Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>OK I got the solution. My mistake was that I was sending </p> <pre><code>3DES(randA + randB') </code></pre> <p>But I should send </p> <pre><code>3DES(randA) + 3DES(randB' XOR 3DES(randA)) </code></pre> <p>Here's the authentication code for Android/Java (it's so sad that this is the only one that can be found on the net currently!):</p> <p>The actual authentication code:</p> <pre><code>// send initial authentication request byte[] result = idTag.transceive(Utils.wrapMessage((byte)0x0a, new byte[]{(byte)0x0})); // get encrypted(randB) from the response byte[] b0 = new byte[8]; for(int i = 0; i &lt; 8; i++) { b0[i] = result[i]; } // 16 bytes default key byte[] key = new byte[] {(byte)0x0,(byte)0x0,(byte)0x0,(byte)0x0, (byte)0x0,(byte)0x0,(byte)0x0,(byte)0x0, (byte)0x0,(byte)0x0,(byte)0x0,(byte)0x0, (byte)0x0,(byte)0x0,(byte)0x0,(byte)0x0 }; // keys for TripleDes byte[][] keys = new byte[3][]; keys[0] = key; keys[1] = key; keys[2] = key; // decrypt encoded(randB) byte[] r0 = DES.TripleDES_Decrypt(b0, keys); // generate randA (integer 0-7 for trying, should randomize for real-life use) byte[] nr = new byte[8]; for(int i = 0; i &lt; 8; i++) { nr[i] = Byte.parseByte(Integer.toString(i), 16); } // decrypt randA, should XOR with IV, but IV is all 0's, not necessary byte[] b1 = DES.TripleDES_Decrypt(nr, keys); // shift randB one byte left and get randB' byte[] r1 =new byte[8]; for(int i = 0; i &lt; 7; i++) { r1[i] = r0[i + 1]; } r1[7]=r0[0]; // xor randB' with randA and decrypt byte[] b2 = new byte[8]; for(int i = 0; i &lt; 8; i++) { b2[i] = (byte) (b1[i] ^ r1[i]); } b2 = DES.TripleDES_Decrypt(b2, keys); // concat (randA + randB') byte[] b1b2 = new byte[16]; for (int i = 0; i &lt; b1b2.length; i++) { if(i &lt;= 7) { b1b2[i] = b1[i]; } else { b1b2[i]=b2[i-8]; } } result = idTag.transceive(Utils.wrapMessage((byte)0xaf, b1b2)); </code></pre> <p>TripleDes is the one in the question. wrapMessage function:</p> <pre><code>public static byte[] wrapMessage (byte command, byte[] parameters) throws Exception { ByteArrayOutputStream stream = new ByteArrayOutputStream(); stream.write((byte) 0x90); stream.write(command); stream.write((byte) 0x00); stream.write((byte) 0x00); if (parameters != null) { stream.write((byte) parameters.length); stream.write(parameters); } stream.write((byte) 0x00); return stream.toByteArray(); } </code></pre> <p><strong>EDIT:</strong> Thanks to VGe0rge, we found out the reason why this authentication doesn't work from time to time. Instead of calling the 3DES function in the question, just call:</p> <pre><code>Cipher.getInstance("DESede/CBC/NoPadding"); </code></pre>
    singulars
    1. This table or related slice is empty.
    1. PODES Send and Receive Modes for DESFire Authentication
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USİsmet Alkan
    1. USİsmet Alkan
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PODES Send and Receive Modes for DESFire Authentication
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COThanks for reporting back. Note that `3DES(randA) + 3DES(randB' XOR 3DES(randA))` simply means `TDES_CBC(randA | randB)` with a zero IV.
      singulars
      1. PO
      1. USMaarten Bodewes
    2. COWhy don't you just use `Cipher.getInstance("DESede/CBC/NoPadding")` ???
      singulars
      1. PO
      1. USMaarten Bodewes
    3. COThe real reason I'm doing DesFire authentication is to learn cryptology. I want to be able to modify and understand the ciphering operation, the example in my link provides all the information and implementation for that.
      singulars
      1. PO
      1. USİsmet Alkan
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload