Can NFC label realize the security and How to implement?

This article takes the latest NTAG216 of NXP for example.

1. Security of NFC tag

Manufacturer programmed 7-byte UID for each chip;

Field programmable read-only locking function;

32-bit password to prevent unauthorized memory operations.

2. Encryption of NFC tag

The information of NFC tag can be read, there is no permission to set the mechanism;

If you want to use the NFC tag, you can encrypt the information of the tag (although you can read it, but what you read the is ciphertext).If the ciphertext should be deciphered, you can use AES encryption algorithm, RSA encryption algorithm,etc. If they don’t need to be deciphered, then you can use the SHA family algorithms;

You can use other types of cards, such as the Mifare Classic cards MIFARE Classic :: NXP NXP Semiconductors, Mifare DESFire EV1 series cards MIFARE DESFire :: NXP Semiconductors) and other cards.They are authorized by the secret key (keyA / keyB) to access the sectors. (This program has two problems, the compatibility of mobile phone and the high cost).

3. How to make an NFC tag a security tag

The UID can be encrypted into a ciphertext by the asymmetric encryption algorithm;

The ciphertext will be stored in data area of the NFC tag;

The UID read by verification device or software, also the the software and server will calculate the ciphertext;

                                            NFC label Anti-counterfeiting writing process

                             NFC label Anti-counterfeiting validation process

Compare the two ciphertexts, determine the authenticity.