| Yubico Forum https://forum.yubico.com/ |
|
| NEO & Mifare Classic https://forum.yubico.com/viewtopic.php?f=26&t=2597 |
Page 1 of 1 |
| Author: | securityvoid [ Mon Mar 13, 2017 7:45 pm ] |
| Post subject: | NEO & Mifare Classic |
Hello, We have a bunch of YubiKey Neo's we're using as part of a project to create an Arduino Pin/Card reader with the YubiKeys. As part of this we purchased a device that implements the Wiegand 26 interface in order to read the Neo's value. What we're finding is that we're receiving a static 8 digit integer from the reader every time a specific Neo is swiped (This value is different per Neo, but is always the same for a Neo). I've got a few questions: 1) Does anyone know what this value is? Since its static, it doesn't seem its a OTP (but we were hoping for a OTP over MiFare)? Its also not the device serial. 2) If you know what this value is, do you know if its possible to go from this value back to the device serial, or something else we can correlate? 3) Is there anyway to get the OTP over Mifare? This is what we bought/are using for a device: http://www.ebay.com/itm/221526214195 Barring the above, does anyone know of a keypad/reader combo that CAN get the OTP from the Yubikey? |
|
| Author: | Jakob [ Tue Mar 14, 2017 5:17 am ] |
| Post subject: | Re: NEO & Mifare Classic |
Mifare devices (like the NEO) has something called CSN - Card Serial Number and that's the serial number you're getting. This is completely unrelated to the device serial number, which is marked on the NEO as this number is factory-assigned by the chip manufacturer. Mifare is limted only to very basic authentication, so you can't get out an OTP that way. By using the DEP protocol over ISO14443-4, you can unlock the full potential of the NEO and can then basically do everything you can over the CCID interface. There, you can among other things get an OTP string. Hope this helps, Jakob E |
|
| Author: | securityvoid [ Tue Mar 14, 2017 2:54 pm ] |
| Post subject: | Re: NEO & Mifare Classic |
Okay, if I have a given Yubikey is there anyway to know what its CSN value will be, without first running it through MiFare? By any chance do you know of any ISO14443-4 / Pin readers? |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|