MIFARE DESFire EV1 vs EV2
The series of MIFARE 13.56 MHz proximity smart card Integrated Circuit (IC) chips that are widely used around the world for transit and other types of payments, general identification and physical access. MIFARE Classic 1k was introduced in the mid-1990s and continues to sell in very large quantities, but it was not designed with robust security features which could withstand the increase in computing power that the last 20 years have seen. MIFARE Classic 1k has been very useful and inexpensive, but it was notoriously hacked in 2007.
As a more secure successor, the MIFARE DESFire ev1 IC and MIFARE DESFire ev2 IC were introduced in 2003. afterward, NXP introduced the much more secure MIFARE Plus, but it didn’t really catch on the market. The MIFARE DESFire EV1 chip has been NXP’s first widely used, really secure chip, incorporating AES data encryption on the card and during communication with a reader. MIFARE Plus EV2 was introduced recently, incorporating a similar security level to DESFire EV1and DESFire EV2.
Mifare DESFire EV1 and Mifare DESFire EV2 more Secure and have a longer read range than Mifare 1k and Mifare ultralight ev1, but unless your system provider has updated their software to support Mifare DESFire EV1 and DESFire EV2, that is yours have to use the first NXP Mifare 1k and Mifare ultralight ev1. At least they are very cheap.
Since Mifare DESFire EV1 and Mifare DESFire EV2 use the same very secure AES-128 encryption, it is safe and reasonable to use Mifare DESFire EV1 cards and configured to work with your existing system and Mifare DESFire EV1 readers now. If your applications that support the new security and multi-application features of Mifare DESFire EV2, then you can use it. The Mifare DESFire EV2 is not much expensive than the Mifare DESFire EV1.
RFID Technology is changing so quickly that purchasing the latest version of any technology products generally makes sense. In 2013, NXP announcement of MIFARE DESFire EV2 to upgrade RFID proximity card security level for organizations and companies. But as the leading RFID card manufacturer, they produced the MIFARE DESFire EV1 card, MIFARE DESFire EV2 card, and MIFARE DESFire EV2 cards tags and readers. Their full range production line including, MIFARE DESFire EV1 2k ,4k, 8k,16k and MIFARE DESFire EV2 2k ,4k, 8k,16k and Mifare plus ev1 , Mifare plus SE , Mifare Plus S, Mifare plus X .
nowadays MIFARE DESFire EV1 and MIFARE DESFire EV2 cards have many significant advantages over others.
First, MIFARE DESFire EV1 and MIFARE DESFire EV2 have Longer read range than the old version(depending on the reader power and antenna design). It can make a fast transaction and read sooner when it is moving toward the reader. MIFARE DESFire EV1easy to upgrade to EV2 when they become available from their system provider.
Second, the MIFARE DESFire EV1 and MIFARE DESFire EV2 have features depend on support by applications with which they are used. such as the Rolling keysets, the encryption keys can be replaced in the event of a compromise, without having to touch every issued card. the MIFARE DESFire EV1 and MIFARE DESFire EV2 have Key management for separate applications – this allows the card issuer to give or sell application areas on the cards to 3rd parties for their own use, which they can secure with their own keys without having knowledge of the card Master Key.
MIFARE DESFire EV1 and MIFARE DESFire EV2 have Proximity checking – the card can confirm to the reader that it is indeed near that reader and not a remote data stream from a hacker. Additional features which enhance security and utility in multi-application environments.
DO RFID Card manufacturers that sell blank or custom programmed MIFARE DESFire EV1 and MIFARE DESFire EV2 cards and readers to large companies for door access .
But please noted, when you buy the cards and readers, some readers can read EV2 cards programmed with EV1 data. Similarly, some commercial programming systems are able to encode EV2 cards, but only with EV1 data. Islog is one commercially available encoding software that does support EV2 encoding. There are rumors of other manufacturers developing this capability. And, despite the fact that EV2 is supposed to be backward-compatible with EV1, some readers will not recognize EV2 cards.
Security and Privacy
Common Criteria certification: EAL4 for both Hardware and Software
Secure messaging compliant to standard AES according to NIST Special Publication 800-38A and 800-38B
Optional enhanced side-channel attack protection using LRP wrapped AES operation according
Secure messaging compatible with a subset of MIFARE DESFire EV2 secure messaging
Five customers defined AES 128-bit keys including key versions
Optional Random ID for enhanced privacy
Individual AES 128-bit TMAC key for enhanced transaction protection
Transaction counter limit to limit the number of transactions with the application
3-pass mutual authentication
Flexible access control configurable per file (EF)
Individual key configuration for Read (R) / Write (W) / ReadWrite (RW) / Configuration
Configurable secure messaging communication mode
CMAC protected for message integrity protection
Full Enciphered plus CMAC for full encryption of complete data transferred through the contactless interface
ECC-based NXP originality signature
AES-based originality keys leveraging the LRP wrapped AES authentication
If you’re interested in learning more about MIFARE DESFire EV1 and MIFARE DESFire EV2, please kindly contact DO RFID card manufacturer.