OpenPICC Question

[Milosch Meriac]

Dear David,

Kn1ght L0rd wrote:
> 1. My understanding of the openPICC is that it sniffs traffic from a
> read on a 13.56 MHz reader.  What information is it actually sniffing? 
> The reader information or the tag information?

It supports DMA accelerated sniffing of the reader->tag data path to be
able to emulate RFID cards. It also supports DMA accelerated modulation
patterns for the opposite direction as a back channel for tag->reader
communication.

> 2. If the openPICC is reading the tag information is it even necessary
> for me to have the two devices communicate with each other or would it
> be just as affective to have the two units right next to each other
> because when the openPCD does a read the openPICC will automatically
> pick up the tag information that I am wanting to emulate?

Yes - using OpenPCD for reading a card and OpenPICC to emulate it is the
preferred way. Both can be easily connected by crossed RS232 at 3V3
RX/TX/GND wires.

> 3. I was also reading the firmware for the reqa, won't this do what I
> want it to do if I need to communicate over the DBGU port to the
> openPICC since it returns card responses on that port?

It won't be a big problem to remove debug output for this port and to
use this port for inter-device communication instead.

> 4. What is the difference between the different modes in the REQA
> firmware?  What is REQA, and WUPA?  Is this reading the data of the tag
> or is it doing something else?

No data is read from a tag. Both commands are basically part of the anti
collision - afterwards you have to actually select the card by using the
full UID before reading/writing from/to it. Librfid already solves both
tasks for you. Obviously all this code is still missing for the
emulation part of OpenPICC.

> 5. I haven't seen any documentation on how to get the openPICC to
> emulate a tag, is there any?  If not then how do I do this code wise? 

Best approach is to have a look at ISO14443-2 and -3 - these is the most
comprehensive documentation out there.

> 6. Is the openPICC autonomous by default, it looks like it is other than
> it dumps the data to the PC?  Are there any other firmware versions that
> I should be looking at?

Currently we only have a dumb sniffer mode implemented. OpenPICC can be
fully autonomous as soon as the anticollision/decoding code is
implemented (only a power supply is needed). There is enough processing
power to emulate RFID cards at least at 106kBit/s - probably even at
212kBits.
Unluckily we are currently very busy with other projects - but the rough
plan is to first port OpenPICC to FreeRTOS (did this already for
OpenBeacon USB) to make it easier for all of you to contribute code and
to get rid of the serial debug cable. We have already a serial port
emulation over USB running for OpenBeacon USB (USB CDC).
Next step is to have the decoding action running inside OpenPICC and to
do a proper anti collision.

All kind of help is greatly appreciated.

> I will probably have more questions once you answer these.  Thanks again
> for all the help and donation of the two units for our research.  I am
> going to say that our project and presentation was sponsered by the
> OpenPCD project just so you know.  Is it Ok that I use the logo and give
> a little background information on the project during my speach?  Hope
> to hear from you soon!

Sure - cool. Spread the word ;-)

Warmest regards,

Milosch
-- 
Bitmanufaktur :: Schwedter Strasse 23 :: 10119 Berlin
Fon +49 (0)30 4172 5006 :: Fax +49 (0)30 4172 5054
meriac at bitmanufaktur.de :: http://bitmanufaktur.de