Hello,


For quite some time now I've been having problems logging into this forum.
The forum allways came back with errors about cookies that could not be set etc. ; very annoying.
Then, after a tip from Romuald, I found out that the forum does work, as long as you tick the ' remember me' button.
Maybe it's something other people might like to know.
It helps a bit when trying to post a question :-)


Regards,
Tom

2

(7 replies, posted in Hardware Devices)

Hi Romuald,


I swapped the 104 with the 106 to check if my friend in Hong Kong did not send me a nice looking piece of plastic. Roel mentioned this one to me: http://www.sparkfun.com/commerce/news.php?id=350 and it did not cheer me up.
In the absence of acid I decided to enhance a touchatag ;-)
Anyway, that's the why.

Now for the what; AFAIK this is the complete debug log:

nfc-list use libnfc 1.3.3 (rexported)
DBG nfc.c:107: List avaible device using ACR122 driver
DBG acr122.c:162: PCSC reports following device(s):
DBG acr122.c:167: - ACS ACR 38U-CCID 00 00 (pos=0)
DBG nfc.c:107: List avaible device using PN531_USB driver
DBG pn53x_usb.c:92: 0 busses
DBG pn53x_usb.c:94: 0 devices
DBG pn53x_usb.c:104: Checking device 1d6b:0002 (04cc:0531)
DBG pn53x_usb.c:104: Checking device 1d6b:0002 (054c:0193)
DBG pn53x_usb.c:104: Checking device 072f:90cc (04cc:0531)
DBG pn53x_usb.c:104: Checking device 072f:90cc (054c:0193)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:0531)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (054c:0193)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:0531)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (054c:0193)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:0531)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (054c:0193)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:0531)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (054c:0193)
DBG pn53x_usb.c:149: Found 0 devices
DBG nfc.c:107: List avaible device using PN533_USB driver
DBG pn53x_usb.c:92: 0 busses
DBG pn53x_usb.c:94: 0 devices
DBG pn53x_usb.c:104: Checking device 1d6b:0002 (04cc:2533)
DBG pn53x_usb.c:104: Checking device 1d6b:0002 (04e6:5591)
DBG pn53x_usb.c:104: Checking device 072f:90cc (04cc:2533)
DBG pn53x_usb.c:104: Checking device 072f:90cc (04e6:5591)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:2533)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04e6:5591)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:2533)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04e6:5591)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:2533)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04e6:5591)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04cc:2533)
DBG pn53x_usb.c:104: Checking device 1d6b:0001 (04e6:5591)
DBG pn53x_usb.c:149: Found 0 devices
DBG nfc.c:107: List avaible device using PN532_UART driver
INFO: Sorry, serial auto-probing have been disabled at compile time.
DBG nfc.c:116: No listing function avaible for ARYGON driver
DBG nfc.c:168: Looking for ACR122, found ACR122... Use it.
DBG acr122.c:208: Connecting to ACS ACR 38U-CCID 00 00
DBG nfc.c:176: [ACS ACR 38U-CCID 00 00 / ACR122U102] has been claimed.
 TX: ff  00  00  00  02  d4  02  
DBG nfc.c:185: Failed to get firmware revision for: ACS ACR 38U-CCID 00 00 / ACR122U102
ERROR: Unable to connect to NFC device.

Cheers,
Tom

Hi,


We've had a long weekend here in Holland so I had the time to heat up my soldering iron.

There was a TouchaTag lying around and I couldn't resist soldering some headers to it. Afterwards I even replaced the regular PN532 V104 with a V106. All good fun. :-)

However, the inner workings of LibNFC are still a bit of a mistery to me.
Would it be easy to explain what files one should change to get such a modified TouchaTag working with libNFC?


Kind regards,
Tom

4

(9 replies, posted in Questions and Requests)

Hi Izico,



Is this you? If so, very impressive!

Sorry that you couldn't find anything on my website. Maybe just go to www.mikeycard.org, click phase 1 and files. There you'll find the PDF of the demo board I'm currently working on. AFAIK the board uses the high speed UART, not SPI.

I'm very interested to hear about your clients board. Especially in the fingerswipe. I'm dreaming of making a device that can hold a lot of proximity cards and can download them, connecting via bluetooth to the mobile phone and using it as a hub to fetch smartcard content from the internet. Now quite some security is needed with a lot of those cards store on the device. Maybe fingerswipe can help.

Are you allowed to reveal something about your client or his product?


Cheers,
Tom

5

(9 replies, posted in Questions and Requests)

The information on my website has been lagging a bit.
Sorry for that.
I've finally managed to get some content up there.
This page has links to the demoboard.

Cheers,
Tom

pgrahamm wrote:

Iam trying to use my touchatag reader to work with my crapto code.

Dear pgrahamm,

What do you mean 'my' crapto code? Would you care to elaborate?

Cheers,
Tom

Dear all,


I've posted a message on the ProxMark3 forum; here.

Please respond on the ProxMark forum or via e-mail to:
t o m . b u e l e n s @ g m a i l . c o m


Kind regards,
Tom

Dear,


It is true the the Mifare Classic can be replaced with other, currently better looking, alternatives. However topic starters request was regarding the Classic.

Personally, I think that writing something back to the card after succesfull login, combined with a lock of the desktop when the card is removed is a substantial security benefit over a MagStripe. Naturally it's all in the implementation details.

However I do agree that one should regard the protection of the propriatary Crypto1 cypher as non exsistant, indeed.


Kind regards,
Tom

Hi,


When doing authentication people generally use at least one or preferably a combination of :
1.) something you have
2.) something you know
3.) something you are

Category 3.) can be disregarded since I presume biometrics is out of the question.

The Mifare Classic as means to authenticate falls in category 1.) something you have. The problem with it is that it is not always unique. It can be forged. So you can make it unique by storing an encrypted bit of information, each time it is used.

Additionally you could opt to increase security by adding something from category 2.) something you know, something like a small password or PIN.

Now putting it all together, you could store username in the clear in one sector and store in another sector  (readable with another Key A and writable with even another Key B) the encrypted last time the card was used and use a hash of the PIN as a seed for the encryption.

It still does not make it 200% unbreakable, however it better then most systems use, nowadays. (IMHO)


Kind regards,
Tom

Hi,


I've been trying to send and receive some 'raw' data using the nfc_reader_transceive_bits function.
However, since this is my first C program I'm a bit puzzle with what the parameters should be. More specifically if they should be pointers or not.

This is the function in libnfc:
bool nfc_reader_transceive_bits(const dev_info* pdi, const byte* pbtTx, const ui32 uiTxBits, const byte* pbtTxPar, byte* pbtRx, ui32* puiRxBits, byte* pbtRxPar)

Basically my question is: "Do I supply, for instance, the second parameter (pbtTx) with the address of the data that needs to be transmitted, and hence call the function like this: nfc_reader_transceive_bits(&pdi, &pbtTx,...........) or do I just give it the whole byte array and do it without the &?

Sorry for this n00b question.


Kind regards,
Tom