1. Reset response (answer to request)
The reader calls a card in the magnetic field to respond to the call. For cards that have just entered the magnetic field and obtained an electrical reset in the idle state, the card Request (reqa, 0x26); for cards that have been read and written and enter the sleep state, wake-up (wake-up, 0x52 ). In this solution, the card Request (reqa) can only call cards in the idle state. WAF can call all cards, including those in sleep state (halt) and casual status cards.
After receiving the card call command, the card will respond to the Command (answerto request, atqa). The reader communicates with the card through a specific protocol to determine whether the card is an M1 RF Card, that is, the card type of the verification card. Atqa has two bytes. The value of the first byte is not specified (rfu). The second byte's two-byte b7b6 represents the length of the card serial number ("00" is 4 bytes, "01" is 7 byte, "10" is 10 byte), B5 bit value is not specified (rfu), b4-b0 indicates whether to comply with the bit-oriented anti-conflict mechanism, if followed, b4-b0 must have and only 1 bit is 1. Generally, the atqa of Mifare S50 is 0004 H, and that of Mifare s70 is 0002 H.
2. anticollision Loop)
When multiple cards enter the reader operation range, the anti-conflict mechanism selects one of them for the operation. If not selected, the system is in idle mode and waits for the next card selection, this process returns the serial number of the selected card. This process returns the serial number of a selected card. The serial number is stored in Block 0 of the card. There are 5 bytes in total. Actually, 4 bytes are useful, and the other is the validation byte of the serial number ,. The smart anti-conflict function allows more than one card in the same work area to work at the same time. The anti-conflict algorithm selects only one card at a time to ensure that the selected card is operated correctly and other cards in the same area do not destroy data..
3. Select tag)
Select the serial number of the selected card and return the capacity code of the card. Select the serial number of the selected card, and return the card capacity code tag size (the first "08", indicating the return value of the capacity, now changed to "88", no special significance ). RWD uses the select card command to select one card for confirmation and the memory-related operation card returns answer to select ATS code = 08 h. RWD uses ATS to determine the type of the selected card.
4. Three mutual confirmations (3 pass authentication)
Mifare series products not only require cards to authenticate the identity of the reader, but also the identity of the reader. This authentication is called mutual authentication. A common authentication method is password or password. Once the password is heard, it will be leaked. The passwords are irregular and can be encrypted by random numbers. Therefore, mutual authentication is performed by random number encryption. The mutual authentication mechanism adopted by the Mifare series is called "three mutual authentication", as shown in.
A) The Reader specifies the access area and selects the key A or B.
B) the key and access condition of the read-only block of the card. Then, the card sends the random number B to the reader. (First round)
C) The reader uses the key and random number to calculate the response value. Response value A, along with the random number B of the reader, is sent to the card (second round ).
D) the cartoon character compares with its own random number, verifies the reader's response value A, calculates the response value, and sends it (the third round ).
E) The Reader verifies the response value of the card through comparison.
After the first random number is transmitted, the communication between the card and the reader is encrypted. In the authentication process, I have repeatedly mentioned "pre-defined algorithms". What kind of algorithms are there. There is no specific rule, but there is a requirement that this algorithm must involve passwords and random numbers. If an error occurs in any part of the authentication process, the entire authentication fails. You must start from.
5. Memory operations
After mutual authentication, you can perform the following operations:
· Read: Read data blocks
· Write: write data blocks.
· Decrement: reduces the value in the data block and stores the result in the temporary internal data register.
· Increment: Increase the value in the data block and save the result in the data register.
· Restore: writes the content of the temporary internal data register to the value block.
· Pause (halt): place the card in the paused state.