Topic: Problem changing key

Hi,

I am trying to change the keyno1 of my application but I am having some problems.
The keySettings are defined to 0f 02. I am able to authenticate to key0 and get the session key.

The old key is 00..00 since I have not changed it. And the new key I want to set is 0x00112233445566778899AABBCCDDEEFF. When I send the command to the PICC always returns a 911E (apparently it doesn´t like the CRC or the padding).

Assuming that my key is 00.00 the XOR does not affect the key, so the first parameter I guess should be the new key itself. Then I calculate the CRC and I get 69CC (Is that correct???), so I have to append it twice (once for the XORed key and once for the new key), and then I append 4 0x00s as padding.

Here are the values I am receiving right now:

Session Key: D8 15 60 CE 33 55 7D BC 3E F4 34 EA 1D FF F9 28
Old Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
New Key: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF

Key Data: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF 69 CC 69 CC 00 00 00 00
Transmitted data: 71 66 0B 4C C6 EB A6 F9 D6 36 86 2F 6A ED 33 E5 D9 84 50 B0 04 6B A9 85

Can anyone complete the key changing using this values and pass mw the values I should receive in all the steps?? I must be doing something bad bat I have read the documentation and I don´t know where.


Thanks, Gorka

Re: Problem changing key

Hi

There are two problems in your code:

  1. The CRC is a crc32, so is 4 bytes long.

  2. The second CRC is supposed to includes the frame headers, so both CRCs are different.

You can have a look at the libfreefare project in nfc-tools: if features all required functions to work with a Mifare DESFire, and Mifare DESFire EV1 support is currently being working on:
<http://code.google.com/p/nfc-tools/>

Romain

3 (edited by g.hernando 2010-12-17 10:11:23)

Re: Problem changing key

Hi,

Thanks for your response. I have downloaded and installed the nfc-tools code but I cannot work directly in a Linux distribution and the vmware is giving me many problems. I will try to install nfc-tools in another linux machine and test the Desfire tools. I have to complete some operations soon, so I am using another tool to manage my Desfire card.

By the way, there is something I don´t understand in your response. The especification says: "The new key and the current key are bit-wise XORed (16 byte). A CRC (2 byte) is calculated over the XORed data and appended at the end. Additionally a CRC (2 byte) of the new key is appended". So, why do you say is a crc32 and 4 bytes long?? Can you explain this to me??

Well, if I try to get the crc32 for the key 0011..FF I get 7f601da6, is that correct?? Then, you say the second CRC is supposed to include the headers. Ok, so the input should be : 90 C4 0000 19 01 00 11 22 .. FF 7F 60 1D A6?? Hope you can clarify me this point.


Once again, thank you very much for your time.

Regards.

Re: Problem changing key

Oops!  I read too fast, I though you where authenticating using AES crypto.

You CRC seems to be BE instead of LE, give 0xCC69 a try ;-)

In case you are interested in new crypto schemes of EV1 cards, have a look to this code:
http://code.google.com/p/nfc-tools/sour … ?r=712#542

Romain

5 (edited by g.hernando 2010-12-20 08:21:49)

Re: Problem changing key

Hi again,

There is no way to make that work !!! sad

Well, here is all I have done, maybe there is something else bad and that is why I cannot change the key.

Application creation:
90 CA 0000 05 11 EE EE 0F 02 00

Old key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
New key: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF CC

Data Field: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF CC 69 CC 69 00 00 00 00

I authenticate to key 0 of the application
Session Key: D9 CE 99 89 BF 65 18 BF 0C DB C6 8C 8C 38 A5 F8

I encrypt the Data field using 3DES and the session key I have just get:
C9 70 F4 CE CB CD D8 2C 4F F7 2F 2D BC 44 EF DB 39 28 9F B2 3A 6E D3 69

And finally I add it to the APDU send it:
APDU: 90 C4 00 00 19 01 C9 70 F4 CE CB CD D8 2C 4F F7 2F 2D BC 44 EF DB 39 28 9F B2 3A 6E D3 69 00


Can someone please check which step is wrong??
I would appreciate if someone could try to change a key and send me a log like the one I have posted. That why I could repeat the steps using the indicated session key and see if I get the same values.

I don´t know if it can affect to the change key, so just say that I am using a Desfire EV1 8k card.

-----------------

I´ve been doing some tests regarding the writing/reading of encrypted data and the same thing happens to me. When I read a field I get the data encrypted. I decrypted it using the sessionkey and I can get the original data, the CRC16 and the padding bytes. Everything is ok. However, when I try to write something encrypted I cannot do it.

The data I received after I decrypt it is:
-->90 BD 0000 07 09 000000 100000 00
d(00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 77 F5 00 00 00 00 00 00)

So, then I try to send the same data to another file:
--> 90 3D 0000 1F 06 000000 100000 e(00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 77 F5 00 00 00 00 00 00) 00
<-- 911E

What could be the problem??


Thank you again and regards

Re: Problem changing key

I'm having exactly the same problem and i can't understand what i'm doing wrong. But the strangest thing is that DESFireUI, an specific DESFire Windows application provided by PHILLIPS(!) with it's Pegoda Reader isn't able to make the ChangeKey command work properly. It gets the same 1E (Integrity Error) that g.hernando and I are receiving using our own code.

I guess the problem isn't in the code itself but in the previous steps needed before sending the command code. However, I can't figure out which step are we missing, as I'm pretty sure that what g.hernando and I are doing is what is explained in the specs.

If someone has finally solved this problem, I'll be very thankful if he could share it with us.

Regards

Re: Problem changing key

g.hernando, I've reread your previous post and i've realized that you are using the whole session key (16 bytes) so you are 3DES deciphering the changekey parameter, but as the authentication has been done with the old key (all zeros), you should use only the first 8 bytes (meaning a Single DES deciphering).

Re: Problem changing key

Hello,

I'm curious and i'm just wondering why you don't use libfreefare to do so ?

Romuald Conty

Re: Problem changing key

because i need to implement my own Java lib for a project

I've just succeeded with the Change Key command. It was a CRCA problem...

Re: Problem changing key

Hi,

I have just seen there are some responses to my post. I just want to say that I completed the changeKey procedure, it was an encryption problem because I was not doing the DES properly (all the send mode staff).

If someone needs a capture or something to test its values I could provide it. I have all the classes implemented in java (I am using a mobile with J2ME and JSR257 as a reader).

Regards.

Re: Problem changing key

Dear

Can you upload it or may be send it for a try ?

Regards

Re: Problem changing key

I mistakenly posted about changKey problems in
http://www.libnfc.org/community/post/2114/#p2114

Re: Problem changing key

I also have a problem of this , who can help me ?
This is my script :

//Main entry
Main:
        //Reset card
        Reset SmartCard

        //Activate
        FF00000003 D4 1234;SW=9000
        //Set Retry time
        FF00000006 D43205000000;SW=9000
        //Enable the antenna
        FF00000004 D4320101;SW=9000
   
        //Authentication
        CALL AuthenFile
        //Select PICC AID
        5A 000000;SW=9000

        //Read KeySettings
        45;[00:03]
        CALL CheckCMD
        //Get Application AIDs
        6A;[00:03]
        CALL CheckCMD
        //Read KeyVersion
        6400;[00:03]
        CALL CheckCMD

        //Authentication
        CALL AuthenFile
        //Change KeySettings
        Fun_DesDeCBC(0000000000000000,09CC690000000000,[201:210],[21:28])       
        54 + [21:28];[00:03];SW=9000       
        CALL CheckCMD    //Here is not right , The response value is 0x911E (CRC or Mac is not right)

        //Authentication
        CALL AuthenFile
        //Change Key
        Fun_DesDeCBC(0000000000000000,00112233445566778899AABBCCDDEEFFCC69CC6900000000,[201:210],[51:68])
                                //Here is also not right if i can not execute the command "54", The response value is also 0x911E (CRC or Mac is not right)
        C400 + [51:68];[00:03];SW=9000
        CALL CheckCMD

       
       
END

//Authentication
AuthenFile:

    Label1:   
        //Authenticate
        0A00;[40:49]
        JUMP_EQ([42:43],9000,Label1)
        JUMP_EQ([41],AF,Label2)
    Label2:
        Fun_DesEnCBC(0000000000000000,[42:49],0000000000000000,[10:17])
        Fun_Load([10],[18])
        Fun_DesEnCBC(0000000000000000,1122334455667788+[11:18],0000000000000000,[21:30])
        AF + [21:30];[00:09]
        JUMP_EQ([02:03],9000,Error3)
        JUMP_EQ([01],00,Label3)
    Error3:
        Fun_MessageBox(Authentication Failed , Pls check !!!!!)
        Fun_Display(Authentication Failed , Pls check !!!!!)
    Label3:
        //Get session key
        Fun_Load(11223344+[42:45]+55667788+[46:49],[201:210])
        //Fun_DesDeCBC(0000000000000000,[201:210],0000000000000000,[201:210])
RET


//Command check
CheckCMD:
        JUMP_NE([01],00,Label5)
        JUMP_EQ([01],00,Label6)
    Label5:
        Fun_MessageBox(Command execution Failed,Pls check!!!!!)
        Fun_Display(Command execution Failed,Pls check!!!!!)
    Label6:

RET

Re: Problem changing key

================================================================
No.1  —  On  Reset SmartCard
Execution  Time: 103 ms
(Expected)  ATR:
(Received)  ATR: 3B8180018080
================================================================
================================================================
No.2  —  In  Main
Execution  Time: 4 ms
RawApdu = FF00000003 D4 1234
Command = FF00000003D41234
(Expected)   SW: 9000    Data:
(Received)   SW: 9000    Data: D513
================================================================
================================================================
No.3  —  In  Main
Execution  Time: 4 ms
RawApdu = FF00000006 D43205000000
Command = FF00000006D43205000000
(Expected)   SW: 9000    Data:
(Received)   SW: 9000    Data: D533
================================================================
================================================================
No.4  —  In  Main
Execution  Time: 3 ms
RawApdu = FF00000004 D4320101
Command = FF00000004D4320101
(Expected)   SW: 9000    Data:
(Received)   SW: 9000    Data: D533
================================================================
================================================================
No.5  —  In  AuthenFile
Execution  Time: 16 ms
RawApdu = 0A00
Command = 0A00
(Expected)   SW:     Data:
(Received)   SW: C586    Data: AF41236F7C533A
================================================================
================================================================
No.6  —  In  AuthenFile
Execution  Time: 21 ms
RawApdu = AF + [21:30]
Command = AFCD72DFC6E6D040A41FAB6099FCB93C8A
(Expected)   SW:     Data:
(Received)   SW: FB7B    Data: 00AD6CC16025CC
================================================================
================================================================
No.7  —  In  Main
Execution  Time: 10 ms
RawApdu = 5A 000000
Command = 5A000000
(Expected)   SW: 9000    Data:
(Received)   SW: 9000    Data: 00
================================================================
================================================================
No.8  —  In  Main
Execution  Time: 10 ms
RawApdu = 45
Command = 45
(Expected)   SW:     Data:
(Received)   SW: 0F01    Data: 00
================================================================
================================================================
No.9  —  In  Main
Execution  Time: 10 ms
RawApdu = 6A
Command = 6A
(Expected)   SW:     Data:
(Received)   SW: C450    Data: 0004
================================================================
================================================================
No.10  —  In  Main
Execution  Time: 10 ms
RawApdu = 6400
Command = 6400
(Expected)   SW:     Data:
(Received)   SW: 0000    Data:
================================================================
================================================================
No.11  —  In  AuthenFile
Execution  Time: 16 ms
RawApdu = 0A00
Command = 0A00
(Expected)   SW:     Data:
(Received)   SW: BBA2    Data: AF08E5DD371AD0
================================================================
================================================================
No.12  —  In  AuthenFile
Execution  Time: 21 ms
RawApdu = AF + [21:30]
Command = AFCD72DFC6E6D040A41065AAA74053073F
(Expected)   SW:     Data:
(Received)   SW: FB7B    Data: 00AD6CC16025CC
================================================================
================================================================
No.13  —  In  Main
Execution  Time: 21 ms
RawApdu = C400 + [51:68]
Command = C40083C6719E44E146057A718F670679730E310973A4AD925949
(Expected)   SW: 9000    Data:
(Received)   SW: 9000    Data: 1E  // Here is not right
================================================================
================================================================

Re: Problem changing key

Hi,
although it's an older topic, I got stuck with the same error...
g.hernando, you offered something to test my values wink Is this offer still valid?

Regards,

Matthias

Re: Problem changing key

Hi

I am also facing the same issue when trying to change key-0 of application-0x111111 and my key settings are 0xef and I am using 4-keys for application.

I am authenticating with key-0 to change key-0.

Old Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
New Key: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF
Key Data: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF 69 CC 00 00 00 00 00 00

I am sure that we need to add CRC16 for the same key authenticated and changed.

I have done a DES deciphering on key data with old key. [What is the significance of session_key here].?
Is it correct that I can use either DES or 3DES?

I am also getting the 0x1e [integrity error], CRC error  for the key sent.

What am I missing/wrong here? Any help appreciated. I am taking reference from "libfreefare"

Thanks
Anil

Re: Problem changing key

It is DES decrypt problem, it is working now.

Thanks
Anil

Re: Problem changing key

Hi,
can you explain the problem you had in i little more detail? Maybe, it's the same over here...
Regards,
Matthias

Re: Problem changing key

Hi everyone, I've been working with Desfire 8K and I had the same error 0x1E. Can anyone tell me the way to calculate the CRC or what DES/3DES method use?

Regards,

Yenfry

Re: Problem changing key

Hi ,

Follow the link given below, where you have all the open source code available for DESFIRE card.

http://nfc-tools.googlecode.com/svn/trunk/libfreefare

Regards
Anil

21 (edited by 549755067 2013-05-28 09:07:06)

Re: Problem changing key

g.hernando wrote:

Hi,

I am trying to change the keyno1 of my application but I am having some problems.
The keySettings are defined to 0f 02. I am able to authenticate to key0 and get the session key.

The old key is 00..00 since I have not changed it. And the new key I want to set is 0x00112233445566778899AABBCCDDEEFF. When I send the command to the PICC always returns a 911E (apparently it doesn´t like the CRC or the padding).

Assuming that my key is 00.00 the XOR does not affect the key, so the first parameter I guess should be the new key itself. Then I calculate the CRC and I get 69CC (Is that correct???), so I have to append it twice (once for the XORed key and once for the new key), and then I append 4 0x00s as padding.

Here are the values I am receiving right now:

Session Key: D8 15 60 CE 33 55 7D BC 3E F4 34 EA 1D FF F9 28
Old Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
New Key: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF

Key Data: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF 69 CC 69 CC 00 00 00 00
Transmitted data: 71 66 0B 4C C6 EB A6 F9 D6 36 86 2F 6A ED 33 E5 D9 84 50 B0 04 6B A9 85

Can anyone complete the key changing using this values and pass mw the values I should receive in all the steps?? I must be doing something bad bat I have read the documentation and I don´t know where.


Thanks, Gorka

       Hi,can you pass the ChangeKeySettings,I have a problem can not slove!
       Firstly,I change the Change the settings of the masterkey (AID=00 00 00),I use the CRC16, And the setting is 0F(the initial setting is 0F) ,so I caculate it and get the crc is 09 a9, then the data is 0f 09 a9 00 00 00 00 00, and I also try the data 0f 00 00 00 00 00 09 a9,it can not work.
RndB is 2E 90 E1 70 BD B1 9A AB  and RndA is 00 00 00 00 00 00 00 00;and i authencaite it successfully ,and the session key is 00 00 00 00 2E 90 E1 70   00 00 00 00 BD B1 9A AB , or the session key 00 00 00 00 2E 90 E1 70 also can not work, then i use the tools to do the 3DES(double).
       I always get the error code is 0x1e,I am really confused ,can anybody tell me why ? If it is convinient ,please give me a sample or solution to me ,or log information .Thanks.

Re: Problem changing key

Hi,
      I am too late to see this post. I think you have solve your problem.

      I face the same problem too and I solve it with effort.

      The most key issue is that if you use the default master key (all 0x00 or all 0xFF), the picc employ Single DES (NOT 3DES), so you should use Single DES all the time although  the session key is 00 00 00 00 2E 90 E1 70   00 00 00 00 BD B1 9A AB.  So as you said, the session key becomes 00 00 00 00 2E 90 E1 70 00 00 00 00 2E 90 E1 70, and you should use Single DES decrypt mode to encrypt the data and send to the picc.

       If you want 3DES, change the master key which can be used by 3DES firstly.

       cheers!

549755067 wrote:
g.hernando wrote:

Hi,

I am trying to change the keyno1 of my application but I am having some problems.
The keySettings are defined to 0f 02. I am able to authenticate to key0 and get the session key.

The old key is 00..00 since I have not changed it. And the new key I want to set is 0x00112233445566778899AABBCCDDEEFF. When I send the command to the PICC always returns a 911E (apparently it doesn´t like the CRC or the padding).

Assuming that my key is 00.00 the XOR does not affect the key, so the first parameter I guess should be the new key itself. Then I calculate the CRC and I get 69CC (Is that correct???), so I have to append it twice (once for the XORed key and once for the new key), and then I append 4 0x00s as padding.

Here are the values I am receiving right now:

Session Key: D8 15 60 CE 33 55 7D BC 3E F4 34 EA 1D FF F9 28
Old Key: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
New Key: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF

Key Data: 00 11 22 33 44 55 66 77 88 99 AA BB CC DD EE FF 69 CC 69 CC 00 00 00 00
Transmitted data: 71 66 0B 4C C6 EB A6 F9 D6 36 86 2F 6A ED 33 E5 D9 84 50 B0 04 6B A9 85

Can anyone complete the key changing using this values and pass mw the values I should receive in all the steps?? I must be doing something bad bat I have read the documentation and I don´t know where.


Thanks, Gorka

       Hi,can you pass the ChangeKeySettings,I have a problem can not slove!
       Firstly,I change the Change the settings of the masterkey (AID=00 00 00),I use the CRC16, And the setting is 0F(the initial setting is 0F) ,so I caculate it and get the crc is 09 a9, then the data is 0f 09 a9 00 00 00 00 00, and I also try the data 0f 00 00 00 00 00 09 a9,it can not work.
RndB is 2E 90 E1 70 BD B1 9A AB  and RndA is 00 00 00 00 00 00 00 00;and i authencaite it successfully ,and the session key is 00 00 00 00 2E 90 E1 70   00 00 00 00 BD B1 9A AB , or the session key 00 00 00 00 2E 90 E1 70 also can not work, then i use the tools to do the 3DES(double).
       I always get the error code is 0x1e,I am really confused ,can anybody tell me why ? If it is convinient ,please give me a sample or solution to me ,or log information .Thanks.

23 (edited by james.hitchings 2014-01-10 09:05:49)

Re: Problem changing key

All,
I'm seeing a similar problem with my implementation. There have been a lot of replies about fixed solutions, but not many descriptions of the fix.
I also notice that all of the issues faced above were for the master key and/or DES (rather than 3DES).
Please note I am using NXP Semiconductors MF3ICD81 MIFARE DESFire Function Specification Rev. 3.5 - 28 November 2008.
The process I'm following is described on page 43 and 44 of the specification.

Here's my process (it ends, unsurprisingly, with a 911E to ChangeKey):
1) Obtain the current key (that will be present in KeySlot 3 on the card) by building key parts and diversifying. This produces a 24 byte key:
KEY_Built_Current = A87CFA7EA456AA05F8E844B0A2F280353212CCE8129AAA4D

2) Create the replacement key by building some key parts and diversifying. This produces a 24 bytes key:
KEY_Built_New = 864CD236BEAD715A8CAA8806F851DF74A02E42F4B6FBABA2

Notes on step 1 & 2: I am confident that my method of producing KEY_Built_Current is correct as I've used the key successfully elsewhere.

3) XOR: KEY_Built_New with KEY_Built_Current. This produces a 24 byte result:
KEY_XOR_New_Current = 2E3028481AFBDB5F7442CCB65AA35F41923C8E1CA46101EF

4) Calculate CRC32 of KEY_XOR_New_Current. This produces a 4 byte result:
CRC32_XOR = 21DDC40F

5) Calculate CRC32 of KEY_Built_New. This produces a 4 byte result:
CRC32_New = 0FD8FD5D

Notes on step 5: The specification clearly states: "Additionally a CRC32 of the new key is appended.". The specification doesn't say to include the CMD or any other data.

6) Perform AuthenticateISO using my KeyChange key. This provides me with a 32 byte session key and sets the IV to 0000000000000000:
KEY_3KDES_SessionKey = 2E3028481AFBDB5F7442CCB65AA35F41923C8E1CA46101EF21DDC40F0FD8FD5D
KEY_IV = 0000000000000000

7) Concatenate KEY_XOR_New_Current + CRC32_XOR + CRC32_New. This produces a 32 byte result of:
CHANGEKEY_DATA = 2E3028481AFBDB5F7442CCB65AA35F41923C8E1CA46101EF21DDC40F0FD8FD5D

Notes on step 7: No padding is required as the result is a multiple of 8.

8) 3DES CBC Encrypt: CHANGEKEY_DATA with KEY_3KDES_SessionKey and KEY_IV. This produces a 32 byte result of:
CHANGEKEY_DATA_Enc = A6AB1F0FFC42535661D40EAF67D84D0D8D24AA94331B0D2DD2EC356AC5871CF4

9) Send the ChangeKey command:
90C400002103A6AB1F0FFC42535661D40EAF67D84D0D8D24AA94331B0D2DD2EC356AC5871CF400
Broken down:
CLA
90
INS
C4
P1P2
0000
LC
21
KEYNo
03
Enciphered Data
A6AB1F0FFC42535661D40EAF67D84D0D8D24AA94331B0D2DD2EC356AC5871CF4
LE
00

Response:
911E

Any help would be greatly appreciated.

EDIT: Issue resolved.
The spec is incorrect. In step 4) 'Calculate CRC32 of KEY_XOR_New_Current' I had to include the CMD and KeyNo in front of the XOR'd data.
Thanks to the availability of libfreefare source code, I was able to review their ChangeKey processing and work out what was wrong.

Re: Problem changing key

> I'm seeing a similar problem with my implementation.
> There have been a lot of replies about fixed solutions, but not many descriptions of the fix.

Exactly!
People ask for help here, and when they solved their problem they do not post HOW they solved their problem. That is very typical. Sadly people are very egoistic.


I struggled several weeks with Desfire EV1 devolpment and I decided to publish my solution. It contains a source code that you can compile on Arduino or with very few changes also on Visual Studio or Linux. You find all crypto algorithms there (3DES, AES, CRC, CMAC, etc..)
codeproject.com/Articles/1096861/DIY-electronic-RFID-Door-Lock-with-Battery-Backup


Additionally I published several data examples that show how encryption SHOULD work. These examples show how the randoms are exchanged, how the session key is generated, what are the correct CRC32 values, and what are the correct CMAC values. You find them here:
stackoverflow.com/questions/38283998/desfire-ev1-communication-examples