Some HiTag S 2048 for everybody

I just wanted to let everyone here know I was thinking of them today. Like many of you I have been looking for the last few months for HiTag S 2048 2mmx12mm glass tags and have been unable to find anything at all. Well a few days ago I talked to the guy who does all the access control stuff at our office and he's getting me a reader and 20 of the tags (minimum order..) Sure it's costing a arm and a leg, but the search is over for me, and hopefully many of you. I have 20 HiTag S 2048 glass tags on the way to me, and hopefully here by the end of this week. I figure I will need / want about 3 of these so the rest are up for grabs. Now before you all start to sound like my girlfriend, 10 bucks each is what they cost me, I figure not that bad since I don't have to look for them any more. Add 2 bucks for postage and you can have as many as you like, and pending my reader / writer working I can even program them with whatever coding you like. lets see, to head off any questions here are some specifics. Tags are made of Bio-glass 8625 with no coating on them, they are not sterile, you have to clean 'em up your self. I don't have any injectors, but there are a couple of places mentioned on this forum to get those. These are the std. 125 Khz setups and I can't think of anything more, let me know if you have any questions and PM me if you are interested in one. I don't know if I can get any more after these 20, but I'll look into that when the time comes.

Thanks and happy taggin'

B...

hey, i think im interested.

Its been a while since i've played with any RFID tags, i purchased a implant about 4 years ago with the intention of putting it in my hand, however couldn't find anyone to do it at the time, and eventually gave up. it wasnt until recently something sparked in me again and i want to do it all over again.

I'm thinking of putting 2 tags in my hands (one in each hand) i being a normal tag (ie. just ID) and the other with read/write cabibilities, as well as encryption for more secure purposes (home and car automation).

I'm right in thinking these HiTag S 2048 have both write space and encryption?? Also how much can you do 2 or 3 to Australia for? i daresay shipping couldnt be too much considering the weight lol.

i dont get it, im assuming the encryption is a setting on the tag that can somehow be turned on/off
then wouldnt it be a matter of analysing the data input-->output to determine the encryption process. I'm assuming its a simple algorythm ie MD5 or similar. maybe its using the tags ID as a key??
does amyl know?? he does have one of these in his hand.
I checked the data sheet but thers no mention of encryption type unfortunatly :(
anyone with any ideas??

The encryption used was designed for payment applications, so communication between reader and tag had to be fairly secure to prevent fraud. Each communication starts with a mutual three pass authentication procedure according to the ISO 9798-2 standard. Basically, the RF signal is protected from replay attack and the data flowing between reader and card is encrypted according to the Philips 3DES CRYPTO1 algorithm. The crypto algorithm itself is propietary and Philips will not release it.

For more info on the Philips protocol, check this document:

http://www.ibtechnology.co.uk/PDF/MFprot.PDF (pdf)

The tag stores 2 separate 32 bit values in a secured memory block; "Logdata" and "Password". The reader must also know these two values.

"Logdata" is a static key, used to set up an encrypted stream-cipher session. The encrypted session is established in the following way:

- The tag generates a random number or "salt" (S) and sends it to the reader

- The reader generates a response (R), which is arrived at by generating it's own random value or return salt (RS) and encrypting it using the salt (S) received from the tag and the known "Logdata" value. The reader transmits this response (R) back to the tag.

- The tag now decrypts the response (R) and sees if the randomly generated salt (S) and known value "Logdata" match. If so, the tag now knows that the reader is using the correct "Logdata" value. We are half way to setting up an encrypted stream-cipher session!

- The tag then takes the return salt from the reader (RS), encrypts it, and sends it back to the reader. The reader decrypts, compares, and checks to ensure the values match. If so, reader knows the tag is the legitimate transponder.

- Now we have an encrypted stream-cipher session is established! Because the salt values used to set up the encrypted stream-cipher are randomly generated, replay attacks are not possible. The reader can now safely send the tag the "Password" value that will unlock access to the tag's memory blocks.

The exact algorithm used to encrypt the session is not any kind of open standard and has not been released by Philips. However, it has since been reverse engineered:

Diagram: http://rfidtoys.net/downloads/hitag2.png

Code: http://rfidtoys.net/downloads/hitag2.c

The encryption method is licensed to hardware makers who incorporate it into their reader chips, which are then put into RFID readers that you can buy. You can easily find a reader that fully supports the HITAG S encryption features. The difficulty comes with working with the reader itself to set up and use the encryption. For example, coding software to handle simple EM4102 tag IDs is very easy, you just listen for tag IDs coming in from the reader and check them against your internal database. If you want to add on top of that read/write memory operations, then you have to write more code to handle that interaction. Tack on encryption features, and your software gets more complex. It's not unmanageable, it's just more work to implement more features.

The communication between tag and reader you don't have to worry about, it's the communication between your software and the reader that is key. Most readers come with either communication protocol guides, or SDKs that make working with the reader very easy.