Topic: Avoid cloning my tag

In my application, I want to avoid that someone can clone my nfc tag. In this application, everyone can have the tag and the reader, so everyone can listen the communication between them.
I saw that MIFARE Ultralight C tag has implemented inside the 3DES encryption algorithm. Can I use it for my purpose?

Re: Avoid cloning my tag

Unfortunately none of the NFC tags have protections against cloning AFAIK.
You can prevent cloning by using the 3DES feature of Ultralight C.
You can make an Ultralight C tag behaving as a NFC tag as defined by the NFC Forum.
But NFC Forum specifications don't tell how to use the crypto that can be in the tag so a NFC device does not know how to check originality of the tag.
Now if you say "NFC tag" just to say a tag that can be read by a NFC phone with your own application, but not a NFC Forum compliant tag, then it's ok.

I hope I didn't confuse you :-)

Re: Avoid cloning my tag

Thank Phil for your explanation.
What I thought to do is to split in two parts the memory of the Ultralight C. In one part I put a code that allow me to identify the tag (in my application I can have a many tags) and in the other part I put a code that only me know and I encrypt this second part with the 3DES algo. So, when I want to know if that tag is not cloned or not, I encrypt with a new key the code in the second part and than I read it. The code should be encrypted with the new key and the UID of the tag. Now I can read the first part of the memory and the result of the encryption and understand if the code in the second part is what I written or not.

Unfortunatelly I didn't find the complete datasheet of the Ultralight C so, maybe, what I written is wrong.
Do you think this method can work?

Re: Avoid cloning my tag

UltralightC allows you to do mutual authentication and to mandate it to read or write part of the memory.
As you just want to be able to check originality of the tag, you can do this:
Keep the default config where almost all the tag can be read/written without key.
You write there a NDEF message so any NFC phone can read and interpret it.
You use the lock bytes to make the tag read-only (same lock bytes mechanism as for an Ultralight).
You change the key.

Now anyone can read the NDEF message with a NFC phone.
And you can check originality by trying to mutually authenticate with the key you've chosen.

For the key you've two options:
* same key in all your tags, easy but if the key leaks, anyone can fake your tags.
* key diversification: you use a master key and the tag UID to derive a unique key specific to that tag.
This is a bit more complex to setup the tags and to check them, but it's safer: one key leaks = someone can authenticate to the corresponding tag and maybe change some stuffs in it but your other tags are safe and nobody can clone your tags.

Another possible config rather than using the lock bytes is to setup the card such that read is always possible but write is only possible after authentication.
In that case:
Now anyone can read the NDEF message with a NFC phone.
You can check originality by trying to mutually authenticate with the key you've chosen.
Bonus: you can modify the tag content if needed.


Re: Avoid cloning my tag

Try to find the following paper:

Making the Best of Mifare Classic Update
by Wouter Teepe
Radboud University Nijmegen December 11, 2008

it covers what you need, but it's for Mifare Classic. Which allows you to lock blocks so they can only be decremented. It can help you to determine if a card has been cloned if it's out of sync with the system.

Re: Avoid cloning my tag

I get success to authenticate the tag. But now I have an other issue.
I have an android app that I use to read the tag and a server online that knows the key stored in the tag. The app android is only a pass through to connect the server and the tag. When I start the authentication, I send the message 0x1A 0x00 to the tag, the answer of the tag is sent to the server that decrypt the message, add the keyB and send the message back to the app. Then the app send the message recieved to the tag. During this phase, I loose some time for the connection, and then, when I send back the message to the tag, I get a TagLostException.
Is there a way to avoid that exception? I mean, can the tag wait for 1 sec before to disconnect?

Thank you.