User's Manual
Advanced Card Systems Ltd. `Page 30 of 46
2.2 Authentication for MIFARE 1K/4K
The “Authentication command” uses the keys stored in the reader to do authentication with the
MIFARE 1K/4K card (PICC). Two types of authentication keys are used, TYPE_A and TYPE_B
respectively.
Table 2.2-1a: Load Authentication Keys APDU Format (6 Bytes) #Obsolete
Command
Class INS P1 P2 P3 Data In
Authentication
FF 88 00 Block
Number
Key
Type
Key Number
Table 2.2-1b: Load Authentication Keys APDU Format (10 Bytes)
Command
Class INS P1 P2 Lc Data In
Authentication
FF 86 00 00 05 Authenticate Data
Bytes
Authenticate Data Bytes (5 Byte):
Byte1
Byte 2
Byte 3 Byte 4
Byte 5
Version
0x01
0x00 Block
Number
Key
Type
Key
Number
Block Number (1 Byte):
The memory block to be authenticated.
For MIFARE 1K Card, it has totally 16 sectors and each sector consists of 4 consecutive blocks.
E.g. Sector 0x00 consists of Blocks {0x00, 0x01, 0x02 and 0x03}; Sector 0x01 consists of Blocks
{0x04, 0x05, 0x06 and 0x07}; the last sector 0x0F consists of Blocks {0x3C, 0x3D, 0x3E and
0x3F}. Once the authentication is done successfully, there is no need to do the authentication again
provided that the blocks to be accessed are belonging to the same sector. Please refer to the
MIFARE 1K/4K specification for more details.
#Once the block is authenticated successfully, all the blocks belonging to the same sector are
accessible.
Key Type (1 Byte):
0x60 = Key is used as a TYPE A key for authentication.
0x61 = Key is used as a TYPE B key for authentication.
0x00 ~ 0x01 = Key Location.
Table 2.2-1b: Load Authentication Keys Response Format (2 Bytes)
Response
Data Out
Result
SW1 SW2