Yubico Forum
https://forum.yubico.com/

[QUESTION] Mifare Classic emulation
https://forum.yubico.com/viewtopic.php?f=26&t=1668
Page 1 of 1

Author:  darco [ Thu Dec 18, 2014 10:07 pm ]
Post subject:  [QUESTION] Mifare Classic emulation

I noticed that one of the features of the Yubkey Neo is "Mifare Classic emulation".

This is mentioned on page 39 of the yubikey manual, but is otherwise not elaborated on.

What is this "Mifare Classic emulation" feature, and how is it intended to be used?

Author:  DavidW [ Fri Dec 19, 2014 5:42 am ]
Post subject:  Re: [QUESTION] Mifare Classic emulation

The obvious and I guess primary application is using a NEO with legacy physical access control infrastructure designed for Mifare Classic tokens. Such infrastructure cannot be recommended for new deployment due to the well-known weaknesses in the Mifare CRYPTO algorithm, but there is a considerable deployed footprint.

If you want to deploy new physical access control infrastructure with a NEO, the obvious answer is to use PIV II compatible infrastructure against a certificate in the 9E slot of the NEO's PIV applet. Commercial PIV access control infrastructure tends to be expensive, though if you can control the points of failure sufficiently, you can always roll your own from a Raspberry Pi and a contactless smartcard reader.

Author:  Tom2 [ Fri Dec 19, 2014 11:14 am ]
Post subject:  Re: [QUESTION] Mifare Classic emulation

Right,

A third alternative is to use KEYnTO, a new access control mechanism based on Yubico OTP https://www.keynto.com/

Author:  darco [ Fri Dec 19, 2014 9:55 pm ]
Post subject:  Re: [QUESTION] Mifare Classic emulation

After I posted my question (and before I saw the answer) I had just assumed it was a way to emulate a type-2 NDEF tag. But if it really does emulate a mifare classic, then that's interesting. I guess it's just another place to squirrel away data.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/