Worked out example of proposed security mechanism

Byte 0 1 2 3 Page  
SNR 04 6E BF 5D 0
SNR 11 12 7A 00 1
I/L 79 C8 00 00 2
OTP 00 00 00 00 3
R/W 72F5 F2FE 0AFD 1771 4 Encrypted user data
R/W 6F97 3256 ECEE 4B37 5
R/W DD1A C31C 2546 715C 6
R/W 5534 A471 C896 5E95 7
R/W F48F B271 1BDD 1F77 8
R/W 54F0 5CC3 653F 4683 9
R/W 79AC 143D 2137 9E23 10
R/W D39F 3F40 480F DDDC 11
R/W         12  
R/W         13  
R/W         14  
R/W         15  

Figure 9: Memory with encrypted user data

Now Let’s calculate the MAC.

For checksum calculation content of page 2 and page 3 will be considered together with

the data to be written. So the content on which MAC will be calculated = 79C800000000000072F20A176F32EC4BDDC3257155A4C85EF4B21B1F545C6546791 4219ED33F48DDh

The same key and IV is used as described in section 2.2.2 and the calculated

MAC = B81DCBDDh (4 LSB bytes of last block “B81DCBDDB68212DF”) So the final memory will look like as in figure 10. (If it is necessary page 4 may be used to present the header which can show data

storage type, length etc.)

Byte 0 1 2 3 Page  
SNR 04 6E BF 5D 0
SNR 11 12 7A 00 1
I/L 79 C8 00 00 2
OTP 00 00 00 00 3
R/W 72F5 F2FE 0AFD 1771 4 Encrypted user data
R/W 6F97 3256 ECEE 4B37 5
R/W DD1A C31C 2546 715C 6
R/W 5534 A471 C896 5E95 7
R/W F48F B271 1BDD 1F77 8
R/W 54F0 5CC3 653F 4683 9
R/W 79AC 143D 2137 9E23 10
R/W D39F 3F40 480F DDDC 11
R/W B89E 1D54 CB15 DDA1 12 MAC
R/W XX XX XX XX 13 Not Used

Figure 10: Final memory with encrypted data and MAC

An example application flow diagram is shown in the following:

Mifare Ultralight Printed Cards,Mifare Ultralight Pre-printed Cards,HF 13.56MHz Mifare Ultralight Proximity Cards,

Figure 11: Example application flow diagram
Dotted blocks may be avoided if the OTP bytes are not used
Pre-defined process for card detection, reader sends always REQA and check if there is any answer.
Standard anticollision [ISO/IEC 14443-3], which includes the selection of the right card (also from the multiple cards).
If OTP or any memory content is updated, MAC has to be recalculated and rewritten.