NXP Semiconductors
MF1P(H)x1y1
MIFARE Plus EV1
MF1P(H)x1y1 All information provided in this document is subject to legal disclaimers. © NXP B.V. 2018. All rights reserved.
Product short data sheet Rev. 3.0 — 23 July 2018
COMPANY PUBLIC 366930 12 / 27
In this level, the card can be personalized including the programming of user data as well
as CRYPTO1 and/or AES keys. In addition, the originality function can be used.
The following mandatory AES keys must be written, using the WritePerso command
before the PICC can be switched to security level 1 or security level 3.
Security level switching is performed using the CommitPerso command:
• CardConfigurationKey
• CardMasterKey
• L3SwitchKey
When the pre-personalization of the PICC is finished it is possible to upgrade the
PICC from security level 0 either to security level 1 or directly to security level 3 with
CommitPerso command.
Using the originality function, it is possible to verify that the chip is a genuine NXP
Semiconductors MIFARE Plus.
8.9 Security level 1
Security level 1 offers the same functionality as a MIFARE Classic EV1 1K and
MIFARE Classic EV1 4K using the backwards compatibility protocol, see Ref. 3 and Ref.
4.
Furthermore, an optional AES authentication is available in this level without affecting
the MIFARE Classic EV1 1K and MIFARE Classic EV1 4K functionality. The authenticity
of the card can be proven using strong cryptographic means with this additional
functionality.
Response timings may differ from the MIFARE Classic EV1 1K/4K products.
In addition to the backwards compatibility mode, after a successful ISO/IEC 14443-4
activation the originality function can be executed or the CardSecurityLevel or
SectorSecurityLevel switched to higher security levels. In addition to those features
already available in MIFARE Plus EV0, MIFARE Plus EV1 offers the possibility to update
AESSectorKeys and VCSystemData.
MIFARE Plus EV1 can be operated like MIFARE Plus EV0 in SL1 which means that all
memory operations on each sector are requiring legacy MIFARE Classic EV1 commands
using CRYPTO1 enciphering. Beyond that, MIFARE Plus EV1 offers the flexibility
to either switch distinct sectors to SL3 and operate them in AES secure messaging
or enable SL1SL3MixMode on distinct sectors. Sectors in SL1SL3MixMode can be
operated either using the backwards compatible MIFARE Classic EV1 commands when
activated to ISO/IEC 14443-3 or using AES secure messaging when activated to ISO/
IEC 14443-4. In example, this enables end-to-end communication to a MIFARE Plus EV1
using a secure AES channel while leaving the operation in the application on MIFARE
Classic EV1 commands for a migration period.
Also, the Transaction MAC feature is available in security level 1 after ISO/IEC14443-3
activation. The Transaction MAC processing in security level 1 of the Authentication,
Read, Write, Increment, Decrement, Transfer and Restore commands is the same as
their security level 3 equivalents with a few differences, as described later and in Ref. 1.
The CommitReaderID command is not supported.
Using the originality function it is possible to verify if the chip is a genuine NXP
Semiconductors MIFARE Plus EV1.