OMO ElectronicOMO Electronic
Expand menu
Hello, Sign inMy Account
0 Cart

MF1SPLUS6001DA4/03

P1-P3P4-P6P7-P9P10-P12P13-P15P16-P17
MF1SPLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
187032 7 of 17
NXP Semiconductors
MF1SPLUSx0y1
Mainstream contactless smart card IC
There are three different versions of the PICC. The UID is programmed into a locked part
of the NV-memory which is reserved for the manufacturer:
unique 7-byte serial number
unique 4-byte serial number
non-unique 4-byte serial number
Due to security and system requirements, these bytes are write-protected after being
programmed by the PICC manufacturer at production.
Remark: The programmed 4-byte NUID serial number is not globally unique which has to
be considered in the contactless system design. See Ref. 11
for further information
regarding handling of UIDs.
The customer must decide which UID length to use when ordering the product, see
Table 2
for ordering information.
During personalization, the PICC can be configured to support Random ID in security
level 3. The user can configure whether Random ID or fixed UID shall be used. According
to ISO/IEC 14443-3 (see Ref. 5
), the first anticollision loop returns the Random Number
Tag 08h, the 3-byte Random Number and the BCC, if Random ID is used. The retrieval of
the UID in this case can be done using the Virtual Card Support Last command (see
Ref. 3
) or by reading out block 0.
8.2.1 Backwards compatibility protocol
The backwards compatibility of this product, as used in security level 1 and security
level 2, runs on the same protocol layer as MIFARE Classic 1K and MIFARE Classic 4K.
The protocol is formed out of the following components:
Frame definition: according to ISO/IEC 14443-3
Bit encoding: according to ISO/IEC 14443-2
Error code handling: handling is proprietary as error codes are formatted in half bytes.
Command specification: commands are proprietary. Please use the specification as in
Ref. 1
and Ref. 2 and the additional commands which are only implemented in
MIFARE Plus as described in this document and in Ref. 3
.
The following security levels can run on this protocol:
Security Level 0
Security Level 1
8.2.2 ISO/IEC 14443-4 Protocol
The ISO/IEC 14443-4 Protocol (also known as T=CL) is used in many processor cards.
This protocol is used for the MIFARE Plus with the following security levels:
Security Level 0: all commands
Security Level 1: only the security level switch and originality function.
Security Level 3: all commands
MF1SPLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
187032 8 of 17
NXP Semiconductors
MF1SPLUSx0y1
Mainstream contactless smart card IC
8.3 Security level switching
The MIFARE Plus S offers a unique feature to support migration from CRYPTO1 based
systems to AES based operation. The migration on the card-side is done using different
security levels supporting different cryptographic algorithms and protocols. There are
three security levels:
Security level 0: initial delivery configuration, used for card personalization
Security level 1: backwards functional compatibility mode (with MIFARE Classic 1K
and MIFARE Classic 4K) with an optional AES authentication
Security level 3: 3-Pass authentication based on AES, data manipulation commands
secured by AES encryption and an AES based MACing method.
The security level switching (i.e. from security level 1 to security level 3) is performed
using the dedicated AES authentication switching keys.
The security level can only be switched from a lower level to a higher level, never in the
opposite direction.
8.4 Security level 0
Security level 0 is the initial delivery configuration of the PICC. The card can be operated
either using the backwards compatibility protocol or the ISO/IEC 14443-4 protocol.
In this level, the card can be personalized including the programming of user data as well
as of CRYPTO1 and/or AES keys. In addition, the originality function can be used.
The following mandatory AES keys need to be written using the Write Perso command
before the PICC can be switched to security level 1 or security level 3 (for L3 card).
Security level switching is performed using the Commit Perso command:
Card Configuration Key
Card Master Key
Level 3 Switch Key
Using the originality function, it is possible to verify that the chip is a genuine
NXP Semiconductors MIFARE Plus.
8.5 Security level 1
Security level 1 offers the same functionality as a MIFARE Classic 1K and MIFARE
Classic 4K using the backwards compatibility protocol. The MIFARE Classic 1K and
MIFARE Classic 4K products are specified in Ref. 1
and Ref. 2.
Furthermore, an optional AES authentication is available in this level without affecting the
MIFARE Classic 1K and MIFARE Classic 4K functionality. The authenticity of the card can
be proven using strong cryptographic means with this additional functionality.
The timings may differ from the MIFARE Classic 1K and MIFARE Classic 4K products.
Using the originality function, it is possible to verify that the chip is a genuine
NXP Semiconductors MIFARE Plus.
MF1SPLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
187032 9 of 17
NXP Semiconductors
MF1SPLUSx0y1
Mainstream contactless smart card IC
8.6 Security level 3
The operation in security level 3 is solely based on the ISO/IEC 14443-4 protocol layer.
The usage of the backwards compatibility protocol is not possible.
In security level 3, a mandatory AES authentication between PICC and reader is
conducted, where two keys are generated as a function of the random numbers from the
PICC and the reader as well as of the shared key. These two session keys are used to
secure the data which is exchanged on the interface between the card and reader. One of
the two keys is used to ensure the confidentiality of the command and the response while
the other key ensures the integrity of the command and the response.
All commands carry a MAC, such that the PICC will only accept commands from the
reader with which it is authenticated. Tampering of operands and messages is detected by
checking the MAC. Also all responses contain a MAC, so that the reader on each
response knows that neither the command nor the response has been tampered with.
Each response carries a MAC. When the appropriate MAC is received, due to linking of
MACs, the reader knows that the command and commands before it was properly
executed.
All commands between two consecutive first authenticate commands belong to one
transaction and the MACing mechanism assures integrity of the whole transaction.
9. Look-up tables
9.1 Security level 0, 1, 3: ISO/IEC 14443-3
Table 4. ISO/IEC 14443-3
Command Description
REQA the REQA and ATQA commands are fully implemented according to
ISO/IEC 14443-3.
WUPA the WAKE-UP command is fully implemented according to
ISO/IEC 14443-3.
ANTICOLLISION/SELECT
cascade level 1
the ANTICOLLISION and SELECT commands are fully implemented
according to ISO/IEC 14443-3. The response is part 1 of the UID.
ANTICOLLISION/SELECT
cascade level 2 for 7 byte
UID version
the ANTICOLLISION and SELECT commands are fully implemented
according to ISO/IEC 14443-3. The response is part 2 of the UID.
HALT the HALT command is fully implemented according to
ISO/IEC 14443-3
P1-P3P4-P6P7-P9P10-P12P13-P15P16-P17

MF1SPLUS6001DA4/03

Mfr. #:
Buy MF1SPLUS6001DA4/03
Manufacturer:
NXP Semiconductors
Description:
RFID Transponders MIFARE CRYPTO1 AES 848Kbps 2KB
Lifecycle:
New from this manufacturer.
Delivery:
DHL FedEx Ups TNT EMS
Payment:
T/T Paypal Visa MoneyGram Western Union

Products related to this Datasheet