MIFARE DESFire EV1 vs MIFARE DESFire EV2
MIFARE DESFire EV1 offers 2-8 KB memory with 3DES + AES-128 security, making it ideal for transit, campus cards, access control. MIFARE DESFire EV2 provides 2-32 KB with AES-128 + proximity check security, suited for high-security transit, national ID, government.
MIFARE DESFire EV1
MIFARE DESFire EV2
MIFARE DESFire EV1 vs MIFARE DESFire EV2
EV1 and EV2 share the same ISO 14443ISO 14443Standards & ProtocolsStandard for contactless smart cards at 13.56 MHz (Types A and B)Click to view →-4 foundation and AES-128 security. EV2 adds two major capabilities that matter for high-security deployments: relay attack protection and a formal multi-tenancy framework.
Overview
MIFARE DESFire EV1 (released 2002, updated over time) provides ISO 14443-4, AES-128 and 3DES, a flexible AID-based application and file system, and 2–8 KB memory. It remains widely deployed in transit and corporate access programs worldwide.
MIFARE DESFire EV2 (released ~2013) adds: - Proximity Check: A timing-based relay attack countermeasure. The reader sends a challenge and measures the round-trip time; if the card is too far away (relayed), the check fails and the transaction is rejected. - MIsmartApp: A standardized framework enabling delegated application management — a card issuer can grant a service provider the right to manage their own AID-namespaced application independently. - Extended memory: EV2 supports up to 32 KB.
Key Differences
- Relay attack protection: EV1 has none. EV2's Proximity Check actively defeats relay attack scenarios where an attacker places a device near a reader and relays transactions to a card meters away.
- Multi-tenancy: EV2's MIsmartApp framework enables third-party application provisioning with cryptographic key isolation. EV1 supports multiple AIDs but without the delegated management model.
- Memory ceiling: EV1 maxes at 8 KB; EV2 reaches 32 KB.
- Backward compatibility: EV2 is backward compatible with EV1 command sets; existing EV1 applications run on EV2 without modification.
- Cost: EV2 commands a moderate premium over EV1 at volume.
Technical Comparison
| Parameter | MIFARE DESFire EV1 | MIFARE DESFire EV2 |
|---|---|---|
| Memory | 2 / 4 / 8 KB | 2 / 4 / 8 / 16 / 32 KB |
| Security | AES-128, 3DES | AES-128, 3DES + Proximity Check |
| Relay attack protection | No | Yes (Proximity Check) |
| Delegated app management | No | Yes (MIsmartApp) |
| Protocol | ISO 14443-4 (T=CL) | ISO 14443-4 (T=CL) |
| UID | 7 bytes | 7 bytes |
| NDEF support | Yes (Type 4) | Yes (Type 4) |
| EV1 command compatibility | N/A | Yes |
| Typical card cost (volume) | $0.40–$0.80 | $0.50–$1.00 |
Use Cases
When EV1 Remains Adequate
EV1 is sufficient for environments where relay attacks are not a realistic threat model — most corporate access control deployments, campus cards, and lower-risk transit programs. Billions of EV1 cards remain in service and EV1 infrastructure is broadly deployed.
When EV2 Is Required
- High-value transit stored value: Relay attacks against transit e-purse systems are a documented fraud vector. Proximity Check directly addresses this.
- National identity and government programs: Where relay attacks could enable impersonation fraud at scale.
- Premium multi-tenant programs: Where card issuers need to delegate AID management to multiple service providers with cryptographic key isolation.
- Replacement programs post-2015: Any new card issuance program should prefer EV2 as the minimum, with EV3 as the recommended option.
Verdict
For existing EV1 deployments without a relay attack threat, EV1 remains cryptographically secure and does not need to be replaced on security grounds. For new programs or deployments where relay attack is a concern, EV2 is the minimum recommended baseline — though EV3 should be evaluated first given its additional SDM and transaction MAC capabilities at a comparable price point.
推荐
Choose MIFARE DESFire EV1 when you need flexible file system with strong encryption; choose MIFARE DESFire EV2 when you need relay attack protection via proximity check.