Data Sheet
001052 © NXP B.V. 2007. All rights reserved.
Product data sheet Rev. 5.2 — 15 January 2007 6 of 17
NXP Semiconductors
MF1 IC S50
Functional specification
6.2.5 Memory operations
After authentication any of the following operations may be performed:
• Read block
• Write block
• Decrement:Decrements the contents of a block and stores the result in a temporary
internal data-register
• Increment: Increments the contents of a block and stores the result in the
data-register
• Restore: Moves the contents of a block into the data-register
• Transfer: Writes the contents of the temporary internal data-register to a value block
6.3 Data integrity
Following mechanisms are implemented in the contactless communication link between
RWD and card to ensure very reliable data transmission:
• 16 bits CRC per block
• Parity bits for each byte
• Bit count checking
• Bit coding to distinguish between "1", "0", and no information
• Channel monitoring (protocol sequence and bit stream analysis)
6.4 Security
To provide a very high security level a three pass authentication according to ISO/IEC DIS
9798-2 is used.
6.4.1 Three pass authentication sequence
1. The RWD specifies the sector to be accessed and chooses key A or B.
2. The card reads the secret key and the access conditions from the sector trailer. Then
the card sends a random number as the challenge to the RWD (pass one).
3. The RWD calculates the response using the secret key and additional input. The
response, together with a random challenge from the RWD, is then transmitted to the
card (pass two).
4. The card verifies the response of the RWD by comparing it with its own challenge and
then it calculates the response to the challenge and transmits it (pass three).
5. The RWD verifies the response of the card by comparing it to its own challenge.
After transmission of the first random challenge the communication between card and
RWD is encrypted.