• State
  • Locked Locked
  • Replies 2 replies
  • Subscribers 16 subscribers
  • Views 292 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Rf430cl330h write protection through NFC interface

Victor Montilla
Prodigy 165 points
Other Parts Discussed in Thread: RF430CL330H

Hello,

We are starting a project where we wil use the rf430cl330h as a dynamic tag and after reading all the datasheet there is an unresolved qüestion for me: I don't find a way to protect the device from an external writing (NFC interface) once the memory is written.

In the datasheet it explains that the content can be protected through access conditions in the capability container of the tag. I understand that this means that the write protection is set inside the NDEF frame.

But, what happens if someone tries to erase the content of the memory through NFC without using NDEF format? Is it possible to write directly to the memory of the rf430cl330h using NFC without following the NDEF format? If this is possible it seems that no security protection against erase or write can't be performed. Is this assumption correct?

Same qüestions in a more direct manner:

- Is it compulsory to write to the memory using NDEF format ?

- Is it possible to perform a direct write?

This qüestions should be answered always taking into account a NFC access, I know that this can be done through the I2C interface without any problem, but our concern is related to external access through NFC and how to protect it.

Thanks in advance for your answer,

Víctor

  • 0
    TI__Mastermind 26420 points

    Hey Victor,

    You are correct that in the capability container, you can mark a tag as read only.  As you mentioned, this requires the reader to follow the NDEF standard.  If the reader ignores this, and sends Update_binary commands, it can re-write the memory.   

    Victor Montilla said:
    - Is it compulsory to write to the memory using NDEF format ?

    No, "NDEF" is not required.  Now, it is require to have the capability container at minimum, but you can put any data in the 0xE104 file that you want.  This can be encrypted data, etc.  Built in features in the handset Operating system won't interpret this data, but a custom app could decrypt/interpret it.      

    Victor Montilla said:
    - Is it possible to perform a direct write?

    Yes.  A reader just needs to select the Tag and write to it, there are no locked blocks.  

    Now, there is a fairly simple solution that many customers implemented: When you receive a EORX INTO indicating the RF430 has been written with something, you can re-write the NDEF message via I2C.  If a malicious user writes the RF430CL330H, and then presents again to read, they will still only read your original NDEF message.  

    Will this work for you?  

    Thanks,

    JD 

  • 0 in reply to JD Crutchfield
    Prodigy 165 points

    Hi John,

    Thanks for your answer. Although the solution you propose seems that it will work, I thinks is not the good one because it requires a constant monitoring of the device and sometime this is not feasible. An external write protection (implemented with i2c commands or with an external pin in the RF430CL330H) should be better.

    Do you know if Texas Instruments has any plans to develop a new version of the RF430CL330H (or similar IC), with additional features? I think it would be great and would improve the uses of this IC.

    Thanks for your answer,

    Víctor