Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Use the command sequence below to read and write to DESFire cards. Also see the example attached here: DesFire Example.txt

  1. Enable Pass-Through Mode
  2. Poll For Token Command
  3. Sequential APDU Desfire Commands for Select AID, Read and Write with 2C-03 Command.
  4. Internal Card Authentication.
  5. On Card Authentication: Sequential APDU Desfire Commands for Select AID, Read and Write with 2C-03 Command .

Note that each card has a different RandB value returned from the Get RandA command. You will need to implement an algorithm to calculate a new session key based on the returned RandB data. It requires the correct session key to be able to read and write to the card. Furthermore, a new session key will be generated per each transaction. The algorithm has to be implemented in a host application to calculate session key. The transaction flow is shown on page 9 of the specification: M075031_desfire.pdf

The DES Calculator online tool (https://emvlab.org/descalc/) helps to calculate the key (using encrypt mode = DES-CBC). Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Cipher block chaining uses what is known as an initialization vector (IV) of a certain length.


  • No labels