- More details: https://forum.dangerousthings.com/t/types-of-hid-iclass-cards/12243
- SE to legacy Downgrade guide: https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md
- More information about data layout: https://web.archive.org/web/20220727184834/http://www.proxmark.org/files/proxclone.com/Spoofing_iClass_rev2.pdf
- DEFCON32 iClass - Throwing away the keys (video)
Picopass hardware. The PACS is blocks 6, 7, 8, 9. 6 is a config, 7 is the pacs data, but can overflow to 8. 9 has PIN, if applicable.
7, 8, 9 can be encrypted and if 3des, the key is 16 bytes and leaked. This is not the same as the key to read data from the card.
These are 8 bytes
-
Standard
This has been leaked. You can copy the 6-9 blocks between cards without decryption to duplicate credential
-
Elite
Sometimes thought of as 'custom', but by defintion these are generated by HID. There is a list of ~700 that as been leaked from iCopyX (https://pastebin.com/KWcu0ch6).
The loclass attack can be used to derive the key from sample emulated UIDs. It is rumored some readers have been upgraded to block the default UIDs, but others can be generated.
-
Custom
These are keys the customer generates. Some of the keys in the iCopyX leak (https://pastebin.com/KWcu0ch6) might be custom keys. If the key is long (AES length) the SE KDF is used; If the key is short (64bit), the standard KDF is used. This means loclass won't work against custom keyed systems.
TL;DR: if the last byte is 0x17 then block 7, 8, 9 are encrypted. Use https://iclass.ericbetts.dev/ to decrypt
b7 >> 4 & 0xF -> ApplicationSubType 1=Standard, 2=Config, other values reserved for future use
b7>>2 & 0x3 -> ApplicationType 1=AccessControl, 2=ConfigCardBase, 3=ConfigCardExtension, 0=RFU
b7 & 0x03 -> EncryptionType, 0=None, 1=DES, 2=2K3DES, others RFU
b6>>7 & 0x01 -> HasSentinelBit Flag
b6>>5 & 0x03 -> UserIDBlockOffset
b6 & 0xF -> PinSize
b5 & 0x3 -> PasswordEncryptionType, 0=None, 1=DES, 2=2K3DES, others RFU
b5>>2 & 0x3 -> FolderNumber
b4>>5 & 0x7 -> PageNumber
b4 & 0x1F -> BlockNumber
PACS bits with sentinel bit (unless pacs continued in next block)
PACS bits continued (technically I think it is started here)
other stuff and PIN
Transitional credential. Keys and block 6, 7, 8, 9 are like Legacy, but there is a SIO (like SE) blocks 10+ An example is that you are at a place where some readers are legacy iclass readers and some are newer "SE" capable readers (SE meaning they can read an SIO). So the card has both the legacy credential and the SIO. Newer readers wlll try to read the SIO, older readers only look for the legacy credential.
Standard key and KDF have not been leaked. The loclass attack doesn't work. The contents of 6+ are an SIO (Secure Identity Object). Can be Standard or Elite keyed like Legacy.
See also So, you correctly identified you have a iClass SE or SEOS credential.
Not Picopass. Javacard (smartcard), 14443a (aka NFC-A). Contains an SIO, but cannot be accessed without HID reader or HID SAM