OMO ElectronicOMO Electronic
Expand menu
Hello, Sign inMy Account
0 Cart

MF1SPLUS6031DA4/03

P1-P3P4-P6P7-P9P10-P12P13-P15P16-P18P19-P20
MF1PLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
163532 10 of 20
NXP Semiconductors
MF1PLUSx0y1
Mainstream contactless smart card IC
Security level switching is performed using the Commit Perso command:
Card Configuration Key
Card Master Key
Level 2 Switch Key (for L1 card)
Level 3 Switch Key (for L1 card)
Using the originality function, it is possible to verify that the chip is a genuine
NXP Semiconductors MIFARE Plus.
8.5 Security level 1
Security level 1 offers the same functionality as a MIFARE Classic 1K and MIFARE
Classic 4K using the backwards compatibility protocol. The MIFARE Classic 1K and
MIFARE Classic 4K products are specified in Ref. 1
and Ref. 2.
Furthermore, an optional AES authentication is available in this level without affecting the
MIFARE Classic 1K and MIFARE Classic 4K functionality. The authenticity of the card can
be proven using strong cryptographic means with this additional functionality.
The timings may differ from the MIFARE Classic 1K and MIFARE Classic 4K products.
Using the originality function, it is possible to verify that the chip is a genuine
NXP Semiconductors MIFARE Plus.
8.6 Security level 2
Security level 2 also offers the functionality of a MIFARE Classic 1K and MIFARE
Classic 4K using the backwards compatibility protocol. The significant difference
compared to security level 1 is that an AES authentication is mandatory and that the
CRYPTO1 keys are derived for each session using the results from the AES
authentication, rather than being constant for a specific sector.
The timings may differ from the MIFARE Classic 1K and MIFARE Classic 4K products.
In security level 2, the following keys are assigned to each sector:
Two AES keys (key A and key B) these keys are also used in security level 3
two CRYPTO1 keys (key A and key B) these keys are also used in security level 1
The access conditions are set in the sector trailer as in MIFARE Classic 1K and MIFARE
Classic 4K.
Using the originality function, it is possible to verify that the chip is a genuine
NXP Semiconductors MIFARE Plus.
8.7 Security level 3
The operation in security level 3 is solely based on the ISO/IEC 14443-4 protocol layer.
The usage of the backwards compatibility protocol is not possible.
In security level 3, a mandatory AES authentication between PICC and reader is
conducted, where two keys are generated as a function of the random numbers from the
PICC and the reader as well as of the shared key.
MF1PLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
163532 11 of 20
NXP Semiconductors
MF1PLUSx0y1
Mainstream contactless smart card IC
These two session keys are used to secure the data which is exchanged on the interface
between the card and reader. One of the two keys is used to ensure the confidentiality of
the command and the response while the other key ensures the integrity of the command
and the response.
The reader can decide which security needs to be used in the communication between
PICC and reader. In the simplest case, all commands are secured by a MAC, such that
the PICC will only accept commands from the authenticated reader. Any message
tampering is detected by verifying the MAC. All responses are appended by a MAC to
prove to the reader that neither the command nor the response have been compromised.
If performance is the highest priority, the card can be configured to omit the MAC for read
commands. The card then accepts read commands without knowing whether they are
authentic. However, there is a mechanism to prove to the reader that the read response is
resulting from the unmodified read command that it sent.
Other commands, like write commands, always need to have a MAC appended to ensure
that no memory changes are carried out without proving the authenticity of the command.
The reader can decide for each command whether a MAC is included in the response.
When the appropriate MAC is received, due to linked MACs the reader knows that the
command and commands before it were properly executed.
All commands between two consecutive First Authenticate commands belong to one
transaction and the MACing mechanism assures integrity of the whole transaction.
If the MAC on read responses is omitted, the integrity of all read responses within one
session can still be verified by including a MAC on one read response before issuing the
next First or Following Authenticate command.
If performance matters more than confidentiality of the transaction, each data block in a
sector can be configured to allow or disallow sending/receiving plain data.
9. Look-up tables
9.1 Security level 0, 1, 2, 3: ISO/IEC 14443-3
Table 4. ISO/IEC 14443-3
Command Description
REQA the REQA and ATQA commands are fully implemented according to
ISO/IEC 14443-3
WUPA the WAKE-UP command is fully implemented according to
ISO/IEC 14443-3
ANTICOLLISION/SELECT
cascade level 1
the ANTICOLLISION and SELECT commands are fully implemented
according to ISO/IEC 14443-3. The response is part 1 of the UID.
ANTICOLLISION/SELECT
cascade level 2 for 7 byte
UID version
the ANTICOLLISION and SELECT commands are fully implemented
according to ISO/IEC 14443-3. The response is part 2 of the UID.
HALT the HALT command is fully implemented according to
ISO/IEC 14443-3
MF1PLUSX0Y1_SDS All information provided in this document is subject to legal disclaimers. © NXP B.V. 2011. All rights reserved.
Product short data sheet
PUBLIC
Rev. 3.2 — 21 February 2011
163532 12 of 20
NXP Semiconductors
MF1PLUSx0y1
Mainstream contactless smart card IC
9.2 Security level 0, 1, 2, 3: ISO/IEC 14443-4
Please find more information on ISO/IEC 14443-3 in Ref. 5 as well as on the settings of
ATQA, SAK and ATS in Ref. 4
.
9.3 Security level 0 command overview
9.4 Security level 1 command overview
Table 5. ISO/IEC 14443-4
Command Description
RATS the response to the RATS command identifies the PICC type to the
PCD.
PPS the PPS command allows individual selection of the
communication baud rate between PCD and PICC. It is possible
for MF1PLUSx0 to individually set the communication baud rate
independently for both directions i.e. MF1PLUSx0 allows a
non-symmetrical information interchange speed.
DESELECT deselection according to ISO/IEC 14443-4.
Table 6. Security level 0 command overview
Command Description
Write Perso pre-personalization of AES keys and all blocks
Commit Perso switch to security level 1 (L1 card) or security level 3 (L3 card)
First Authenticate (part 1) first authenticate
Following Authenticate (part 1) following authenticate
Authenticate (part 2) second authentication step
Table 7. Security level 1 command overview
MF1ICS50xx, MF1ICS70xx,
MF1ICS20xx commands
Description
MF Authenticate key A authentication with key A
MF Authenticate key B authentication with key B
MF Read reading data
MF Write writing data
MF Increment incrementing a value
MF Decrement decrementing a value
MF Restore restoring a value
MF Transfer transferring a value
Commands using backwards compatibility protocol; see Section 8.2.1
Following Authenticate (part 1) following authenticate; protocol used as described in
Section 8.2.1
Authenticate (part 2) second authentication step; protocol used as described in
Section 8.2.1
Command set for security level switch and originality function using ISO 14443-4 protocol
First Authenticate (part 1) first authenticate
Following Authenticate (part 1) following authenticate
Authenticate (part 2) second authentication step
P1-P3P4-P6P7-P9P10-P12P13-P15P16-P18P19-P20

MF1SPLUS6031DA4/03

Mfr. #:
Buy MF1SPLUS6031DA4/03
Manufacturer:
NXP Semiconductors
Description:
RFID Transponders CONTACTLESS SMART CARD IC
Lifecycle:
New from this manufacturer.
Delivery:
DHL FedEx Ups TNT EMS
Payment:
T/T Paypal Visa MoneyGram Western Union

Products related to this Datasheet