SLS 32TLC001S(M) [INFINEON]
The CIPURSE™4move is a dedicated contactless security controller for cost optimized tickets and cards in transport ticketing applications. It is featuring CIPURSE™S profile and is compliant to the OSPT™ Alliance CIPURSE™V2 specification.;型号: | SLS 32TLC001S(M) |
厂家: | Infineon |
描述: | The CIPURSE™4move is a dedicated contactless security controller for cost optimized tickets and cards in transport ticketing applications. It is featuring CIPURSE™S profile and is compliant to the OSPT™ Alliance CIPURSE™V2 specification. |
文件: | 总40页 (文件大小:4204K) |
中文: | 中文翻译 | 下载: | 下载PDF数据表文档文件 |
SLS 32TLC00xS(M)
CIPURSE™4move
Datasheet
CIPURSE™-based dedicated security controller for cost-optimized tickets, cards,
and wearables in transport ticketing, physical access, micro-payment, and multi-
applications
Key features
•
Open Standard, CIPURSE™S Profile compliant
-
-
-
-
-
Up to 8 CIPURSE™ applications configurable
Up to 8 128-bit AES keys may be assigned to the CIPURSE™ ADF
4 PxSE ADF configurable
Secured communication using AES-128 and session key derivation
Mutual authentication using AES-128
•
•
•
1/2/4 KB user memory for application data storage
Ready-to-use for personalization
Support of legacy systems:
-
Optional 1 KB and 4 KB block oriented memory with NRG™ operation
-
Legacy to CIPURSE™ migration (L2C)
•
Limited refund offering a decrease/increase of the Value Record file limited to the value of the preceding
increase/decrease operation
•
•
•
ISO/IEC 14443 Type A contactless interface
Chip capacitance values of 27/56/78 pF supporting various antenna form factors
CC EAL 5+ (high), CIPURSE™ certified
Potential applications
Optimized for secure multi-application smart city and mobility cards
About this document
Scope and purpose
This document describes the features, functionality, and operational characteristics of SLS 32TLC00xS(M).
Intended audience
This document is primarily intended for system and application designers.
Note:
For more details, CIPURSE™4move Extended Datasheet available under NDA can be requested from
Infineon Technologies.
Datasheet
www.infineon.com
Please read the sections "Important notice" and "Warnings" at the end of this document
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Table of contents
Table of contents
Key features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Potential applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
About this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Table of contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
List of tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
List of figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
System overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Product overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Coding and notation conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
1.1
1.2
1.3
2
Ordering and packaging information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
3
3.1
CIPURSE™ application support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
File system of the PICC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Master file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Application dedicated files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
CIPURSE™ ADF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
PxSE ADF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
NFC Type 4 Tag ADF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Supported elementary file types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Predefined elementary files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
EF.FILELIST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
EF.ID_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
EF.IO_CONFIG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
File referencing methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Reserved file identifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Security architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Mutual authentication and security state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Access rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Secure messaging rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Command set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
3.1.1
3.1.2
3.1.2.1
3.1.2.2
3.1.2.3
3.1.3
3.1.4
3.1.4.1
3.1.4.2
3.1.4.3
3.1.5
3.1.6
3.2
3.2.1
3.2.2
3.2.3
3.2.4
3.3
4
4.1
4.2
Contactless I/O functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Communication principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
ISO/IEC 14443 feature set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
5
5.1
5.2
Block oriented memory with NRG™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
Operation of a block oriented memory with NRG™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Memory organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
Datasheet
2
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Table of contents
5.2.1
5.2.2
5.3
1 KB non-volatile memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
4 KB non-volatile memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
NRG™ command set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
NRG™ to CIPURSE™ migration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
5.4
6
6.1
6.2
Operational characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Absolute maximum ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Electrical characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Datasheet
3
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
List of tables
List of tables
Table 1
Table 2
Table 3
Table 4
Table 5
Table 6
Table 7
Table 8
Table 9
Table 10
Table 11
Table 12
Ordering information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
UID configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Pin definitions and functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
List of predefined EFs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Structure and contents of EF.FILELIST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Structure and content of EF.ID_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Structure and contents of EF.IO_CONFIG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Overview of CIPURSE™ commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Overview of NRG™ commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Absolute maximum ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Operation range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Contactless interface characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Datasheet
4
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
List of figures
List of figures
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
System overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Block diagram of CIPURSE™4move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Module contactless card - P-MCC8-2-6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Module contactless card - P-MCS-8-2-1 (top/bottom view) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Pin configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Example of a CIPURSE™4move file system structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Binary file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Linear record file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Cyclic record file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Value-record file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Authentication states and security level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
CIPURSE™4move communication state diagram according to ISO/IEC 14443-3 Type A . . . . . . . . . 25
Block oriented memory with NRG™ operation (initialization and anticollision procedure with
4-byte UID) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 14
Figure 15
Figure 16
Figure 17
Figure 18
Memory structure of 1 KB of NVM with NRG™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Structure of a data block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Structure of a value block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Structure of a sector trailer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Memory structure for CIPURSE™4move providing 4 KB NRG™ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Datasheet
5
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
1 Introduction
1
Introduction
CIPURSE™4move is a dedicated security controller for cost-optimized tickets, cards, and wearables in transport
ticketing, physical access, micro-payment, and multi-applications featuring CIPURSE™ functionality and
optional block oriented memory with NRG™ operation. It is therefore the ideal migration product to migrate
existing NRG™ systems towards more advanced and state of the art CIPURSE™ security based on AES-128.
1.1
System overview
CIPURSE™4move is designed to operate both in a CIPURSE™ and in an NRG™ system. The product, in the
following also denoted as proximity integrated circuit card (PICC), is connected to a terminal, in the following
also denoted as proximity coupling device (PCD), via contactless interface providing both energy for operation
and data exchange. The terminal is application specific and may be either connected to a host system (online
terminal) or work standalone (offline terminal).
Afer anticollision and selection as per ISO/IEC 14443-3 [9], the PCD may proceed as follows:
•
Enter the NRG™ operation state by performing the authentication procedure to any of the sectors by
sending the command AUTHENTICATE
or
•
Enter ISO/IEC 14443-4 [10] transmission protocol processing (T=CL) by sending a request for answer to
select (RATS) command
See Chapter 4.1 for details on further steps to operate in CIPURSE™ or NRG™ mode.
Host
System
Crypto
µC
· CIPURSE™
· NRG™
Data
Analog
Circuitry/
Reader IC
Antenna
SLS 32TLC00xS(M)
Energy
Clock
Terminal
System overview
Figure 1
1.2
Product overview
CIPURSE™4move is a cost-efficient implementation and designed for use in automatic fare collection systems,
micro-payment, as access control token, and other smart card security applications. As a migration product, it
also offers 1 KB and 4 KB block oriented memory with NRG™ operation. It is operated using the ISO/IEC 14443
Type A contactless interface.
The product allows handling a typical ticketing transaction in less than 100 ms. It is also suited for use in
multi-application schemes, for example combining a transportation fare collection scheme and a ticketing
Datasheet
6
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
1 Introduction
system such as stadium ticketing. Further, the product offers robust contactless transmission which means that
the card with CIPURSE™4move may also remain in the wallet of the user even if there are coins in it.
Memory structure
ISO/IEC 7816 file system
MF
4K.
Sector 39
Block 15
ADF PxSE1
ADF PxSE4 CIPURSE™ ADF1
CIPURSE™ ADF8
EF.ID_INFO
EF.FILELIST
EF.ID_INFO
EF.FILELIST
EF.ID_INFO
EF.FILELIST
Sector 32
Sector 31
Block 0
Block 3
EF.IO_CONFIG
EF1
Legacy to
CIPURSE™
migration
EF1
EF1
Block 0
Sector 16
Sector 15
1K.
feature (L2C)
EF32
EF32
ACCESS
Block 3
Block 2
Block 1
Block 0
EF8
Sector 1
Sector 0
CIPURSE™S Profile
· ISO/IEC 7816 command set
· AES-128 using NLM and key scheduling
CRYPTO1
ISO/IEC 14443-4 transmission protocol
ISO/IEC 14443-3 Type A
NRG™ operation
Chip Hardware
Figure 2
Block diagram of CIPURSE™4move
General features
•
•
•
•
•
Support of 1/2/4 KB of user memory
Optional support of 1 KB and 4 KB block oriented memory with NRG™ operation
27/56/78 pF chip input capacitance
Operating temperature range: -25°C to +85°C (for chip)1)
Storage temperature range: -40°C to +125°C (for chip)1)
CIPURSE™application security
CIPURSE™4move supports:
•
Up to 8 128-bit Advanced Encryption Standard (AES) keys can be assigned to each application dedicated
file (ADF)
•
•
•
Flexible access rights and secure messaging rules configurable for each file
Mutual authentication using AES-128
Secure messaging with AES-message authentication code (MAC) and AES-encryption (ENC)
1
For modules according to module specification
Datasheet
7
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
1 Introduction
•
•
Secure messaging mode configurable for each data exchange
Secure channel protocol inherently differential power analysis (DPA) and differential fault analysis (DFA)
resistant, offering AES-MAC, AES-ENC and sequence integrity protection for application protocol data units
(APDUs)
•
Administrative functionality
-
-
8 128-bit AES keys available for master file (MF) administration
MF security architecture is same as CIPURSE™ ADF security architecture
ISO/IEC 7816-4 file system
CIPURSE™4move implements a CIPURSE™ compliant file system based on ISO/IEC 7816-4 [4]:
•
Files are organized logically in form of two-level dedicated file (DF) tree structure (as described in Chapter
3.1)
•
The MF forms the root of this structure. The MF hosts some predefined elementary files (EFs), up to 8
custom EFs, and up to 8 custom ADFs
•
•
Support up to 4 ADF proximity system environments (PxSEs), in addition to 8 custom ADFs under the MF
A CIPURSE™ application is represented by an ADF identified by its file identifier (FID) and DF name
application identifier (AID). The ADF can host up to 32 custom EFs for application specific data
•
Elementary file types supported are binary files, linear record files, cyclic record files, and linear value-
record files
-
-
-
File size up to 4 KB
Up to 254 records per record oriented file
Record length up to 228 bytes
•
Security attributes defining the access rights and secure messaging rules can be assigned to each ADF, to
the MF, and to each EF
•
•
•
Up to 64 bytes for proprietary security information per ADF
Up to 64 bytes for proprietary security information for MF
Up to 1/2/4 KB user memory is available to store an application data. Customers can configure the number
of available ADFs, EFs, and the corresponding file size. The maximum file size of one EF is 4 KB
Block oriented memory with NRG™ operation features
As a migration product, CIPURSE™4move is designed to operate in an NRG™ system to support the migration
towards more advanced CIPURSE™ security based on AES-128. In addition, the support of NRG™ can be modified
(see Chapter 3.1.4.3).
•
•
SLS 32TLC00xS/SLS 32TLC00xS5/SLS 32TLC00xSA – NRG™ operation not supported
SLS 32TLC00xS1/SLS 32TLC00xS6/SLS 32TLC00xSB – supporting 1 KB block oriented memory with NRG™
operation
-
16 sectors of 64 bytes (4 blocks)
•
SLS 32TLC00xS4/SLS 32TLC00xS9/SLS 32TLC00xSE – supporting 4 KB block oriented memory with NRG™
operation
-
-
32 sectors of 64 bytes (4 blocks)
8 sectors of 256 bytes (16 blocks)
•
•
•
Two keys per sector
Mutual three pass authentication
Encrypted data transfer
Near field communication (NFC) Forum Type 4 Tag
Supports NFC Forum Type 4 Tag functionality, see Chapter 3.1.2.3.
Datasheet
8
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
1 Introduction
CIPURSE™ command set
•
Multi-level commands
SELECT
Commands for personalization of file system oriented PICCs
-
•
-
-
-
CREATE_FILE
DELETE_FILE
FORMAT_ALL
•
•
Commands for object management
-
-
ACTIVATE_FILE (ADF)
DEACTIVATE_FILE (ADF)
Commands for file attribute management
-
-
-
-
READ_FILE_ATTRIBUTES
UPDATE_FILE_ATTRIBUTES
UPDATE_KEY
UPDATE_KEY_ATTRIBUTES
•
•
Security-related commands
-
-
MUTUAL_AUTHENTICATE
GET_CHALLENGE
Commands for file data management
-
-
-
-
-
-
-
-
-
-
READ_BINARY
UPDATE_BINARY
READ_RECORD
UPDATE_RECORD
APPEND_RECORD
READ_VALUE
INCREASE_VALUE
DECREASE_VALUE
LIMITED_INCREASE_VALUE
LIMITED_DECREASE_VALUE
Contactless interface
•
Initialization and anticollision according to ISO/IEC 14443-3 [9] Type A using 4-byte reused-ID, 7-byte
unique identifier (UID) (Double-Size UID), 10-byte UID (Triple-Size UID), or 4-byte random identification (ID)
as defined in ISO/IEC 14443-3 [9]
•
•
Transmission protocol according to ISO/IEC 14443-4 [10]
Data rates in both directions up to 848 kbit/s
Security features
•
•
•
•
Active shield technology
Anti-snooping features
Security attack countermeasures for all critical operations using both hardware and sofꢀare controls
Access limitation for manufacturer-specific data (configurable)
Certification level
•
•
CIPURSE™V2 certification
CC EAL 5+ (high)
Datasheet
9
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
1 Introduction
1.3
Coding and notation conventions
All lengths are represented in bytes, unless otherwise specified.
Each byte is represented by bits b[8:1], where b[8] is the most significant bit and b[1] is the least significant bit,
unless otherwise specified.
Multi-byte fields and values are presented in big endian order, unless otherwise specified.
Binary values are specified in brackets with suffix "B" (For example, 0101B).
Hexadecimal values are specified with suffix "H" (For example, B4H).
Datasheet
10
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
2 Ordering and packaging information
2
Ordering and packaging information
Note:
The ordering codes for the individual sales code and package combination (For example, SLS
32TLCxxx – MCC8) are available on request.
Table 1
Type1)
Ordering information
Package
No block oriented memory with NRG™ support, 27 pF chip capacitance
SLS 32TLC00xS – MCC8
SLS 32TLC00xS – MCS8
SLS 32TLC00xS – NB
SLS 32TLC00xS – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
No block oriented memory with NRG™ support, 56 pF chip capacitance
SLS 32TLC00xS5 – MCC8
SLS 32TLC00xS5 – MCS8
SLS 32TLC00xS5 – NB
SLS 32TLC00xS5 – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
No block oriented memory with NRG™ support, 78 pF chip capacitance
SLS 32TLC00xSA – MCC8
SLS 32TLC00xSA – MCS8
SLS 32TLC00xSA – NB
SLS 32TLC00xSA – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump
1 KB block oriented memory with NRG™ support, 27 pF chip capacitance
SLS 32TLC00xS1 – MCC8
SLS 32TLC00xS1 – MCS8
SLS 32TLC00xS1 – NB
SLS 32TLC00xS1 – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
1 KB block oriented memory with NRG™ support, 56 pF chip capacitance
SLS 32TLC00xS6 – MCC8
SLS 32TLC00xS6 – MCS8
SLS 32TLC00xS6 – NB
SLS 32TLC00xS6 – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
1 KB block oriented memory with NRG™ support, 78 pF chip capacitance
SLS 32TLC00xSB – MCC8
SLS 32TLC00xSB – MCS8
SLS 32TLC00xSB – NB
SLS 32TLC00xSB – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
4 KB block oriented memory with NRG™ support, 27 pF chip capacitance
SLS 32TLC00xS4 – MCC8
P-MCC8-2-62)
P-MCS-8-2-13)
SLS 32TLC00xS4 – MCS8
(table continues...)
Datasheet
11
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
2 Ordering and packaging information
Table 1
(continued) Ordering information
Type1)
Package
SLS 32TLC00xS4 – NB
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
SLS 32TLC00xS4 – C
4 KB block oriented memory with NRG™ support, 56 pF chip capacitance
SLS 32TLC00xS9 – MCC8
SLS 32TLC00xS9 – MCS8
SLS 32TLC00xS9 – NB
SLS 32TLC00xS9 – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
4 KB block oriented memory with NRG™ support, 78 pF chip capacitance
SLS 32TLC00xSE – MCC8
SLS 32TLC00xSE – MCS8
SLS 32TLC00xSE – NB
SLS 32TLC00xSE – C
P-MCC8-2-62)
P-MCS-8-2-13)
Unsawn/Sawn wafer, NiAu bump4)
Unsawn/Sawn wafer, without bump5)
1)
2)
3)
4)
5)
x indicates the user memory size of 1 KB or 2 KB or 4 KB, respectively
Pure contactless module (MCC8): for standard thickness inlays (330 µm)
Pure contactless module (MCS8): for very thin inlays (< 250 µm)
Wafer thickness: 55 µm, 75 µm, and 150 µm with NiAu bump 20 µm
Wafer thickness: 55 µm, 75 µm, and 150 µm
Table 2
Type
UID configuration
Delivery state
User configurable1)
SLS 32TLC00xS/
SLS 32TLC00xS5/
SLS 32TLC00xSA
7-byte UID
7-byte UID, 10-byte UID, and 4-byte random ID
SLS 32TLC00xS1/ 4-byte reused-ID (xM band2) )
SLS 32TLC00xS6/
4-byte reused-ID, 7-byte UID, 10-byte UID, and 4-byte
random ID
SLS 32TLC00xSB
SLS 32TLC00xS4/ 4-byte reused-ID (xM band2) )
SLS 32TLC00xS9/
4-byte reused-ID, 7-byte UID, 10-byte UID, and 4-byte
random ID
SLS 32TLC00xSE
1)
2)
The other UID variants can be configured by the customer. For more details, see Chapter 3.1.4.3.
M = 1, 5, 7, 9. Other values might be applicable without further notice
Datasheet
12
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
2 Ordering and packaging information
Figure 3
Module contactless card - P-MCC8-2-6
Figure 4
Module contactless card - P-MCS-8-2-1 (top/bottom view)
LA
SLS 32TLC00xS(M)
LB
Figure 5
Table 3
Pin configuration
Pin definitions and functions
Symbol
Function
LA
LB
Coil connection pin LA
Coil connection pin LB
Datasheet
13
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
3
CIPURSE™ application support
3.1
File system of the PICC
The file system implemented by the product is compliant to the file system specified in ISO/IEC 7816-4 [4]. For
example, Figure 6 shows the structure of the file system containing a number of CIPURSE™V2 applications and
up to 4 PxSE applications.
ISO/IEC 7816 File system
Keys
MF
SecAttrib
Keys
SecAttrib
Keys
SecAttrib
CIPURSE™ ADF1
ADF PxSE1
ADF PxSE4
CIPURSE™ ADF8
EF.ID_INFO
SecAttrib
SecAttrib
SecAttrib
SecAttrib
SecAttrib
EF.ID_INFO
EF.ID_INFO
EF.FILELIST
SecAttrib
SecAttrib
EF.FILELIST
EF1
EF.FILELIST
SecAttrib
SecAttrib
EF.IO_CONFIG
EF1
SecAttrib
SecAttrib
EF1
EF8
SecAttrib
EF32
EF32
SecAttrib
Figure 6
Example of a CIPURSE™4move file system structure
For application operation, the files in the file system are organized logically in a form of two-level dedicated file
(DF) tree structure. The MF forms the root of this structure.
The MF hosts three predefined EFs and 8 128-bit AES keys and it allows creation of up to 8 custom EFs, up to 4
ADF PxSEs, and up to 8 custom ADFs excluding ADF PxSEs (if created).
A CIPURSE™ application is represented by an ADF identified by its FID and AID. The ADF hosts two predefined
EFs and up to 8 128-bit AES keys and it allows creation of up to 32 EFs.
A PxSE ADF is a specific application, which is created without child files and security attributes.
Security attributes defining the access rights and secure messaging rules may be assigned to each CIPURSE™
ADF, to the MF, and to each EF. The file system offers up to 4 KB memory to store the user data.
3.1.1
Master file
MF consists of keys, security attributes, and hosts custom ADFs (see Chapter 3.1.2) in addition to pre-defined
EFs (see Chapter 3.1.4) and custom EFs (see Chapter 3.1.3).
The PICC supports implicit selection of the MF as a result of radio frequency (RF) initialization and anticollision
process.
MF supports the following commands:
•
CREATE_FILE (ADF/EF)
Datasheet
14
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
•
•
•
•
•
•
•
•
•
DELETE_FILE (ADF/EF)
FORMAT_ALL
GET_CHALLENGE
MUTUAL_AUTHENTICATE
UPDATE_KEY
UPDATE_KEY_ATTRIBUTES
READ_FILE_ATTIRBUTES
UPDATE_FILE_ATTRIBUTES
SELECT (by FID/AID)
3.1.2
Application dedicated files
An ADF is identified by its AID or by its FID.
PICC supports three type of ADFs:
•
•
•
CIPURSE™ ADF
PxSE ADF
NFC Type 4 Tag ADF
CIPURSE™4move allows CIPURSE™ ADF or NFC Type 4 Tag ADF to access NRG™ sectors, assigned during the
creation of the respective ADF by providing NRG™ sector assignment information (5-byte bitmap for 4 KB NRG™
and 2-byte bitmap for 1 KB NRG™). The product allows multiple ADFs to access same NRG™ sector.
READ_FILE_ATTRIBUTE on the ADF assigned with NRG™ sectors returns the assigned sector information
(bitmap) as part of the ADF file attributes.
3.1.2.1
CIPURSE™ ADF
CIPURSE™ ADF consists of keys and security attributes, and it hosts the EFs with application-specific data as
described in Chapter 3.1.3 in addition to pre-defined EFs (see Chapter 3.1.4).
CIPURSE™ ADF can be secured or unsecured based on the security attributes defining access conditions and
secure messaging, and key values as described in Chapter 3.2.
CIPURSE™ ADF supports two operational states:
•
ACTIVATED
•
DEACTIVATED
Command ACTIVATE_FILE (ADF) activates the referenced CIPURSE™ ADF (and inherently all its child EFs) from its
deactivated state.
An activated CIPURSE™ ADF supports the following commands:
•
•
•
•
•
•
•
•
•
•
CREATE_FILE (EF)
DELETE_FILE (this ADF/EF)
GET_CHALLENGE
MUTUAL_AUTHENTICATE
UPDATE_KEY
UPDATE_KEY_ATTRIBUTES
READ_FILE_ATTIRBUTES
UPDATE_FILE_ATTRIBUTES
SELECT (by FID/AID)
DEACTIVATE_FILE (ADF)
Command DEACTIVATE_FILE (ADF) deactivates the activated CIPURSE™ ADF (and implicitly all its child EFs).
Datasheet
15
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
A deactivated CIPURSE™ ADF supports the following operational commands:
•
•
•
•
SELECT (by FID/AID)
ACTIVATE_FILE (subject to access condition)
GET_CHALLENGE
MUTUAL_AUTHENTICATE
3.1.2.2
PxSE ADF
PxSE application registers the segment specific CIPURSE™ applications such as dedicated to transport
applications, event ticketing applications, and facility access applications.
PxSE application supports the SELECT (by AID) command only.
The response to SELECT PxSE provides the list of AIDs corresponding to its registered CIPURSE™ applications in
ACTIVATED state and one of its registered applications might be implicitly selected.
3.1.2.3
NFC Type 4 Tag ADF
The product supports an NFC Type 4 Tag ADF [11] with the same functionality as a CIPURSE™ ADF with the
following exceptions during ADF creation:
•
•
EF.ID_INFO is not automatically created
EF.FILELIST is not automatically created
The creation of EF with the same FID as EF.ID_INFO or EF.FILELIST is not allowed.
3.1.3
Supported elementary file types
EFs are used to store data and are identified by its FID or by short file identifier (SFID).
The file system supports the following elementary file types:
•
•
•
•
•
Binary file
Linear record file
Cyclic record file
Linear value-record file
NRG™ mapped linear record file
EFs can be secured or unsecured based on the security attributes as described in Chapter 3.2.
The commands READ_FILE_ATTRIBUTES and UPDATE_FILE_ATTRIBUTES can be used to read and update the
EF attributes.
Binary file:
A binary file represents a series of sequential bytes without specific inner structure. Size of the file is defined at
file creation.
On file creation, the data are created and initialized with zeros. The commands READ_BINARY and
UPDATE_BINARY can be used to read and update the records.
The maximum size of the binary file is restricted to 4 KB.
Datasheet
16
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
Figure 7
Binary file
Linear record file:
A linear record file represents a linear sequence of records of same size. Size and number of records are defined
at file creation.
On file creation, all records are created and initialized with zeros. The commands READ_RECORD and
UPDATE_RECORD can be used to read and update the records.
The maximum size of a record is 228 bytes. A file can contain maximum of 254 records. The maximum size of the
linear record file (size of record x number of records) is restricted to 4 KB.
1
2
n
Bytes
Figure 8
Linear record file
Cyclic record file:
A cyclic record file represents a cyclic sequence of records, where the oldest data will be overwritten, in case the
list is full. The size and number of the records are defined at file creation.
On file creation, only the memory is reserved. No further initialization is performed. Each record must be
created and initialized using command APPEND_RECORD before it can be read or updated. The commands
READ_RECORD and UPDATE_RECORD can be used to read and update the records.
The maximum size of a record is 228 bytes. A file can contain maximum of 254 records. The maximum size of the
cyclic record file (size of record x number of records) is restricted to 4 KB.
Datasheet
17
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
es
yt
B
Records
Figure 9
Cyclic record file
Value-record file:
A value-record file represents a linear sequence of records of 12 bytes. Each value-record contains maximum
and minimum limit and a counter value field. Number of records is defined at file creation.
On file creation, all records are created and initialized with 0000 0000H (counter value), 7FFF FFFFH (maximum
limit), and 8000 0000H (minimum limit). The commands READ_RECORD and UPDATE_RECORD can be used to
read and update the records. The commands READ_VALUE, INCREASE_VALUE, and DECREASE_VALUE can be
used to read and manipulate the counter values. If modification of the value violates the limits, the command
will be rejected.
The commands LIMITED_INCREASE_VALUE and LIMITED_DECREASE_VALUE can be used to offer a refund
functionality that is limited to the number of tokens decreased/increased in last transaction. The value
record remembers the last increase or decrease operation and enables refund up to the value that
existed before increase or decrease. The commands UPDATE_RECORD, LIMITED_INCREASE_VALUE, and
LIMITED_DECREASE_VALUE will reset the information granting limited refund functionality.
A file can contain maximum of 254 records.
max
min value
max
max
min value
min value
min
value
max
Bytes
Figure 10
Value-record file
NRG™ mapped linear record file
NRG™ mapped linear record file represents a linear sequence of records of 16 bytes. Each record is mapped
to an NRG™ block of NRG™ sector assigned under the ADF. Such mapping can be done during the elementary
file creation by providing the list of assigned NRG™ block addresses. Mapped blocks must belong to the NRG™
sectors which are assigned to the parent ADF of the EF else the creation command is rejected.
Datasheet
18
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
Mapping an NRG™ block to multiple NRG™ mapped files and to multiple records with in an NRG™ mapped file is
supported.
The READ_FILE_ATTRIBUTE command can be used to read the NRG™ block mapping information as part of the
file attributes.
A file can contain maximum of 243 records.
3.1.4
Predefined elementary files
Predefined EFs under the MF are present at delivery state, need not be created and cannot be deleted. The
security attributes can be modified.
Predefined EFs under the ADF are implicitly created during ADF creation. Deletion is only possible by deleting
the parent ADF. The security attributes can be modified.
Table 4
List of predefined EFs
File name
File type
Description
EF.FILELIST
Binary
Read-only file under the MF/ADF providing list of files under the
MF/ADF
EF.ID_INFO
Binary
Binary
Read-only file under the MF/ADF providing information about the
supported CIPURSE™ version and the features valid for all ADFs as
well as PICC-unique manufacturer specific information
EF.IO_CONFIG
File under the MF providing information about the parameters used
for contactless communication
3.1.4.1
EF.FILELIST
The EF.FILELIST (under the MF/ADF) is read-only file and provides a 4-byte file information for each file present
under the MF/ADF. The size of EF.FILELIST varies depending on the number of files currently present in the
MF/ADF.
Table 5
Structure and contents of EF.FILELIST
Type: Binary, read-only
EF.FILELIST
Content
File #1
Length [byte]
Description
FID
SFID
FD
2
1
1
File identifier of File #1
Short file identifier of File #1
File descriptor byte of File #1
Var.
Further FID || SFID || FD fields...
File #n
FID
SFID
FD
2
1
1
File identifier of File #n
Short file identifier of File #n
File descriptor byte of File #n
3.1.4.2
EF.ID_INFO
The predefined file EF.ID_INFO is a read-only file and is available under the MF and CIPURSE™ ADF. EF.ID_INFO
files are identical across all applications in one PICC.
Datasheet
19
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
The structure and content of the EF.ID_INFO file are as described Table 6.
Table 6
Structure and content of EF.ID_INFO
EF.ID_INFO
Type: Binary, Read-only
Offset
0-7
Description
CIPURSE™ version and file system oriented personalization features are supported
8
Integrated circuit manufacturer, as per ISO/IEC 7816-6 [5]:
•
05H: Infineon Technologies
9-23
24-32
33
Chip identification data
Reserved for further manufacturer information
Specifies whether 1 KB or 4 KB block oriented memory with NRG™ operations are supported
34-36
37-39
Sofꢀare version
Product identifier
3.1.4.3
EF.IO_CONFIG
The EF.IO_CONFIG file under the MF contains IO configuration parameters as defined in the Table 7. The IO
interface configuration of the product can be modified by updating the parameters in this file.
Table 7
Structure and contents of EF.IO_CONFIG
EF.IO_CONFIG Type: Binary
Offset
Description
0-1
2
Tag and length for contactless I/O parameters
Protocol type and configurable UID mode1)
Configuration state of block oriented memory with NRG™ operation:
3
•
•
•
Block oriented memory with NRG™ operation is deactivated
Support for 1 KB block oriented memory with NRG™ operation is activated
Support for 4 KB block oriented memory with NRG™ operation is activated
4
Reserved for future use (RFU)
5
Interface bytes for Type A and frame size for proximity card integer (FSCI)
Baudrate
6
7
Frame waiting time integer (FWI) and start-up frame guard time integer
Node address (NAD) and card identifier (CID) support indicator
8
9-10
Tag for additional parameters. Length of this tag indicates the length of the historical bytes
returned as part of answer to select (ATS). This value can be configured to be in the range 0 to
15 bytes. Default value is set to 7 bytes
11-17
Initial historical bytes:
•
•
•
Controller control byte
Product identifier bytes
Sofꢀare version bytes
18-25
Additional bytes to allow extending historical bytes. It is recommended to set these bytes to
00H
1)
4-byte reused-ID, 7-byte fixed UID, 4-byte random ID, and 10-byte fixed UID
Datasheet
20
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
3.1.5
File referencing methods
To access the data, the files in a CIPURSE™ conforming PICC can be selected by using the following methods
(Explicit selection or Implicit selection).
Explicit selection:
•
A SELECT command is used for explicit selection mode
•
A different combination of the parameters along with the SELECT command will perform the explicit
selection such as:
-
-
-
For explicit selection of MF, the SELECT command with FID 3F00H can be used
For explicit selection of ADF, the SELECT command with AID or an FID can be used
For explicit selection of EF, the SELECT command with FID or a command supporting addressing by
SFID can be used
Implicit selection:
•
•
•
RF initialization and anticollision process is used for implicit selection of MF
Selection of a PxSE application may result in implicit selection of one of its registered ADFs
Implicit selection of EF is not supported
3.1.6
Reserved file identifiers
Some of the FIDs are reserved to serve a special purpose such as file identifiers of MF and pre-defined EFs.
3.2
Security architecture
The security architecture of this product consists of keys representing the various roles, an authentication
mechanism to check the availability of a key, and the file security attributes to grant access to entitled roles
only.
The security architecture is intended to restrict the access and operations on the application's data to
authorized entities only.
Before executing a command on a secured object, the PICC checks if the security requirements are met in terms
of file security attributes which are access rights and secure messaging rules.
3.2.1
Keys
AES-128 bit keys are used for authentication. Keys are associated to ADF/MF.
Each key has a set of secure and non-secure attributes as defined below:
•
Secure key attributes are used to control the operations permissible with/on this key such as if the key can
be updated or is immutable, and if the key is valid or invalid
•
Non-secure key attributes hold an additional key information and cryptographic algorithm identifier
3.2.2
Mutual authentication and security state
Figure 11 shows the states and resulting security levels reached when a terminal sends the commands
GET_CHALLEGE and MUTUAL_AUTHENTICATE to mutually authenticate both terminal and PICC.
Datasheet
21
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
SELECT application
In_Session
Not_Authentiated
Level=None
( GET_CHALLENGE,
MUTUAL_AUTHENTICATE (key=n)(pass) )
Any other command in plain mode
or MAC/ENC error
Authenticated
Any other command in plain mode
or MAC/ENC error
Any other command in SM mode
Level=Auth_<key>
( GET_CHALLENGE,
MUTUAL_AUTHENTICATE (key=m)(none/
SM_PLAIN)(pass) )
( GET_CHALLENGE,
MUTUAL_AUTHENTICATE (key=m)(MAC/ENC)(pass) )
Authenticated_N
Level=Auth_<key>
Linked Authentication
Any other command in SM mode
Deselect application
Figure 11
Authentication states and security level
Afer selection of the application owning the keys, the application is in Not_Authenticated state with security
level none.
•
A GET_CHALLENGE command followed by MUTUAL_AUTHENTICATE command with valid cryptogram
results in a transition to Authenticated state with security level Auth_<key> referencing the key number
used for authentication
In Authenticated state, all commands must be transmitted in secure channel mode.
•
A GET_CHALLENGE command followed by a MUTUAL_AUTHENTICATE command with valid cryptogram,
received in SM_MAC or SM_ENC mode, and referencing a new key will result in Authenticated_N state with
"linked authentication" where the previous state’s security level Auth_<key> is retained and the security
level will change from Auth_<old key> to Auth_<new key>
In Authenticated_N state, all commands must be transmitted in secure channel mode.
•
A GET_CHALLENGE command followed by a MUTUAL_AUTHENTICATE command with valid cryptogram,
received without secure channel or secure messaging with plain data (SM_PLAIN), will result in
Authenticated state with no "linked authentication" where the security level will reset to Auth_<new key>
Any command received in plain mode or in secure messaging (SM) mode with invalid cryptogram will reset the
state to Not_Authenticated with security level none.
When a security level Auth_<key> is reached, the terminal acquires the right to execute the commands that are
granted to this security level, as described in Chapter 3.2.3.
3.2.3
Access rights
Access rights grant each security level rights to execute various commands respective to a file type. Also, it
defines unconditional access ("ALWAYS") to enable PCDs to execute commands irrespective of the security level
reached and the secure messaging rules assigned to the file, see Chapter 3.2.4.
If none of the rights are enabled, the commands cannot be executed irrespective of the security level.
Datasheet
22
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
3.2.4
Secure messaging rules
Secure messaging rules (SMR) define for a file, the minimum secure messaging levels required to execute
various commands respective to a file type.
There are three different secure messaging levels available, as follows:
•
•
SM_PLAIN: Data is sent in plain and the transferred command does not include an integrity protection field
SM_MAC: Integrity-protected communication with a field of MAC in the transferred command and the data
is sent in plain
•
SM_ENC: Confidential communication with encryption of data and integrity protection field in the
transferred command
The PCD defines the communication security level applicable for exchanging the messages between PCD and
PICC.
The PICC evaluates if the chosen security level is acceptable for the addressed file and operation.
3.3
Command set
This section defines all the commands available for operation of CIPURSE™ application.
Table 8
Overview of CIPURSE™ commands
Description
Command
Multi-level commands
SELECT
Selects the file (MF, ADF, or EF)
Commands for personalization of file system oriented PICCs
CREATE_FILE (ADF, EF)
DELETE_FILE (ADF, EF)
FORMAT_ALL
Creates an ADF or an EF in the PICC file system
Deletes an ADF or an EF from the PICC file system
Formats the file system to its initial data state
The MF keys, MF key attributes, and the content and attributes of predefined
EFs under the MF are not formatted
Commands for object management
ACTIVATE_FILE (ADF)
Activates an ADF in the PICC file system
Deactivates an ADF in the PICC file system
DEACTIVATE_FILE (ADF)
Commands for file attribute management
READ_FILE_ATTRIBUTES
UPDATE_FILE_ATTRIBUTES
UPDATE_KEY
Reads the MF, DF, or EF file attributes
Updates the MF, DF, or EF file attributes
Updates the value of a key in the PICC
Updates the attributes of a key in the PICC
UPDATE_KEY_ATTRIBUTES
Security related commands
MUTUAL_AUTHENTICATE
GET_CHALLENGE
Mutual authentication with the PICC
Retrieves the challenge information from the PICC in order to proceed with
authentication
Commands for file data management
READ_BINARY
Reads a data from a binary file
UPDATE_BINARY
Updates a data into a binary file
READ_RECORD
Reads a records from a record file or a value record file
(table continues...)
Datasheet
23
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
3 CIPURSE™ application support
Table 8
(continued) Overview of CIPURSE™ commands
Command
Description
UPDATE_RECORD
APPEND_RECORD
READ_VALUE
Updates a data into an existing record in a record file or a value record file
Appends a record to a cyclic record file that is not already full
Reads a value from a value record file
INCREASE_VALUE
DECREASE_VALUE
LIMITED_INCREASE_VALUE
Increases the value in a value record file
Decreases the value in a value record file
Increases the value in a value record file within a limited range defined by the
previous DECREASE_VALUE operation
LIMITED_DECREASE_VALUE
Decreases the value in a value record file by a limited amount
Datasheet
24
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
4 Contactless I/O functionality
4
Contactless I/O functionality
CIPURSE™4move supports contactless I/O communication according to ISO/IEC 14443-3 [9] and ISO/
IEC 14443-4 [10] and as configured in EF.IO_CONFIG at the time of manufacturing of the product.
4.1
Communication principle
All operations on the PICC are initiated by an appropriate reader and controlled by the internal logic of
CIPURSE™4move. Prior to any application specific operations, the PICC has to be selected according to the
ISO/IEC 14443-3 [9] Type A anticollision and selection scheme.
Afer selection, the PCD may proceed as follows:
•
•
Enter the NRG™ operation state (CIPURSE™4move devices supporting NRG™ operation only) or
Enter ISO/IEC 14443-4 [10] transmission protocol processing (T=CL) by sending a RATS command
POWER OFF
In Field
HALT
IDLE
REQA
WUPA
WUPA
READY*/READY
ANTICOLLISION
HL
TA
SELECT
READ
Block0
ACTIVE*/ACTIVE
AUTHx
DESELECT
RATS
ISO/IEC 14443-4
Transmission protocol
state
NRG™ operation
Layer 4 commands
NRG™ comments
Figure 12
CIPURSE™4move communication state diagram according to ISO/IEC 14443-3 Type A
Datasheet
25
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
4 Contactless I/O functionality
4.2
ISO/IEC 14443 feature set
The following features and types of commands are available:
•
•
Commands for radio frequency (RF) initialization and bit frame anticollision as per ISO/IEC 14443-3 [9],
Type A
Commands for operating the half-duplex block transmission protocol as per ISO/IEC 14443-4 [10], with the
following feature profile:
-
Card identifier (CID) is supported, which enables the PCD to select and operate more than one PICC
simultaneously
-
-
-
PICC and PCD chaining is supported
Node address (NAD) is supported
Power level indication inside the CID is not supported
•
The error handling is performed as defined in ISO/IEC 14443-3 [9] and ISO/IEC 14443-4 [10]
Datasheet
26
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
5
Block oriented memory with NRG™
Block oriented memory communicating via ISO/IEC 14443-3 [9] Type A, and offers a proprietary command
set for application operation. It features the confidential CRYPTO1 [12] stream cipher. Mutual authentication
according to ISO/IEC 9798-2 [6] is used to set up the stream ciphering, which applies to the whole subsequent
data exchanged over the RF link.
5.1
Operation of a block oriented memory with NRG™
The PCD and PICC must use a bit rate of 128/fC (~106 kbit/s) in both directions for all commands and responses,
with the characteristics as specified by ISO/IEC 14443-3 [9].
First, the PCD and the PICC perform the initialization and anticollision procedure as described in ISO/
IEC 14443-3 [9].
With the PICC in ACTIVE/ACTIVE* state, the PCD can initiate the authentication procedure by sending the
AUTHENTICATE command or send the READ block 00H command plain (unencrypted) once or multiple times
before initiating the authentication procedure. Afer completion of the authentication procedure, the PICC
enters the authenticated state. So, all further communication in this state must be encrypted by the CRYPTO1
stream cipher.
The PICC exits the authenticated state on reception of the encrypted HLTA command, performing its transition
to the HALT state, or in case of error.
Block oriented memory with NRG™ proprietary technology
POWER-OFF
HALT
READY*/READY
ACTIVE*/ACTIVE
IDLE
yes
no
AUTHENTICATE?
HALT
Response: contents
of block 00H
Authentication
procedure
yes
no
yes
READ
block 00H?
Error?
no
Change of sector
HLTA
Operation on currently authenticated sector
AUTHENTICATED
INCRE-
MENT
DECRE-
MENT
RESTORE
AUTHENTICATE
(Key A or Key B)
WRITE
READ
Authentication
procedure
TRANSFER
Success
Error
Figure 13
Block oriented memory with NRG™ operation (initialization and anticollision
procedure with 4-byte UID)
Datasheet
27
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
Note:
State transitions due to successful command execution are shown in this diagram.
5.2
Memory organization
Memory accessible in NRG™ mode is organized into blocks of 16 bytes. These blocks are accessible as
elementary data units using the NRG™ command set (see Chapter 5.3) and thus no single byte level access
is allowed. Further on, blocks are grouped into sectors as described below:
•
SLS 32TLC00xS1/SLS 32TLC00xS6/SLS 32TLC00xSB (1 KB block oriented memory with NRG™)
16 sectors of 4 blocks each
SLS 32TLC00xS4/SLS 32TLC00xS9/SLS 32TLC00xSE (4 KB block oriented memory with NRG™)
-
•
-
-
32 sectors of 4 blocks each
8 sectors of 16 blocks each
5.2.1
1 KB non-volatile memory
This section describes the PICCs offering 1 KB of non-volatile memory (NVM) available for the purpose of NRG™
operation.
Structure and properties
Description
Byte Number within a Block
Sector Block Block
NumberAddress Number
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
3FH
3EH
3DH
3CH
3
2
1
0
Authentication Key A
Access Bits
Authentication Key B (optional) or Data
Sector Trailer
Data
RFU
15
Data
Data
3BH
3AH
39H
38H
3
2
1
0
Authentication Key A
Access Bits
Authentication Key B (optional) or Data
Sector Trailer
Data
RFU
14
Data
Data
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
07H
06H
05H
04H
3
2
1
0
Authentication Key A
Authentication Key A
Access Bits
Access Bits
Authentication Key B (optional) or Data
Authentication Key B (optional) or Data
Sector Trailer
Data
RFU
1
0
Data
Data
03H
02H
01H
00H
3
2
1
0
RFU
Sector Trailer
Data
Data
Manufacturer Data
Figure 14
Memory structure of 1 KB of NVM with NRG™
The memory of PICC offering 1 KB of NVM with NRG™ is structured as described below:
•
The memory is organized in 16 sectors, each with 4 blocks with 16 bytes of data each. A block is the
elementary unit addressable by NRG™ commands. The numbering of sectors and blocks is in ascending
order of their addresses, as shown in Figure 14
•
A successful authentication procedure to the sector where the addressed block is located must be carried
out to allow the PCD to apply the appropriate commands to the block
Datasheet
28
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
•
•
Blocks 0, 1, and 2 of each sector are available for application data, configurable in two ways:
-
-
Arbitrarily usable data blocks as specified in Data block
Blocks formatted as specified in Value block
Block 3 of each sector (denoted as "sector trailer") has the following properties:
-
This block contains either one or two cryptographic keys of 6 byte each (Key A is mandatory, Key B is
optional) for authentication to get access to the blocks in this sector, and 3 bytes of access bits forming
the access conditions for all blocks in this sector as specified in Sector trailer
Data block
Data blocks offer to store the bytes in a sequential order. READ and WRITE commands are applicable to the
data blocks.
Description
Data block
Byte number within a block
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Data
Figure 15
Structure of a data block
Value block
Value blocks offer to store and manage the dedicated "arithmetic values". The "Value" inside a value block is 4
bytes in length and stored two times in normal and one time in bit-inverted manner. Values must be stored in
little endian order.
The arithmetic instructions INCREASE, DECREASE, and RESTORE are applicable to value blocks, where the
result is temporarily stored in a volatile transfer buffer. To store the result in the NVM, the TRANSFER command
must be used. Besides these commands, READ and WRITE commands are applicable to the value blocks.
Note:
For the purpose of this document, the term "transfer buffer" is used in the command set description
of the arithmetic instructions. This represents a volatile memory location in the PICC to perform the
manipulation of arithmetic values. It cannot be directly accessed with any of the NRG™ commands.
Description
Value block
Byte number within a block
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Value
Value
Value
Adr
Adr
Adr
Adr
Figure 16
Structure of a value block
Sector trailer
The sector trailer contains the authentication keys and the access bits as described below:
•
•
Keys of each 6 byte (Key A is mandatory, Key B is optional) for authentication to all blocks in this sector
3 bytes of access bits forming the access condition information for the associated sector, that is access to
the blocks along with the sector trailer
•
1 byte is reserved for future use and should not be used for other application data
For more details about sector trailer, see chapter 5.3.2 in [3].
Datasheet
29
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
Description
Byte number within a block
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Access bits
Sector trailer
Authentication key A
RFU
Authentication key B (optional) or Data
Figure 17
Structure of a sector trailer
Access condition
Depending on the access condition, the right to execute a particular command to the block results in one of the
following conditions:
•
•
•
•
Never: Command not granted
Key A: Command granted when successfully authenticated with Key A of this sector
Key B: Command granted when successfully authenticated with Key B of this sector
Key A/B: Command granted when successfully authenticated with Key A or Key B of this sector
The access condition for blocks 0 to 2 and the sector trailer, of the associated sector are formed by the access
bits.
Access bits define four access groups: one group for the sector trailer and the remaining groups for data or
value blocks each.
5.2.2
4 KB non-volatile memory
This section describes PICCs offering 4 KB of NVM available for the purpose of NRG™ operation. Unless
otherwise specified, the description in Chapter 5.2.1 also apply to PICCs offering 4 KB of NVM.
The extensions of such PICCs compared to PICCs offering 1 KB of NVM available for the purpose of NRG™
operation. Unless otherwise mentioned, the description in Chapter 5.2.1 apply also to PICCs offering 4 KB of
NVM.
Datasheet
30
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
Description
Byte Number within a Block
Sector Block Block
NumberAddress Number
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
FFH
15
Authentication Key A
Access Bits
RFU
Authentication Key B (optional) or Data
Sector Trailer
FEH
14
Data
.
.
.
.
.
.
.
.
39
.
.
.
.
F1H
F0H
1
0
Data
Data
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
8FH
8EH
15
14
Authentication Key A
Access Bits
RFU
Authentication Key B (optional) or Data
Sector Trailer
Data
8DH
13
Data
.
.
.
.
.
.
.
.
.
.
.
.
32
84H
83H
82H
81H
80H
4
3
2
1
0
Data
Data
Data
Data
Data
7FH
7EH
7DH
7CH
3
2
1
0
Authentication Key A
Authentication Key B (optional) or Data
Sector Trailer
Data
Access Bits
RFU
31
Data
Data
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
03H
02H
01H
00H
3
2
1
0
Authentication Key A
Access Bits
RFU
Authentication Key B (optional) or Data
Sector Trailer
Data
0
Data
Manufacturer Data
Figure 18
Memory structure for CIPURSE™4move providing 4 KB NRG™
The memory of an NRG™ PICC offering 4 KB of NVM is structured as described below:
•
The memory is organized in 40 sectors, 32 of them consisting of 4 blocks with 16 bytes of data, and 8 of
them consisting of 16 blocks with 16 bytes of data. The numbering of sectors and blocks are in ascending
order of their addresses, as shown in Figure 18
•
•
For sectors 0 to 31 (sectors consisting of 4 blocks), the same definitions as for sectors 0 to 15 as specified by
Figure 14 are applicable
For sectors 32 to 39 (sectors consisting of 16 blocks),
-
Blocks 0 to 14 are available for application data, configurable in the same way as for sectors consisting
of 4 blocks
-
Block 15 of each sector (denoted as "sector trailer") has similar properties as block 3 for sectors in
1 KB NRG™ (see Chapter 5.2.1) but four access groups are defined by the access bits forming access
conditions: one group for the sector trailer and the remaining groups for 5 data or value blocks each
5.3
NRG™ command set
This section describes the commands supported by CIPURSE™4move when it is in NRG™ operation state.
Datasheet
31
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
5 Block oriented memory with NRG™
Table 9
Command1)
Overview of NRG™ commands
Description
AUTHENTICATE with Key A Authentication with Key A to the sector in which the addressed block is located
AUTHENTICATE with Key B Authentication with Key B to the sector in which the addressed block is located
READ
Reads out 16 bytes from memory block via NRG™
Writes 16 bytes into memory block via NRG™
Arithmetic instruction
WRITE
DECREMENT
Loads the actual value from the addressed value block decremented by the
operand into the transfer buffer
INCREMENT
RESTORE
Arithmetic instruction
Loads the actual value from the addressed value block incremented by the
operand into the transfer buffer
Arithmetic instruction
Loads the actual value of the addressed value block into the transfer buffer
TRANSFER
HLTA
Transfers the actual value in the transfer buffer to the addressed value block
Transition to HALT state as per ISO/IEC 14443-3 [9]
1)
For more details about the NRG™ command set, see chapter 7 in [3].
5.4
NRG™ to CIPURSE™ migration
Migration from NRG™ data structure to CIPURSE™ oriented file system requires access to block oriented NRG™
memory from both NRG™ and CIPURSE™ interfaces.
NRG™ supports multiple applications which require mapping each of the applications to dedicated sectors.
To access, one of these applications from a CIPURSE™ ADF, these dedicated sectors must be accessible while
access to other sectors (belonging to other applications) is prevented by assigning dedicated NRG™ sectors to
CIPURSE™ ADF.
Note:
On CIPURSE™ products supporting MF, application creation is done under the MF security domain, EF
creation is done within the CIPURSE™ ADF security domain.
Note:
Changes to the NRG™ mapped memory area are not protected by command level atomicity.
Datasheet
32
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
6 Operational characteristics
6
Operational characteristics
6.1
Absolute maximum ratings
Stresses above those listed may cause permanent damage to the device. This is a stress rating only
and functional operation of the device at these or any other conditions above those indicated in the
operational sections of this data sheet is not implied. Exposure to absolute maximum rating conditions for
extended periods may affect device reliability, including electrically erasable programmable read-only memory
(EEPROM) data retention and write/erase endurance.
Table 10
Absolute maximum ratings
Parameter
Symbol
Min.
Values
Typ.
Unit
Note or test condition
Max.
+110
+125
Junction temperature TJ
-40
-40
°C
°C
Storage temperature
Tstg
For chip. For modules
according to module
specification
ESD protection
VESD
-2
+2
kV
EIA/JESD22-A114-B
6.2
Electrical characteristics
Table 11
Operation range
Parameter
Symbol
Values
Typ.
Unit
Note or test condition
Min.
-25
Max.
Ambient temperature
TA
+85
°C
TJ must not be exceeded
Endurance (write/erase
cycles)1)
105
Data retention (years)1)
10
TA = 25°C
1)
Values are temperature dependent. For further information please refer to your Infineon Technologies office or representative.
Table 12
Contactless interface characteristics
Parameter
Symbol
Values
Typ.
Unit
Note or test condition
Min.
Max.
Operating conditions
H
1.5
7.5
A/m
Reference setup according
to ISO/IEC 14443-2 [8] and
ISO/IEC 10373-1 [7]
Carrier frequency
fC
13.56
27/56/78
16.5
MHz
pF
7 kHz
Chip input capacitance CAB
Recommended target
resonance frequency
fres
MHz
ID1 (Class 1) card size
Datasheet
33
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
References
References
CIPURSE™/OSPT
[1]
OSPT Alliance: CIPURSE™V2 , Operation and Interface Specification (Revision 2.0), 2013-12-20, incl. Errata
and Precision List (Revision 3.0); 2017-09-27
[2]
OSPT Alliance: CIPURSE™V2 , CIPURSE™S Profile Specification (Revision 2.0); 2013-12-20
Infineon
[3]
Infineon Technologies AG: SLE66R35x, Extended datasheet (Revision 2.0); 2021-05-28
ISO/IEC
[4]
[5]
[6]
ISO/IEC 7816-4:2020: Identification cards - Integrated circuit cards - Part 4: Organization, security and
commands for interchange (Fourth edition); 2020-05
ISO/IEC 7816-6:2016: Identification cards - Integrated circuit cards - Part 6: Interindustry data elements for
interchange (Third edition); 2016-06
ISO/IEC 9798-2: Information technology - Security techniques - Entity authentication - Part 2: Mechanisms
using symmetric encipherment algorithms (Third Edition); 2008-12-15, incl.
•
•
•
Corrigendum 1, 2010-02-15
Corrigendum 2, 2012-03-15
Corrigendum 3, 2013-02-15
[7]
[8]
[9]
ISO/IEC 10373-1:2020-10: Cards and security devices for personal identification – Test methods - Part 1:
General characteristics (Third edition); 2020-10
ISO/IEC 14443-2:2020: Cards and security devices for personal identification – Contactless proximity objects
- Part 2: Radio frequency power and signal interface (Fourth edition); 2020-07
ISO/IEC 14443-3:2018: Cards and security devices for personal identification – Contactless proximity objects
– Part 3: Initialization and anticollision (Fourth edition); 2018-07
[10] ISO/IEC 14443-4:2018: Cards and security devices for personal identification – Contactless proximity objects
– Part 4: Transmission protocols (Fourth edition); 2018-06
NFC Forum
[11] NFC Forum: Type 4 Tag Technical Specification (Version 1.1); 2019-12-12
Siemens
[12] Siemens AG: Semiconductors HL CC PD ID: Crypto-Unit CRYPTO1.DOC; 1997
Datasheet
34
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Glossary
Glossary
ADF
application dedicated file (ADF)
AES
Advanced Encryption Standard (AES)
The standard for the encryption of electronic data established by the U.S. National Institute of Standards and
Technology (NIST) in 2001. The algorithm described by AES is a symmetric-key algorithm (i.e. the same key is
used for both encryption and decryption).
AID
application identifier (AID)
Used to reference (select) an application.
APDU
application protocol data unit (APDU)
The communication unit between a smart card reader and a smart card.
ATS
answer to select (ATS)
CC
Common Criteria for Information Technology Security Evaluation (CC)
An international standard (ISO/IEC 15408) for computer security certification.
CID
card identifier (CID)
CIPURSE™
Open security standard for transit fare collection systems. CIPURSE™ is a trademark of the Open Standard for
Public Transport Alliance.
DFA
differential fault analysis (DFA)
A class of side channel attacks in the field of cryptography, specifically cryptographic analysis. Faults are
induced into cryptographic implementations with the intention of revealing information about their internal
states.
DF
dedicated file (DF)
DPA
differential power analysis (DPA)
A class of attacks against smart cards and secure cryptographic tokens. The attack involves monitoring how
much power a microprocessor uses as it functions, then using advanced statistical methods to determine secret
keys or personal identification numbers involved in the computations.
EAL
evaluation assurance level (EAL)
Datasheet
35
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Glossary
EEPROM
electrically erasable programmable read-only memory (EEPROM)
EF
elementary file (EF)
A file system component containing (user) data.
EIA
Electronic Industry Alliance (EIA)
ENC
encryption (ENC)
ESD
electrostatic discharge (ESD)
The sudden draining of electrostatic charge. Even with small charges, it poses a considerable risk to small
semiconductor structures, in particular MOS structures. It is therefore essential to take precautions when
dealing with unprotected semiconductors.
FD
file descriptor (FD)
Defines the file type (MF, ADF, type of EF).
FID
file identifier (FID)
Used to reference an elementary file.
FWI
frame waiting time integer (FWI)
ID
identification (ID)
IEC
International Electrotechnical Commission (IEC)
The international committee responsible for drawing up electrotechnical standards.
ISO
International Organization for Standardization (ISO)
MAC
message authentication code (MAC)
Used to prove message integrity.
MCC
module contactless card (MCC)
MF
master file (MF)
The root of the CIPURSE™ file system.
NAD
node address (NAD)
Datasheet
36
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Glossary
NFC
near field communication (NFC)
NRG™
ISO/IEC 14443-3 type A with CRYPTO1
NVM
non-volatile memory (NVM)
OSPT
Open Standard for Public Transport (OSPT)
PCD
proximity coupling device (PCD)
A reader device for NFC cards.
PICC
proximity integrated circuit card (PICC)
A contactless smart card which can be read without inserting it into a reader device.
PxSE
proximity system environment (PxSE)
A generic term for various system-environment applications that are specific to the application family.
RATS
request for answer to select (RATS)
RF
radio frequency (RF)
RFU
reserved for future use (RFU)
SFID
short file identifier (SFID)
SMG
secure messaging group (SMG)
This belongs to the file security attributes. Commands are clustered into SMGs, where each of them lists one or
more commands.
SMR
secure messaging rules (SMR)
Object-specific messaging rules combining four SMGs.
SM
secure messaging (SM)
A secure channel that is established between the secure element and a communication partner to ensure
confidentiality and authenticity of the exchanged data.
Datasheet
37
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Glossary
SM_PLAIN
secure messaging with plain data (SM_PLAIN)
Communication with endpoint internal preparation for integrity verification. Data are sent plain, and the
transferred frame does not include an integrity protection field.
UID
unique identifier (UID)
Datasheet
38
Revision 1.0
2023-01-05
CIPURSE™4move
Datasheet
Revision history
Revision history
Reference
Description
Revision 1.0, 2023-01-05 – Valid for product version 1.0.2 and higher
All
Initial release
Datasheet
39
Revision 1.0
2023-01-05
Trademarks
All referenced product or service names and trademarks are the property of their respective owners.
Edition 2023-01-05
Published by
Infineon Technologies AG
81726 Munich, Germany
Important notice
Warnings
The information given in this document shall in no
event be regarded as a guarantee of conditions or
characteristics (“Beschaffenheitsgarantie”).
With respect to any examples, hints or any typical
values stated herein and/or any information regarding
the application of the product, Infineon Technologies
hereby disclaims any and all warranties and liabilities
of any kind, including without limitation warranties of
non-infringement of intellectual property rights of any
third party.
In addition, any information given in this document is
subject to customer’s compliance with its obligations
stated in this document and any applicable legal
requirements, norms and standards concerning
customer’s products and any use of the product of
Infineon Technologies in customer’s applications.
The data contained in this document is exclusively
intended for technically trained staff. It is the
responsibility of customer’s technical departments to
evaluate the suitability of the product for the intended
application and the completeness of the product
information given in this document with respect to such
application.
Due to technical requirements products may contain
dangerous substances. For information on the types
in question please contact your nearest Infineon
Technologies office.
Except as otherwise explicitly approved by Infineon
Technologies in a written document signed by
authorized representatives of Infineon Technologies,
Infineon Technologies’ products may not be used in
any applications where a failure of the product or
any consequences of the use thereof can reasonably
be expected to result in personal injury.
©
2023 Infineon Technologies AG
All Rights Reserved.
Do you have a question about any
aspect of this document?
Email:
CSSCustomerService@infineon.com
Document reference
IFX-tbf1661348107101
相关型号:
SLS 32TLC002S(M)
The CIPURSE™4move is a dedicated contactless security controller for cost optimized tickets and cards in transport ticketing applications. It is featuring CIPURSE™S profile and is compliant to the OSPT™ Alliance CIPURSE™V2 specification.
INFINEON
SLS 32TLC004S(M)
The CIPURSE™4move is a dedicated contactless security controller for cost optimized tickets and cards in transport ticketing applications. It is featuring CIPURSE™S profile and is compliant to the OSPT™ Alliance CIPURSE™V2 specification.
INFINEON
©2020 ICPDF网 联系我们和版权申明