Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2017-10-07 22:19:20

trazodone
Contributor
Registered: 2015-11-25
Posts: 50

HID Omnikey 6321

Hello,

HID Omnikey 6321 can read iclass card both legacy and SE. AFAIK iclass SR card has both SE and legacy data payloads. I have some question.

1) I am wondering if I use Omnikey 6321 to read iclass SR which data payloads will I see, Legacy or SE?
2) Can I read SE data blocks by using Omnikey 6321 with iclassified?
3) I use Omnikey 5321 to read iclass SR card and see error message: Authentication failed. This may be iclass high security card. Can I read this card by using Omnikey 6321?

Thank you.

Offline

#2 2017-10-08 08:10:34

iceman
Administrator
Registered: 2013-04-25
Posts: 9,537
Website

Re: HID Omnikey 6321

sounds more like an iclass related question.  If you are lucky Carl55 might answer your question since he sits with the detailed insights.
Not much public detailed knowledge on the newer iclass credentials.

Offline

#3 2017-10-08 16:54:23

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: HID Omnikey 6321

The term "iClass SR" is no longer being used by HID to refer to the credentials that work with both Legacy and SE readers. According to the HID "How to order guide" they are now referring to those dual payload credentials as "iclass with SIO encoding".

Regardless of the terminology used, the Omnikey 5321 or 6321 readers are capable of reading these cards using iclassified, ContactlessDemoVC, CopyClass or other similar software. The SR cards simply assign a few more internal data blocks to store both the legacy and SIO access control payloads. They are read using the same method.

When you read the data blocks using one of the above software tools you will see both the legacy access control payload (stored in Blocks 6-9) and the SIO access control payload (stored in Blocks 0x0A-0x10).
Decoding and interpreting the two payloads however is very different. The legacy iclass payload uses a straightforward scheme that assigns specific data fields to certain bits in the block whereas the SIO payload is simply a string of AES128 encrypted data.

If you are receiving an "Authentication Failed" message when reading your dual payload credentials then I would definitely suspect that you are working with a high security card. The algorithm that calculates the diversified key used with high security cards is different than the algorithm used for standard security cards.  The data can still be read but it involves more complicated software.

Offline

#4 2017-10-09 10:26:21

trazodone
Contributor
Registered: 2015-11-25
Posts: 50

Re: HID Omnikey 6321

Thank you for your info.

Offline

#5 2017-10-10 01:23:54

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 632

Re: HID Omnikey 6321

carl55 wrote:

The legacy iclass payload uses a straightforward scheme that assigns specific data fields to certain bits in the block whereas the SIO payload is simply a string of AES128 encrypted data.

Are you sure it is not 3DES-CBC with a 128bit key, zero padding, zero IV?

Offline

#6 2017-10-10 03:36:26

carl55
Contributor
From: Arizona USA
Registered: 2010-07-04
Posts: 175

Re: HID Omnikey 6321

0xFFFF wrote:

Are you sure it is not 3DES-CBC with a 128bit key, zero padding, zero IV?

The following is an excerpt from a HID Global iClass SE/SEOS white paper ...

"The cryptographic algorithm used to protect an SIO is based on AES cryptography while the SIO data structure complies with the ASN.1 specification to provide a flexible data model notation".

Offline

Board footer

Powered by FluxBB