MIFARE is the NXP Semiconductors-owned trademark of a series of chips widely used in contactless smart cards and proximity cards. According to the producer, billions of smart card chips and many millions of reader modules have been sold. The technology is owned by NXP Semiconductors (spun off from Philips Electronics in 2006) with its headquarters in Eindhoven, the Netherlands, and main business sites in Nijmegen, the Netherlands, and Hamburg, Germany.The MIFARE name covers proprietary technologies based upon various level of the ISO/IEC 14443 Type A 13.56 MHz contactless smart card standard.

The technology is embodied in both cards and readers (also referred to as a Proximity Coupling Device which is suitable to use).

The MIFARE name covers seven different kinds of contactless cards:

MIFARE Ultralight
low-cost ICs that employ the same protocol as MIFARE Classic, but without the security part and slightly different commands.

MIFARE Ultralight C
the first low-cost ICs for limited-use applications that offer the benefits of an open Triple DES cryptography.

MIFARE Classic 
employ a proprietary protocol instead of ISO/IEC 14443A-4, with an NXP proprietary security protocol for authentication and ciphering. This makes the product non compliant with ISO/IEC 14443A standard.

MIFARE Plus
drop-in replacement for MIFARE Classic with certified security level (AES 128 based).

MIFARE DESFire
are smart cards that comply to ISO/IEC 14443A-4 with a mask-ROM operating system from NXP. There are 2 version of the card, the “06″ and the “EV1″.

MIFARE ProX, SmartMX
are NXP Semiconductors brand names for smart cards that comply to ISO/IEC 14443A-4.

MIFARE DESFire EV1
includes AES encryption.

MIFARE SAM AV2
secure access module that provides the secure storage of cryptographic keys and cryptographic functions.

 
MIFARE Classic: The MIFARE Classic card is fundamentally just a memory storage device, where the memory is divided into segments and blocks with simple security mechanisms for access control. They are ASIC-based and have limited computational power. Thanks to their reliability and low cost, those cards are widely used for electronic wallet, access control, corporate ID cards, transportation or stadium ticketing.

The MIFARE Classic 1K offers 1024 bytes of data storage, split into 16 sectors; each sector is protected by two different keys, called A and B. They can be programmed for operations like reading, writing, increasing value blocks, etc.). MIFARE Classic 4K offers 4096 bytes split into forty sectors, of which 32 are same size as in the 1K with eight more that are quadruple size sectors. MIFARE Classic mini offers 320 bytes split into five sectors. For each of these card types, 16 bytes per sector are reserved for the keys and access conditions and can not normally be used for user data. Also, the very first 16 bytes contain the serial number of the card and certain other manufacturer data and are read only. That brings the net storage capacity of these cards down to 752 bytes for Classic 1k, 3440 bytes for Classic 4k, and 224 bytes for Mini. As it employs a proprietary protocol instead of ISO/IEC 14443A-4, with an NXP proprietary security protocol for authentication and ciphering, this makes the product non compliant with ISO/IEC 14443A standard.

The simplicity of the basic cards means that they are inexpensive, which is largely the reason for their success in large-scale deployments, such as Oyster card[citation needed].

The MIFARE Classic encryption Crypto-1 can be broken in about twelve seconds on a laptop, if approx. 50 bits of known (or chosen) key stream are available. This attack reveals the key from sniffed transactions under certain (common) circumstances and/or allows an attacker to learn the key by challenging the reader device.

The attack proposed in recovers the secret key in about 40ms on a laptop. This attack requires just one (partial) authentication attempt with a legitimate reader.

Additionally there are a number of attacks that work directly on a card and without the help of a valid reader device. These attacks have been acknowledged by NXP. In April 2009 new and better card-only attack on MiFare Classic has been found. It was first announced at the Rump session of Eurocrypt 2009. This attack will be presented in July 2009 at SECRYPT 2009 conference . The full description of this latest and fastest attack to date can also be found in the IACR preprint archive. The new attack improves by a factor of more than 10 all previous card-only attacks on MiFare Classic, has instant running time, and it does not require a costly precomputation. The new attack allows to recover the secret key of any sector of MiFare Classic card via wireless interaction, within about 300 queries to the card. It can then be combined with the nested authentication attack in the Nijmegen Oakland paper to recover subsequent keys almost instantly. Both attacks combined and with the right hardware equipment such as Proxmark3, one should be able to clone any MIFARE Classic card in not more than 10 seconds. This is much faster than previously thought.

MIFARE Ultralight:The MIFARE Ultralight has only 512 bits of memory (i.e. 64 bytes), without cryptographic security. The memory is provided in 16 pages of 4 bytes.

This card is so inexpensive it is often used for disposable tickets for events such as the Football World Cup 2006.

MIFARE Ultralight C:Introduced at CarteS 2008, MIFARE Ultralight C is part NXP’s low-cost MIFARE offering (disposable ticket). With Triple DES, MIFARE Ultralight C uses a widely adopted standard, enabling easy integration in existing infrastructures. The integrated Triple DES authentication provides an effective countermeasure against counterfeit of tickets (ticket cloning).

Key features:

Fully ISO/IEC 14443 parts 1-3, Type A compliant (including anti-collision)
1536 bits (192 bytes) EEPROM memory
Protected data access via 3-pass Triple DES authentication
Memory structure as in MIFARE Ultralight (pages of 4 byte)
Backwards compatibility to MIFARE Ultralight due to compatible command set
16 bit one-way counter
Unique 7 bytes serial number (UID)
Key applications for MIFARE Ultralight C are Public Transportation, Event Ticketing, Loyalty and NFC Forum Tag Type 2.

MIFARE ProX, SmartMX:MIFARE ProX and SmartMX are microprocessor-based cards. The hardware does nothing on its own, it has to be programmed with dedicated software – an operating system. Most of the time, the microprocessor is coupled to a co-processor dedicated to fast cryptographic computations (e.g., Triple DES, AES, RSA, etc.). These cards are capable of executing complex operations that are as secure and fast as operations on contact based cards. Both are, in fact, also available as a contact based card, or with multiple interfaces, and offer a high degree of flexibility. These cards are capable of supporting a range of both proprietary and open operating systems, including the Java Card OpenPlatform.

Depending on the installed software, the card can be used for almost any kind of application. This kind of card is mostly used where a high level of security is required (e.g., secure travel documents, electronic passports, payment cards, etc.), and is certified by independent parties such as Common Criteria. The hardware of the SmartMX is Common Criteria certified at EAL5+ by the German Federal Office for Information Security (BSI), which means that it is highly resistant to tampering such as, for instance, reverse engineering attacks, fault/glitch attacks, or power analysis attacks. Each operating system on top of the hardware requires its own certification in order for the entire product to be certified.

MIFARE DESFire:The MIFARE DESFire is another NXP microprocessor platform, based on a similar core as MIFARE ProX/SmartMX, with more hardware and software security features than the standard MIFARE Classic chips. It is sold already programmed with a general purpose software (the DESFire operating system) that offers a simple directory structure with files, similar to what is typically found on smart cards. DESFire cards are sold on four variants. One with Triple-DES only and 4Kbyte of storage and three with AES having storage capacity of 2, 4 and 8 KB (see DESFire EV1). The AES variants also have additional security features, i.e. CMAC. It is using a standards compliant (ISO/IEC 14443-4) protocol. The card is based on a 8051 processor with Triple DES and AES crypto accelerator, making really fast transactions possible.

The maximal read/write distance between card and reader is 10 cm (4 inches), but actual distance depends on the field power generated by the reader and its antenna size.

MIFARE DESFire EV1(previously called DESFire8)

New evolution of DESFire card, broadly backwards compatible. Available with 2KB, 4 KB and 8KB NV-Memory. Other features include:

Support for random ID
Support for 128-bit AES
Hardware and Operating System is Common Criteria certified at level EAL 4+
DESFire EV1 was publicly announced in November 2006.

MIFARE Plus:MIFARE Plus is a replacement card for the MIFARE Classic. It provides an easy upgrade of existing infrastructures toward high security. The applicative data management is identical to the MIFARE Classic, however the security management requires the modification of the installed reader base. Other features include:

2Kbytes or 4Kbytes of memory
7 or 4 bytes UID. Optional supporting random UID
Support for 128-bit AES
Common Criteria certified at level EAL 4+
MIFARE Plus S for simple migration or MIFARE Plus X with many eXpert commands
Security upgrade with cards in the field.
It differs from DESFire EV1 in not being as flexible as the latter.

MIFARE Plus has been publicly announced in March 2008 with availability of first samples in Q1 2009.

MIFARE Plus, when used in older transportation systems that do not yet support AES on the reader side, still leaves an open door to attacks. Though it helps to mitigate threats from attacks that broke the Crypto-1 cipher through the weak random number generator, it does not help against attacks that do not take into account the weak random number generator. Such attacks are the brute force attacks and cryptoanalytic attacks.

MIFARE SAM AV2:MIFARE SAMs (Secure access modules) have been designed to provide the secure storage of cryptographic keys and cryptographic functions for terminals to access the MIFARE products securely and to enable secure communication between terminals and host (backend).
SAMs are available from NXP Semiconductors in the contact-only module (PCM 1.1) as defined in ISO/IEC 7816-2 and the HVQFN32 format.

Key features:

Compatible with MIFARE portfolio solutions
Supports MIFARE, 3DES and AES cryptography
Key diversification
Secure download and storage of keys
128 key entries
ISO 7816 baud rate up to 1.5 Mbit/s
X-mode functionality
Integrating a MIFARE SAM AV2 in a contactless smart card reader enables a state of the art reader design which integrates any high-end cryptography features and the support of crypto authentication and data encryption / decryption The SAM offers functionality to store keys securely, and performing authentication and encryption of data between the contactless card and the SAM and the SAM towards the backend. Next to a classical SAM architecture the MIFARE SAM AV2 supports the X-mode which allows a fast and convenient contactless terminal development by connecting the SAM to the microcontroller and reader IC simultaneously.

MIFARE SAM AV2 offers AV1 mode and AV2 mode where in comparison to the SAM AV1 the AV2 version includes Public Key Infrastructure(PKI), Hash functions like SHA – 1, SHA – 224 and SHA 256. It supports MIFARE Plus and a secure host communication. Both modes provide the same communication interfaces, cryptographic algorithms (TDES 112-bit and 168-bit key, MIFARE Crypto1, AES-128 and AES-192, RSA- up to 2048-bit key) and X-mode functionalities.