Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2017-08-30 07:57:55

/by0
Contributor
Registered: 2017-08-26
Posts: 5

iClass Serial Protocol

Can anyone point me to a valid source for the iClass Serial Protocol Interface document or another document besides the "Inside Contactless - Hand'IT-2g Compact Flash Reader Datasheet" document?  The brucenbrian.com source I found via Google is not valid (it may just appear on Google because of the Heart of Darkness paper reference) and I can't find a copy.

Unfortunately the Inside Contactless datasheet left me with more questions regarding permutation and key diversification.  For example, why do they say to change the 0xF4 to 0B in the key permutation example, especially when it gets replaced with the checksum in the next step.  Since I was able to reverse permute and successfully use the App1 (Debit) Key found on the Internet I know I can permute keys but I'm trying to understand all the details for each step.

Any assistance in pointing me to additional documentation or explanations would be appreciated.

Thank you,

/by0

Offline

#2 2017-08-30 08:03:29

iceman
Administrator
Registered: 2013-04-25
Posts: 4,854
Website

Re: iClass Serial Protocol

There is also the permutation code from iclassified to look at.


冰人

modhex(hkhehghthbhudcfcdchkigiehgduiehg)

Offline

#3 2017-09-06 07:37:27

/by0
Contributor
Registered: 2017-08-26
Posts: 5

Re: iClass Serial Protocol

I spent the holiday weekend reading all the proxclone.com documents.  I actually think I read most of it before on the actual site about a year ago, but it was a nice refresher.   I also spent some time reviewing the code for permute.php, iclassified and CopyClass.  I ended up finding a couple of errors in the config block read section of CopyClass and while I was at it I re-enabled the Decrypt ACA checkbox.  This led me a the surprise (when I unchecked the box) that one of my tags wasn't encrypted.

I appear to be calculating the key permutation correctly, but still don't understand the example from the Inside Contactless document- I'm just chalking it up as a typo.  Is there anything else in the Serial Protocol Interface document that would warrant me continuing to search for a copy?

Thanks,

/by0

Offline

Board footer

Powered by FluxBB