Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Mifare cards: distinguish between 4-byte and 7-byte UIDs

I have a card reader that always report 64 bits, and can read cards with 4 or 7 byte UIDs.

As an example, I see it can report:

  • 04-18-c5-82-00-00-00-00 - a 4-byte UID in the form uid0-uid1-uid2-uid3-00-00-00-00
  • 04-18-c5-82-f1-3b-81-00 - a 7-byte UID in the form uid0-uid1-uid2-uid3-uid4-uid5-uid6-00

What prevents a 7-byte UID from having uid4, uid5 and uid6 set to zero? Is this covered in a spec? If so, which spec?

like image 935
bbaker Avatar asked Jun 15 '16 14:06

bbaker


1 Answers

What prevents a 7-byte UID from having uid4, uid5 and uid6 set to zero?

Nothing. The format of the UID (as used by MIFARE cards) is defined in ISO/IEC 14443-3. Specifically for MIFARE cards, NXP has (or at least had?) some further allocation logic for 4 byte UIDs, but that's not publicly available.

Is it possible to distinguish the two cases?

If the reader outputs the UIDs exactly in the form that you showed in your example, then the answer is no (at least not reliably). However, some readers output the UID on 8 bytes and include the cascade tag for 7-byte-UIDs. Thus, all 7-byte-UIDs start with 0x88 for those readers. This does not seem to be the case with your reader.

Are there possible strategies to distinguish the two cases?

Some strategies come to my mind to distinguish 4-byte-UIDs from 7-byte-UIDs.

  1. The first byte of a 7-byte-UID is the manufacturer code (as defined in ISO/IEC 7816-6 (see How to detect manufacturer from NFC tag using Android? on how to obtain the list). Thus, if you have a limited set of manufacturers (e.g. if you only use MIFARE cards with chips from NXP), you could interpret all UIDs that start with NXP's manufacturer code (0x04) as 7-byte-UIDs. Nevertheless, you should be aware that 4-byte-UIDs are allowed to start with 0x04 as well. Hence, this method is not 100% reliable and may fail for some cases.

  2. The first byte of 4-byte-UIDs must not contain any of the following values: 'x8' (with x != '0'), 'xF'. If you find the first byte to match any of those values, you can assume the UID to consist of 7 bytes.

like image 64
Michael Roland Avatar answered Oct 17 '22 11:10

Michael Roland