Mifare Plus 4K Card,Mifare Plus S 4K Card,Mifare Plus X 4K Card,

Mifare Plus S 4K Card, Mifare Plus X 4K Card.

Migrate classic contactless smart card systems to the next security level.
MIFARE Plus brings benchmark security to mainstream contactless smart card applications. It is the only mainstream IC compatible with MIFARE Classic offering a seamless upgrade path, with minimal effort, for existing infrastructure and services.

Key applications:
Public transportation.
Access management, e.g. employee, school or campus cards.
Electronic toll collection.
Car parking.
Loyalty programs.

Independent Security Reviews:
BSI Common Criteria Certification EAL 4+
University of Bochum
Katholieke Universiteit Leuven

Key features:
2KB or 4 KB EEPROM.
Simple fixed memory structure compatible with MIFARE Classic 1 K (MF1ICS50), MIFARE Classic 4 K (MF1ICS70).
Access conditions freely configurable.
Smooth migration from MIFARE Classic to MIFARE Plus security level supported.
Open standard AES crypto for authentication, integrity and encryption.
Common Criteria Certification: EAL4+ for IC HW and SW.
ISO/IEC 14443-A unique serial number, 4 or 7 byte and random IDs.
Multi-sector authentication, multi-block read and write.
Anti-tear function for writing AES keys.
Keys can be stored as MIFARE Classic CRYPTO1 keys (2 x 48 bit per sector) or as AES keys (2 x 128 bit sector).
Supports virtual card concept.
High data rates up to 848 kbit/s.
Available in MOA4 modules or 8-inch sawn bumped wafer.

NXP MIFARE Plus is based on open global standards both for air interface and cryptographic methods. It is available in two versions: MIFARE Plus S, the Slim version, for straightforward migration of MIFARE Classic systems, and MIFARE Plus X, the eXpert version, which offers more flexibility to optimize the command flow for speed, privacy and confidentiality. MIFARE Plus X offers a rich feature set, including proximity checks against relay attacks.

MIFARE Plus is fully functional backwards compatible with MIFARE Classic 1 K / 4 K. Interoperability with MIFARE Classic has been verified by the independent MIFARE Certification Institute. MIFARE Plus offers the possibility to issue cards seamlessly into existing MIFARE Classic applications, before the infrastructure is upgraded. Once the security upgrades are in place, MIFARE Plus cards can be switched to a more secure mode in the field with no customer interaction necessary. AES (advanced encryption standard) is then being used for authentication, encryption and data integrity.

MIFARE Plus supports high-speed communication between card and terminal at up to 848 kbps/s, for time critical services. The read range of up to 10 cm increases the convenience of the touch-and-go experience.

Security Levels:
MIFARE Plus cards supports one pre-personalization and 3 security levels. Cards operate in one security level at any given time and can only be switched to a higher level.

Security Level 0
MIFARE Plus cards are pre-personalized with configuration keys, level switching keys, MIFARE Classic CRYPTO1 and AES keys for the memory.
Security Level 1
In this level the cards are 100% functionally backwards compatible with MIFARE Classic 1K / 4K cards. Cards work seamlessly in existing MIFARE Classic infrastructure.
Security Level 2
Mandatory AES authentication. MIFARE Classic CRYPTO1 for data confidentiality.
Security Level 3
Mandatory AES for authentication, communication confidentiality and integrity. Optional proximity detection (MIFARE Plus X only).

Security level 0:
Security level 0 is the initial delivery configuration of the PICC. The card can be operated either using the backwards compatibility protocol or the ISO/IEC 14443-4 protocol. In this level, the card can be personalized including the programming of user data as well as CRYPTO1 and/or AES keys. In addition, the originality function can be used. The following mandatory AES keys must be written, using the Write Perso command before the PICC can be switched to security level 1 or security level 3 (for L3 card).

Security level switching is performed using the Commit Perso command:
-Card Configuration Key.
-Card Master Key.
-Level 2 Switch Key (for L1 card).
-Level 3 Switch Key (for L1 card).

Using the originality function, it is possible to verify that the chip is a genuine NXP Semiconductors MIFARE Plus.

Security level 1:
Security level 1 offers the same functionality as a MIFARE Classic 1K and MIFARE Classic 4K using the backwards compatibility protocol. Furthermore, an optional AES authentication is available in this level without affecting the MIFARE Classic 1K and MIFARE Classic 4K functionality. The authenticity of the card can be proven using strong cryptographic means with this additional functionality. The timings may differ from the MIFARE Classic 1K and MIFARE Classic 4K products.

Using the originality function, it is possible to verify that the chip is a genuine NXP Semiconductors MIFARE Plus.

Security level 2:
Security level 2 also offers the functionality of a MIFARE Classic 1K and MIFARE Classic 4K using the backwards compatibility protocol. The significant difference compared to security level 1 is that an AES authentication is mandatory and that the CRYPTO1 keys are derived for each session using the results from the AES authentication, rather than being constant for a specific sector. The timings may differ from the MIFARE Classic 1K and MIFARE Classic 4K products.

In security level 2, the following keys are assigned to each sector:
-Two AES keys (key A and key B) these keys are also used in security level 3 two CRYPTO1 keys (key A and key B) these keys are also used in security level 1.
-The access conditions are set in the sector trailer as in MIFARE Classic 1K and MIFARE Classic 4K.

Using the originality function, it is possible to verify that the chip is a genuine NXP Semiconductors MIFARE Plus.

Security level 3:
The operation in security level 3 is solely based on the ISO/IEC 14443-4 protocol layer. The usage of the backwards compatibility protocol is not possible.

In security level 3, a mandatory AES authentication between PICC and reader is conducted, where two keys are generated as a function of the random numbers from the PICC and the reader as well as of the shared key.

These two session keys are used to secure the data which is exchanged on the interface between the card and reader. One of the two keys is used to ensure the confidentiality of the command and the response while the other key ensures the integrity of the command and the response.

The reader can decide which security needs to be used in the communication between PICC and reader. In the simplest case, all commands are secured by a MAC, such that the PICC will only accept commands from the authenticated reader. Any message tampering is detected by verifying the MAC. All responses are appended by a MAC to prove to the reader that neither the command nor the response have been compromised.

If performance is the highest priority, the card can be configured to omit the MAC for read commands. The card then accepts read commands without knowing whether they are authentic. However, there is a mechanism to prove to the reader that the read response is resulting from the unmodified read command that it sent.

Other commands, like write commands, always need to have a MAC appended to ensure that no memory changes are carried out without proving the authenticity of the command.

The reader can decide for each command whether a MAC is included in the response. When the appropriate MAC is received, due to linked MACs the reader knows that the command and commands before it were properly executed.

All commands between two consecutive First Authenticate commands belong to one transaction and the MACing mechanism assures integrity of the whole transaction.

If the MAC on read responses is omitted, the integrity of all read responses within one session can still be verified by including a MAC on one read response before issuing the next First or Following Authenticate command.

If performance matters more than confidentiality of the transaction, each data block in a sector can be configured to allow or disallow sending/receiving plain data.

An automatic anti-tear mechanism is available for secure deployment of rolling keys. If a card is removed from the field during a key update, it either concludes the update or automatically falls back to the previous key. NXP recommends 7Byte UID, but offers 4B UID versions of MIFARE Plus during migration. MIFARE Plus is available in the proven MOA4 module and as sawn bumped wafers, no changes for existing manufacturing processes necessary.

Product Features MIFARE PLUS S 2 K MIFARE PLUS S 4 K MIFARE PLUS X 2 K MIFARE PLUS X 4 K
Memory        
EEPROM size [byte] 2 K 4 K 2 K 4 K
Write endurance [typical cycles] 200 000 200 000 200 000 200 000
Data retention [years] 10 10 10 10
Organization 32 sectors with 4 blocks 32 sectors with 4 blocks
8 sectors with 16 blocks
32 sectors with 4 blocks 32 sectors with 4 blocks
8 sectors with 16 blocks
RF-Interface        
Acc. To ISO 14443A yes – up to layer 4 yes – up to layer 4 yes – up to layer 4 yes – up to layer 4
Frequency [MHz] 13.56 13.56 13.56 13.56
Baudrate [kbit /s] 106 … 848 106 … 848 106 … 848 106 … 848
Anticollision bit-wise bit-wise bit-wise bit-wise
Security  
Unique Serial Number [byte] 4 or 7 4 or 7 4 or 7 4 or 7
4 byte Random ID yes in SL3 yes in SL3 yes in SL3 yes in SL3
True Random Number Generator yes yes yes yes
Access keys CRYPTO1 or AES keys per sector CRYPTO1 or AES keys per sector CRYPTO1 or AES keys per sector CRYPTO1 or AES keys per sector
Access conditions per sector per sector per sector per sector
AES security CMACing CMACing CMACing / Encipherment CMACing / Encipherment
Anti-tearing for AES keys, sector trailers and configuration for AES keys, sector trailers and configuration for AES keys, sector trailers and configuration for AES keys, sector trailers and configuration
Cryptography AES (128 bit), CRYPTO 1 AES (128 bit), CRYPTO 1 AES (128 bit), CRYPTO 1 AES (128 bit), CRYPTO 1
Special Features  
Supported MF PLUS levels SL1, SL3 SL1, SL3 SL1, SL2, SL3 SL1, SL2, SL3
Multi-sector authentication yes yes yes yes
Virtual card support yes, limited command set yes, limited command set yes, full command set yes, full command set
Proximity check no no yes yes
Packaging        
Sawn Wafer (Au Bumped)        
7 byte UID MF1SPLUS6001DUD/02 MF1SPLUS8001DUD/02 MF1PLUS6001DUD/02 MF1PLUS8001DUD/02
4 byte UID MF1SPLUS6011DUD/02 MF1SPLUS8011DUD/02 MF1PLUS6011DUD/02 MF1PLUS8011DUD/02
MOA4 Module        
7 byte UID MF1SPLUS6001DA4/02 MF1SPLUS8001DA4/02 MF1PLUS6001DA4/02 MF1PLUS8001DA4/02
4 byte UID MF1SPLUS6011DA4/02 MF1SPLUS8011DA4/02 MF1PLUS6011DA4/02 MF1PLUS8011DA4/02
         
         
Level 0
MIFARE Plus cards are
pre-personalized with
configuration keys, level
switching keys, MIFARE
Classic CRYPTO1 and AES
keys for the memory.
Security Level 1               In this level the cards are 100% functionally backwards compatible with MIFARE Classic 1 K / 4 K cards. Cards work seamlessly in existing MIFARE Classic infrastructure.. Security Level 2
(MIFARE Plus X only)
Mandatory AES
authentication. MIFARE
Classic CRYPTO1 for data
confidentiality.
Security Level 3
Mandatory AES
for authentication,
communication confidentiality
and integrity.
Optional proximity detection
(MIFARE Plus X only)