N. V. Nederlandsche Apparatenfabriek NEDAP TRANSITULTI Manual Do Utilizador
TRANSIT ULTIMATE | INSTALLATION GUIDE
INTRODUCTION
4/33
1.2
ULTIMATE FEATURES
Encrypted tag authentication
The TRANSIT Ultimate enables encrypted tag authentication for the Ultimate tags:
Smartcard Booster Ultimate, LEGIC Booster Ultimate and Window Tag Ultimate. The
authentication uses encryption based upon AES 128-bit keys. Key diversification is
used to ensure that a unique encryption key is used for every tag.
Data storage
Thanks to the bi-directional tag communication feature and in combination with
Smartcard-Booster Ultimate it will be possible to write information on the drivers’
access control card when the car enters or leaves a perimeter. This will enable write
actions like changing credits, offline access rights or other information changes
dynamically upon perimeter access.
Implementation
The Ultimate-mode features are implemented in the TAB board. The TAB-board
performs the authentication or other Ultimate function using the bi-directional tag
communication channel at 433MHz.
The TRANSIT Ultimate enables encrypted tag authentication for the Ultimate tags:
Smartcard Booster Ultimate, LEGIC Booster Ultimate and Window Tag Ultimate. The
authentication uses encryption based upon AES 128-bit keys. Key diversification is
used to ensure that a unique encryption key is used for every tag.
Data storage
Thanks to the bi-directional tag communication feature and in combination with
Smartcard-Booster Ultimate it will be possible to write information on the drivers’
access control card when the car enters or leaves a perimeter. This will enable write
actions like changing credits, offline access rights or other information changes
dynamically upon perimeter access.
Implementation
The Ultimate-mode features are implemented in the TAB board. The TAB-board
performs the authentication or other Ultimate function using the bi-directional tag
communication channel at 433MHz.
Figure 1: TRANSIT Ultimate block diagram
Authentication procedure
The encrypted tag authentication is performed when both antennas (433MHz and
2.45GHz) receive the same id-number. This ensures that the tag to be authenticated
is located in the well-defined directional beam in front of the reader.
1.
Receive Ultimate tag id-number.
2.
Send encrypted challenge to the tag.
The challenge is generated by the Security Key Pack based upon random
numbers encrypted with a diversified AES128 key.
numbers encrypted with a diversified AES128 key.
3.
Receive, decrypt and verify the encrypted challenge response from the tag.
4.
When the authentication is successful, the id-number is transmitted on the
communication output(s). Wiegand, USB, etc.
TRANSIT - PIC
2.45GHz
433MHz
Ultimate
mode
bypass
Serial com-select
USB-detect
USB
I/F-board
I/F-board
Wiegand
Relay output
Relay output
Smiley RGB
TAB-board
Security Key Pack
TRANSIT Ultimate
Note
The TAB board may be
bypassed to make the
TRANSIT Ultimate fully
compatible with the
TRANSIT Standard. See
chapter 4.3.
The TAB board may be
bypassed to make the
TRANSIT Ultimate fully
compatible with the
TRANSIT Standard. See
chapter 4.3.