- Block 0 is not writable. It contains card ID and information stored by manufacturer
- Blocks are divided into sectors, and each sector contains one trailer block
- Trailer block stored keys to authenticate the sector it belongs and attributes which decide access right to the sector
- Handling the trailer block not carefully may lead to all rights to that sector disabled, and I have successfully (or I should say accidentally...) locked the whole sector 0. However, as the GetID command is still functional, that command should be using some other way to read the ID from block 0 / some hidden block?
- As trailer block stores the authentication keys of its sector, updating them means changing the authentication keys. Location of keys: first 6 bytes -> Type A; last 6 bytes: Type B
- Reading/Writing a data block requires authentication beforehand
- Authenticating one block is equivalent to authenticate the whole sector
- Only one sector can be authenticated at any time. E.g. If you authenticate sector 2 after authenticating sector 1, you can now only access sector 2 but not sector 1. In order to access sector 1, you have to authenticate sector 1 again.
- The above does not only apply to one single application. i.e. If application A authenticated sector 1 and then application B authenticate sector 2, application A will not be able to access sector 1 without authenticating sector 1 again.
Friday, March 18, 2011
Recently I am developing an application for Windows environment with smartcard, and below are some notes I would like to make about MIFARE Classic 4K card: