NTAG424 DNA CMAC Explained – Developer Reference

When developers first start working with NTAG424 DNA, one of the most confusing concepts is the CMAC (Cipher-based Message Authentication Code) used in Secure Dynamic Messaging (SDM).

Questions like these come up frequently:

  • What is the CMAC parameter in an NTAG424 DNA URL?
  • How is the CMAC generated?
  • Why does the CMAC change after every tap?
  • How can my server verify the CMAC?
  • Can counterfeiters generate a valid CMAC?

This guide explains how NTAG424 DNA CMAC works, why it is important for anti-counterfeiting applications, and how developers can use it for secure authentication.


What Is CMAC?

CMAC stands for:

Cipher-based Message Authentication Code

It is a cryptographic signature generated using an AES-128 secret key.

The purpose of CMAC is to prove that:

  1. The data came from a genuine NTAG424 DNA tag.
  2. The data has not been modified.
  3. The tag possesses the correct secret key.

Unlike a simple checksum or hash, the CMAC cannot be generated without knowing the AES key stored inside the tag.


Why Does NTAG424 DNA Use CMAC?

A normal NFC tag can easily be cloned.

For example:

https://brand.com/product/12345

Anyone can copy this URL onto another NFC tag.

NTAG424 DNA solves this problem by generating a dynamic URL:

https://brand.com/auth?e=xxxx&c=yyyy

Where:

  • e = encrypted data (optional)
  • c = CMAC value

The CMAC proves that the URL was generated by a genuine tag.


What Information Does the CMAC Protect?

The CMAC is calculated using information such as:

  • Tag UID
  • Scan counter
  • SDM read counter
  • File data
  • Configuration parameters

Because the scan counter changes after every tap, the CMAC also changes after every tap.

This makes replay attacks and cloning extremely difficult.


CMAC in Secure Dynamic Messaging (SDM)

A typical NTAG424 DNA authentication URL looks like:

https://brand.com/auth?uid=049A...&ctr=000123&cmac=8F2D3A...

Or:

https://brand.com/auth?e=AF34B2...&c=98AB34...

Every time the tag is scanned:

  1. Counter increases.
  2. New encrypted data is generated.
  3. New CMAC is generated.
  4. The URL becomes unique.

Even if somebody copies yesterday’s URL, it will no longer be valid.


How CMAC Is Generated

The simplified process is:

UID + Counter + Data
          ↓
      AES-128 Key
          ↓
      Generate CMAC

The AES key never leaves the tag or the authentication server.

Only parties possessing the correct key can generate or verify the CMAC.


Authentication Workflow

User scans tag
        ↓
Tag generates dynamic URL
        ↓
Phone opens URL
        ↓
Server receives parameters
        ↓
Server recalculates CMAC
        ↓
Compare values
        ↓
Authentication result

If the CMAC values match:

✅ Genuine tag

If the CMAC values do not match:

❌ Invalid or cloned tag


Why Does the CMAC Change Every Time?

This is one of the most important security features of NTAG424 DNA.

The CMAC calculation includes the scan counter.

Example:

ScanCounterCMAC
First Tap1A1B2C3
Second Tap2F7D8E9
Third Tap39A8B7C

Because the counter changes:

  • The URL changes.
  • The CMAC changes.
  • Cloned URLs become useless.

Can a Counterfeiter Generate a Valid CMAC?

No.

To generate a valid CMAC, the attacker would need:

  • The AES-128 secret key
  • The correct configuration
  • The correct counter value

Without the AES key, creating a valid CMAC is computationally infeasible.

This is the core reason NTAG424 DNA is widely used for anti-counterfeiting applications.


CMAC vs Hash

Many developers confuse CMAC with a hash function.

FeatureHashCMAC
Secret Key RequiredNoYes
Data IntegrityYesYes
AuthenticationNoYes
Prevents ForgeryNoYes
Used in NTAG424 DNANoYes

CMAC is much more secure because it depends on a secret key.


CMAC vs Digital Signature

FeatureCMACDigital Signature
AlgorithmAES-128RSA / ECC
Secret KeyShared KeyPrivate/Public Keys
PerformanceVery FastSlower
Suitable for NFC TagsYesUsually No
Used by NTAG424 DNAYesNo

Because NFC tags have limited resources, AES-CMAC provides excellent security with minimal computational overhead.


Server-Side CMAC Verification

Most NTAG424 DNA projects verify CMAC values on the server.

Typical backend flow:

Receive URL parameters
        ↓
Decrypt data (if required)
        ↓
Calculate expected CMAC
        ↓
Compare values
        ↓
Return authentication result

The server should also:

  • Validate the scan counter
  • Detect duplicate scans
  • Record scan locations
  • Monitor suspicious activity

Replay Attack Detection

A replay attack occurs when someone copies a previously generated URL.

Example:

https://brand.com/auth?e=xxxx&c=yyyy

The attacker prints the URL as a QR code and reuses it.

NTAG424 DNA can detect this because:

Stored Counter = 120
Received Counter = 95

The server knows that the URL is old and can flag the product as suspicious.


Best Practices for Using CMAC

1. Never Store AES Keys in the Mobile App

The authentication key should remain on the server.


2. Protect Your Backend APIs

Use:

  • HTTPS
  • API authentication
  • Database encryption

3. Validate Counters

Counter validation helps identify cloned or replayed tags.


4. Rotate Keys When Necessary

For high-security applications, consider periodic key updates.


5. Log Authentication Events

Track:

  • Time
  • Location
  • Device
  • Counter values
  • Authentication status

This data can provide valuable anti-counterfeit intelligence.


Typical Applications Using CMAC

NTAG424 DNA CMAC authentication is widely used in:

  • Luxury goods authentication
  • Wine and spirits anti-counterfeiting
  • Pharmaceutical protection
  • Event ticketing
  • Digital Product Passports (DPP)
  • Electronics authentication
  • Limited edition collectibles
  • Secure membership cards

Frequently Asked Questions

Can I read the CMAC with an NFC app?

Yes.

The app can read the dynamic URL containing the CMAC.

However, it cannot verify the CMAC without access to the AES key.


Can I generate the CMAC myself?

Yes, if you have:

  • The correct AES key
  • The correct input data
  • The proper CMAC algorithm

This is usually done on the backend server.


Is the CMAC encrypted?

No.

The CMAC is an authentication code, not encrypted data.

Its security comes from the secret AES key.


Can two taps produce the same CMAC?

Under normal operation, no.

Because the counter changes with every scan, each CMAC is unique.


Conclusion

The CMAC mechanism is one of the key technologies that makes NTAG424 DNA an exceptionally secure NFC chip for anti-counterfeiting and authentication projects.

By combining:

  • AES-128 cryptography
  • Dynamic counters
  • Secure Dynamic Messaging (SDM)
  • Server-side verification

NTAG424 DNA can prove that a product, ticket, or credential is genuine and detect cloned or replayed tags.

For developers building authentication systems, understanding how CMAC works is essential to creating a secure and reliable NTAG424 DNA solution.