pcd proximity coupling device picc proximity integrated circuit card pps protocol and parameter selection promas programming mask table 4. abbreviations ?continued acronym description P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 17 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 10. references [1] data sheet ? P5DF072EV2/t0pd4090 mifare sam av1, bu-id document number: 1297** 1 [2] data sheet ? mf3icd81 mifare desfire func tional specification, bu-id document number: 1340** [3] application note ? mifare sam av1 - features and hints, bu-id document number: 1654** [4] reader software library ? desfire ev1 sam library, bu-id document number: 1553** [5] demo software ? mifare discover pc demo software for mifare sam av2, bu-id document number: 1866** rats request for answer to select refnokuc reference number of kuc regaddress register address regcontent register content reqa request command, type a rfu reserved for future use rnda random number a rnda? random number a rotated left over 1 byte rndb random number b rndb? random number b rotated left over 1 byte sak select acknowledged sam secure application module sel select code set configuration settings for kst entry sn serial number storereg number of register value set to be stored sw status word uid unique identifier wupa wake-up command, type a xor exclusive or table 4. abbreviations ?continued acronym description 1. ** document version number. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 18 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 11. revision history table 5. revision history document id release date data sheet status change notice supersedes P5DF072EV2/t0pd4090_sds_31 20100614 product short data sheet - 189730 modifications: ? minor text and standardization modifications 189730 20100415 product short data sheet - - P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 19 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 12. legal information 12.1 data sheet status [1] please consult the most recently issued document before initiating or completing a design. [2] the term ?short data sheet? is explained in section ?definitions?. [3] the product status of device(s) described in this document may have changed since this document was published and may differ in case of multiple device s. the latest product status information is available on the internet at url http://www.nxp.com . 12.2 definitions draft ? the document is a draft versi on only. the content is still under internal review and subject to formal approval, which may result in modifications or additions. nxp semiconductors does not give any representations or warranties as to the accuracy or completeness of information included herein and shall hav e no liability for the consequences of use of such information. short data sheet ? a short data sheet is an extract from a full data sheet with the same product type number(s) and title. a short data sheet is intended for quick reference only and should not be relied upon to contain detailed and full information. for detailed and full information see the relevant full data sheet, which is available on request vi a the local nxp semiconductors sales office. in case of any inconsistency or conflict with the short data sheet, the full data sheet shall prevail. product specification ? the information and data provided in a product data sheet shall define the specification of the product as agreed between nxp semiconductors and its customer , unless nxp semiconductors and customer have explicitly agreed otherwis e in writing. in no event however, shall an agreement be valid in which the nxp semiconductors product is deemed to offer functions and qualities beyond those described in the product data sheet. 12.3 disclaimers limited warranty and liability ? information in this document is believed to be accurate and reliable. however, nxp semiconductors does not give any representations or warranties, expressed or implied, as to the accuracy or completeness of such information and shall have no liability for the consequences of use of such information. in no event shall nxp semiconductors be liable for any indirect, incidental, punitive, special or consequential damages (including - without limitation - lost profits, lost savings, business interrupt ion, costs related to the removal or replacement of any products or rework charges) whether or not such damages are based on tort (including negligence), warranty, breach of contract or any other legal theory. notwithstanding any damages that customer might incur for any reason whatsoever, nxp semiconductors? aggregate and cumulative liability towards customer for the products described herein shall be limited in accordance with the terms and conditions of commercial sale of nxp semiconductors. right to make changes ? nxp semiconductors reserves the right to make changes to information published in this document, including without limitation specifications and product descriptions, at any time and without notice. this document supersedes and replaces all information supplied prior to the publication hereof. suitability for use ? nxp semiconductors products are not designed, authorized or warranted to be suitable for use in life support, life-critical or safety-critical systems or equipment, nor in applications where failure or malfunction of an nxp semiconductors product can reasonably be expected to result in personal injury, death or severe property or environmental damage. nxp semiconductors accepts no liability for inclusion and/or use of nxp semiconductors products in such equipment or applications and therefore such inclusion and/or use is at the customer?s own risk. applications ? applications that are described herein for any of these products are for illustrative purpos es only. nxp semiconductors makes no representation or warranty that such applications will be suitable for the specified use without further testing or modification. customers are responsible for the design and operation of their applications and products using nxp semiconductors products, and nxp semiconductors accepts no liability for any assistance with applications or customer product design. it is customer?s sole responsibility to determine whether the nxp semiconductors product is suitable and fit for the customer?s applications and products planned, as well as fo r the planned application and use of customer?s third party customer(s). customers should provide appropriate design and operating safeguards to minimize the risks associated with their applications and products. nxp semiconductors does not accept any liability related to any default, damage, costs or problem which is based on any weakness or default in the customer?s applications or products, or the application or use by customer?s third party customer(s). customer is responsible for doing all necessary testing for the customer?s applic ations and products using nxp semiconductors products in order to av oid a default of the applications and the products or of the application or use by customer?s third party customer(s). nxp does not accept any liability in this respect. limiting values ? stress above one or more limiting values (as defined in the absolute maximum ratings system of iec 60134) will cause permanent damage to the device. limiting values are stress ratings only and (proper) operation of the device at these or any other conditions above those given in the recommended operating conditions section (if present) or the characteristics sections of this document is not warranted. constant or repeated exposure to limiting values will permanently and irreversibly affect the quality and reliability of the device. terms and conditions of commercial sale ? nxp semiconductors products are sold subject to the gener al terms and conditions of commercial sale, as published at http://www.nxp.com/profile/terms , unless otherwise agreed in a valid written individual agreement. in case an individual agreement is concluded only the terms and conditions of the respective agreement shall apply. nxp semiconductors hereby expressly objects to applying the customer?s general terms and conditions with regard to the purchase of nxp semiconducto rs products by customer. no offer to sell or license ? nothing in this document may be interpreted or construed as an offer to sell products t hat is open for acceptance or the grant, conveyance or implication of any lic ense under any copyrights, patents or other industrial or intellectual property rights. export control ? this document as well as the item(s) described herein may be subject to export control regulations. export might require a prior authorization from national authorities. document status [1] [2] product status [3] definition objective [short] data sheet development this document contains data from the objecti ve specification for product development. preliminary [short] data sheet qualification this document contains data from the preliminary specification. product [short] data sheet production this docu ment contains the product specification. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 20 of 22 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 quick reference data ? the quick reference data is an extract of the product data given in the limiting values and characteristics sections of this document, and as such is not comple te, exhaustive or legally binding. non-automotive qualified products ? unless this data sheet expressly states that this specific nxp semicon ductors product is automotive qualified, the product is not suitable for automotive use. it is neither qualified nor tested in accordance with automotive testing or application requirements. nxp semiconductors accepts no liabili ty for inclusion and/or use of non-automotive qualified products in automotive equipment or applications. in the event that customer uses t he product for design-in and use in automotive applications to automotive s pecifications and standards, customer (a) shall use the product without nxp semiconductors? warranty of the product for such automotive applicat ions, use and specifications, and (b) whenever customer uses the product for automotive applications beyond nxp semiconductors? specifications such use shall be solely at customer?s own risk, and (c) customer fully in demnifies nxp semi conductors for any liability, damages or failed product claims resulting from customer design and use of the product for automotive appl ications beyond nxp semiconductors? standard warranty and nxp semicond uctors? product specifications. 12.4 licenses 12.5 trademarks notice: all referenced brands, produc t names, service names and trademarks are the property of their respective owners. i 2 c-bus ? logo is a trademark of nxp b.v. mifare ? is a trademark of nxp b.v. desfire ? is a trademark of nxp b.v. 13. contact information for more information, please visit: http://www.nxp.com for sales office addresses, please send an email to: salesaddresses@nxp.com ics with dpa countermeasures functionality nxp ics containing functionality implementing countermeasures to differential power analysis and simple power analysis are produced and sold under applicable license from cryptography research, inc. P5DF072EV2/t0pd4090_sds_31 all information provided in this document is subject to legal disclaimers. ? nxp b.v. 2010. all rights reserved. product short data sheet public rev. 3.1 ? 14 june 2010 189731 21 of 22 continued >> nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 14. contents 1 general description . . . . . . . . . . . . . . . . . . . . . . 1 2 features and benefits . . . . . . . . . . . . . . . . . . . . 1 2.1 cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2.2 communication. . . . . . . . . . . . . . . . . . . . . . . . . 1 2.3 delivery types . . . . . . . . . . . . . . . . . . . . . . . . . . 1 3 applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 4 quick reference data . . . . . . . . . . . . . . . . . . . . . 2 5 ordering information . . . . . . . . . . . . . . . . . . . . . 2 6 block diagram . . . . . . . . . . . . . . . . . . . . . . . . . . 3 7 functional description . . . . . . . . . . . . . . . . . . . 3 7.1 contact interface. . . . . . . . . . . . . . . . . . . . . . . . 3 7.2 external clock frequency and bit rates . . . . . . . 3 7.3 uid/serial number. . . . . . . . . . . . . . . . . . . . . . . 3 7.4 cryptography and key handling . . . . . . . . . . . . 4 7.4.1 des and 3des cryptography . . . . . . . . . . . . . . 4 7.4.2 aes cryptography. . . . . . . . . . . . . . . . . . . . . . . 4 7.4.3 mifare cryptography . . . . . . . . . . . . . . . . . . . 5 7.4.4 key versioning . . . . . . . . . . . . . . . . . . . . . . . . . 5 7.4.5 key diversification mechanisms . . . . . . . . . . . . 5 7.4.6 key storage . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 7.4.6.1 key reference number . . . . . . . . . . . . . . . . . . . 5 7.4.7 key usage counters . . . . . . . . . . . . . . . . . . . . . 6 7.4.7.1 reference number . . . . . . . . . . . . . . . . . . . . . . 6 7.4.7.2 limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.4.7.3 key reference number to change the current kuc entry . . . . . . . . . . . . . . . . . . . . . . . 6 7.5 mifare sam av1 command set . . . . . . . . . . . 6 7.5.1 sam configuration commands . . . . . . . . . . . . . 6 sam_disablecrypto . . . . . . . . . . . . . . . . . . . . . .6 7.5.2 sam key handling commands . . . . . . . . . . . . . 6 sam_changekeyentry. . . . . . . . . . . . . . . . . . . .6 sam_getkeyentry . . . . . . . . . . . . . . . . . . . . . . .6 sam_changekucentry . . . . . . . . . . . . . . . . . . .6 sam_getkucentry . . . . . . . . . . . . . . . . . . . . . .6 sam_changekeypicc . . . . . . . . . . . . . . . . . . .7 sam_dumpsessionkey . . . . . . . . . . . . . . . . . . .7 sam_disablekeyentry . . . . . . . . . . . . . . . . . . . .7 sam_changekeymifare . . . . . . . . . . . . . . . . .7 7.5.3 sam security related commands . . . . . . . . . . . 7 sam_authenticatehost . . . . . . . . . . . . . . . . . . .7 sam_selectapplication . . . . . . . . . . . . . . . . . . .7 sam_authenticatepicc . . . . . . . . . . . . . . . . . . .7 sam_loadinitvector. . . . . . . . . . . . . . . . . . . . . .8 sam_authenticatemifare . . . . . . . . . . . . . . . .8 sam_killauthentication . . . . . . . . . . . . . . . . . . .8 sam_isoauthenticatepicc . . . . . . . . . . . . . . . .8 sam_isogetchallenge . . . . . . . . . . . . . . . . . . . .8 sam_isoexternalauthenticate . . . . . . . . . . . . . . 8 sam_isointernalauthenticate . . . . . . . . . . . . . . 8 7.5.4 sam data processing commands . . . . . . . . . . 9 sam_verify_mac . . . . . . . . . . . . . . . . . . . . . . . 9 sam_generate_mac . . . . . . . . . . . . . . . . . . . . 9 sam_decipher_data . . . . . . . . . . . . . . . . . . . . . 9 sam_encipher_data . . . . . . . . . . . . . . . . . . . . . 9 7.5.5 sam general commands . . . . . . . . . . . . . . . . . 9 sam_getversion . . . . . . . . . . . . . . . . . . . . . . . . 9 7.5.6 sam power saving commands . . . . . . . . . . . . 9 sam_sleep . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 7.5.7 mfrc52x control commands . . . . . . . . . . . . 10 rc_readregister . . . . . . . . . . . . . . . . . . . . . . 10 rc_writeregister . . . . . . . . . . . . . . . . . . . . . . 10 rc_rfcontrol . . . . . . . . . . . . . . . . . . . . . . . . . 10 rc_init . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 rc_loadregistervalueset . . . . . . . . . . . . . . . 10 7.5.8 iso14443-3 type a card activation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 iso14443-3_request_wakeup . . . . . . . . . . . . 11 iso14443-3_anticollision_select. . . . . . . . . . . 11 iso14443-3_activateidle . . . . . . . . . . . . . . . . . 11 iso14443-3_activatewakeup . . . . . . . . . . . . . 11 iso14443-3_halta. . . . . . . . . . . . . . . . . . . . . . 11 iso14443-3_transparentexchange . . . . . . . . 11 7.5.9 mifare commands . . . . . . . . . . . . . . . . . . . . 12 mf_authenticate . . . . . . . . . . . . . . . . . . . . . . . 12 mf_read . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 mf_write . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 mf_valuewrite . . . . . . . . . . . . . . . . . . . . . . . . 12 mf_increment . . . . . . . . . . . . . . . . . . . . . . . . . 12 mf_decrement . . . . . . . . . . . . . . . . . . . . . . . . 12 mf_restore . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 mf_authenticateread . . . . . . . . . . . . . . . . . . . 13 mf_authenticatewrite . . . . . . . . . . . . . . . . . . . 13 mf_changekey . . . . . . . . . . . . . . . . . . . . . . . . 13 7.5.10 iso14443-4 type a commands . . . . . . . . . . . 13 iso14443-4_rats_pps. . . . . . . . . . . . . . . . . 13 iso14443-4_init. . . . . . . . . . . . . . . . . . . . . . . . 13 iso14443-4_exchange . . . . . . . . . . . . . . . . . . 14 iso14443-4_presencecheck . . . . . . . . . . . . . 14 iso14443-4_deselect . . . . . . . . . . . . . . . . . . . 14 iso14443-4_freecid . . . . . . . . . . . . . . . . . . . 14 7.5.11 desfire related commands. . . . . . . . . . . . . . 14 desfire_authenticatepicc. . . . . . . . . . . . . . . 14 desfire_changekeypicc . . . . . . . . . . . . . . . 14 desfire_writex. . . . . . . . . . . . . . . . . . . . . . . . 14 desfire_readx . . . . . . . . . . . . . . . . . . . . . . . 14 nxp semiconductors P5DF072EV2/t0pd4090 mifare sam av1 ? nxp b.v. 2010. all rights reserved. for more information, please visit: http://www.nxp.com for sales office addresses, please se nd an email to: salesaddresses@nxp.com date of release: 14 june 2010 189731 please be aware that important notices concerning this document and the product(s) described herein, have been included in section ?legal information?. 8 limiting values. . . . . . . . . . . . . . . . . . . . . . . . . 15 9 abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . 15 10 references . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 11 revision history . . . . . . . . . . . . . . . . . . . . . . . . 18 12 legal information. . . . . . . . . . . . . . . . . . . . . . . 19 12.1 data sheet status . . . . . . . . . . . . . . . . . . . . . . 19 12.2 definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 12.3 disclaimers . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 12.4 licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 12.5 trademarks. . . . . . . . . . . . . . . . . . . . . . . . . . . 20 13 contact information. . . . . . . . . . . . . . . . . . . . . 20 14 contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 |
Price & Availability of P5DF072EV2
 |
|
|
|
|
All Rights Reserved © IC-ON-LINE 2003 - 2022 |
| [Add Bookmark] [Contact Us] [Link exchange] [Privacy policy] |
|
Mirror Sites : [www.datasheet.hk]
[www.maxim4u.com] [www.ic-on-line.cn]
[www.ic-on-line.com] [www.ic-on-line.net]
[www.alldatasheet.com.cn]
[www.gdcy.com]
[www.gdcy.net] |