AT88SC0204CRF
Communication
Security
Communication between the PICC and reader operates in three basic modes. Standard
mode is the default mode for the device after power-up and anticollision. Authentication
mode is activated by a successful authentication sequence. Encryption mode is
activated by a successful encryption activation, following a successful authentication.
Table 2. Configuration Security Modes
Data Integrity
Mode
Standard
User Data
clear
Passwords
clear
Check
MDC(1)
MAC(2)
MAC(2)
Authentication
Encryption
clear
encrypted
encrypted
encrypted
Notes: 1. Modification Detection Code
2. Message Authentication Code
Security Methodology
Figure 3. Security Methodology
Device (card)
Host (reader)
Card Number
COMPUTE Challenge A
VERIFY A
Challenge A
Compute Challenge B
Challenge B
VERIFY B
Check Password (RPW)
DATA
Read Password (RPW)
Checksum (CS)
VERIFY CS (optional)
Check Password (WPW)
Write Password (WPW)
DATA
CS
VERIFY CS
Write DATA
Memory Access
Depending on the device configuration, the host will carry out the authentication protocol
and/or present different passwords for each operation: read or write. To insure security
between the different user zones (multiapplication card), each zone can use a different
set of passwords. A specific attempts counter for each password and for the
authentication provides protection against systematic attacks.
5
5022CS–CRRF–12/06