Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Serials on NFC Tags - truly unique? cloneable?

Tags:

clone

uniqueidentifier

serial-number

nfc

rfid

So are NFC tags really UNIQUE from each other, at least in their SERIAL NUMBER? And can we rely on the fact that no 2 NFC tags can have the same serial number? I'm highly skeptical about this as there are (and will be more) NFC tags out there and I don't think anyone is controlling the serials...

The reason I'm asking is that I'm developing a key based system using NFC tags. I don't need to write to the tags, I basically just need their serial numbers. But I need them to be truly unique.

Also, I would like to know if the serial numbers can be cloned (I know the content of tags can always be read and cloned, but can one program another tag to have exactly the same ID/serial?)

like image 420
BrownChiLD Avatar asked Feb 11 '14 11:02

BrownChiLD

People also ask

Are NFC serial numbers unique?

So these serial numbers are often unique (each manufacturer has a block of trillions of serial numbers). Still there will often be significant similarities between serial numbers of each batch (e.g. running sequences).

How do I change the NFC serial number?

No, the anti-collision identifier (UID, "serial number") of genuine NTAG203 chips cannot be changed. That serial number is permanently burned in during the manufacturing process.

Can NFC tags be duplicated?

NFC tags (as defined by the NFC Forum) have no protection against cloning. Such tags are intended as containers for freely readable data (so called NDEF messages). Anyone could read an NDEF message from one tag and duplicate it to another tag.

What are the different types of NFC tags?

You can find different types of NFC Chips on Shop NFC, such as: NTAG® Series, MIFARE Classic®, MIFARE Ultralight®, MIFARE® DESFire®, MIFARE Plus®, ST25TA and ICODE® Series. In general, NTAG® Series ICs are compatible with every NFC mobile device.

1 Answers

Are serial numbers of NFC tags truely unique?

That depends on the tag product and what you consider truely unique. E.g.:

  • ISO 14443 Type A tags with 4 byte serial numbers: There certainly exist duplicates (mainly because there is no clear scheme to divide the available range of serial numbers among the various manufacturers) and you can expect that within a batch of tags, there will be significant similarity between serial numbers (e.g. running sequences).
  • ISO 14443 Type A tags with 7 byte serial number (similarly for serial numbers of ISO 15693 tags): Each manufacturer is allocated a block of serial numbers (e.g. NXP serial numbers start with 0x04, Infineon with 0x05, etc). Within that block many manufacturers (I'm not sure about all of them) guarantee that they use each serial number only once. So these serial numbers are often unique (each manufacturer has a block of trillions of serial numbers). Still there will often be significant similarities between serial numbers of each batch (e.g. running sequences). Moreover, it seems that even within the serial number ranges that are supposedly guaranteed to be unique by manufacturers there appear counterfeit tag products that have duplicate serial numbers (see this question on duplicate serial numbers of counterfeit(?) NTAG203 chips).

Can serial numbers be cloned?

Yes, definitely. If you look for instance at MIFARE Classic, you can easily get cards with freely customizable serial number from a Chinese vendor of your choice. There is also devices like Proxmark with which you can emulate a card with a freely customizable serial number. And, moreover, it is relatively easy and cheap to build a device that emulates the protocol and consequently emulates a serial number of your choice. (Also see this question on emulating arbitrary serial numbers using Android NFC smartphones.)

As an attacker, the interesting part now is how you find a legit serial number for a specific system (i.e. a serial number that successfully authenticates to the system):

  1. Read someone's card and clone the serial number.
  2. Intercept communication between the legit card and the legit reader.
  3. Make a guess based on other cards from the same batch (that's why similarity between serial numbers also matters).

Is it a good idea to design an access control system that's based solely on serial numbers?

No, definitely not. Still there exist lots of such systems. But more and more of these systems introduce additional security mechanisms.

like image 79
Michael Roland Avatar answered Sep 20 '22 20:09

Michael Roland
Sign in to Comment

Related questions

How to make a separated copy of an ArrayList? [duplicate]
Cannot access protected member 'object.MemberwiseClone()'
How do I get the seed from a Random in Java?
Clone option not visible in Vmware player [closed]
Git svn clone: How to defer fetch of revision history
Why do we use the clone() method in Java?
What happens when an Arc is cloned?
how to clone content of a div to another div
Why clone() is the best way for copying arrays?
Should we use clone or BeanUtils.copyProperties and why
How do I clone a large Git repository on an unreliable connection?
Java: Rationale of the Cloneable interface
Git commands not working in Mac terminal: "dyld: Symbol not found: ___strlcpy_chk" error
Cloning a record in rails, is it possible to clone associations and deep copy?
Whats the Mercurial hg clone syntax to clone a repository to a folder on a local file system
how to detach alternates after git clone --reference?
git clone with different username/account
git - how can I clone local svn repository?
Working offline with SVN on local machine temporary
git checkout branch from outside

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!