Manualshelf

Datasheet

ManualsBrandsNXP ManualsOtherMIFARE Ultralight® C
11121314151617181920
NXP Semiconductors
MF0ICU2
MIFARE Ultralight C - Contactless ticket IC
MF0ICU2 All information provided in this document is subject to legal disclaimers. © NXP B.V. 2019. All rights reserved.
Product data sheet Rev. 3.3 — 30 July 2019
COMPANY PUBLIC 137633 12 / 36
Any write operation to the lock bytes 2 and 3, features anti-tearing support.
Remark: The configuration written in the lock bytes is valid upon the next REQA or
WUPA command.
7.5.4 OTP bytes
Page 3 is the OTP page. It is preset to all "0" after production. These bytes may be bit-
wise modified by the WRITE or COMPATIBILITY WRITE command.
001aai004
page 3 default value
EXAMPLE
OTP bytes
byte
OTP bytes
0 1 2 3 00000000 00000000 00000000 00000000
1st write command to page 3
11111111 11111100 00000101 00000111
result in page 3
11111111 11111100 00000101 00000111
2nd write command to page 3
11111111 00000000 00111001 10000000
result in page 3
11111111 11111100 00111101 10000111
1. Remark: This memory area may be used as a 32 ticks one-time counter.
Figure 8. OTP bytes
The bytes of the WRITE command and the current contents of the OTP bytes are bit-
wise "OR-ed" and the result forms the new content of the OTP bytes. This process is
irreversible. If a bit is set to "1", it cannot be changed back to "0" again.
The default value of the OTP bytes is 00 00 00 00h.
Any write operation to the OTP bytes features anti-tearing support.
7.5.5 3DES Authentication
The 3DES Authentication implemented in the MF0ICU2 proves that two entities
hold the same secret and each entity can be seen as a reliable partner for onwards
communication. The applied encryption algorithm ek() is the 2 key 3DES encryption (see
Ref. 9) in Cipher-Block Chaining (CBC) mode as described in ISO/IEC 10116 (see Ref.
10). The Initial Value (IV) of the first encryption of the protocol is the all zero block. For
the subsequent encryptions the IV consists of the last ciphertext block.
The following table shows the communication flow during authentication:
Table 8. 3DES authentication
# PCD Data exchanged PICC
1 The reader device is always the entity
which starts an authentication procedure.
This is done by sending the command
AUTHENTICATE.
"1Ah"
AUTHENTICATE
Step 1