MF1PLUSX0Y1_SDS

All information provided in this document is subject to legal disclaimers.

© NXP B.V. 2011. All rights reserved.

Product short data sheet

PUBLIC

Rev. 3.2 — 21 February 2011

163532

9 of 20

NXP Semiconductors

MF1PLUSx0y1

Mainstream contactless smart card IC

8.2.2 ISO/IEC 14443-4 Protocol

The ISO/IEC 14443-4 Protocol (also known as T=CL) is used in many processor cards.

This protocol is used for the MIFARE Plus with the following security levels:

level switch and originality function

8.3 Security level switching

The MIFARE Plus X offers a unique feature to support migration from CRYPTO1 based

systems to AES based operation. The migration on the card-side is done using different

security levels supporting different cryptographic algorithms and protocols. There are four

security levels:

and MIFARE Classic 4K) with optional AES authentication

authentication, communication secured by MIFARE CRYPTO1

The MIFARE CRYPTO1 uses session keys derived from the AES and MIFARE

CRYPTO1 authentication.

secured by AES encryption and an AES based MACing method

If the card is a L3 card the Commit Perso command will switch the card directly from

security level 0 to security level 3 instead of security level 1.

The security level switching (i.e. from security level 1 to security level 3) is performed

using the dedicated AES authentication switching keys.

The security level can only be switched from a lower to a higher level, never in the

opposite direction.

8.4 Security level 0

Security level 0 is the initial delivery configuration of the PICC. The card can be operated

either using the backwards compatibility protocol or the ISO/IEC 14443-4 protocol.

In this level, the card can be personalized including the programming of user data as well

as CRYPTO1 and/or AES keys. In addition, the originality function can be used.

The following mandatory AES keys must be written, using the Write Perso command

before the PICC can be switched to security level 1 or security level 3 (for L3 card).