When developers first start working with NTAG424 DNA, one of the most confusing concepts is the CMAC (Cipher-based Message Authentication Code) used in Secure Dynamic Messaging (SDM).
Questions like these come up frequently:
- What is the CMAC parameter in an NTAG424 DNA URL?
- How is the CMAC generated?
- Why does the CMAC change after every tap?
- How can my server verify the CMAC?
- Can counterfeiters generate a valid CMAC?
This guide explains how NTAG424 DNA CMAC works, why it is important for anti-counterfeiting applications, and how developers can use it for secure authentication.
What Is CMAC?
CMAC stands for:
Cipher-based Message Authentication Code
It is a cryptographic signature generated using an AES-128 secret key.
The purpose of CMAC is to prove that:
- The data came from a genuine NTAG424 DNA tag.
- The data has not been modified.
- The tag possesses the correct secret key.
Unlike a simple checksum or hash, the CMAC cannot be generated without knowing the AES key stored inside the tag.
Why Does NTAG424 DNA Use CMAC?
A normal NFC tag can easily be cloned.
For example:
https://brand.com/product/12345
Anyone can copy this URL onto another NFC tag.
NTAG424 DNA solves this problem by generating a dynamic URL:
https://brand.com/auth?e=xxxx&c=yyyy
Where:
- e = encrypted data (optional)
- c = CMAC value
The CMAC proves that the URL was generated by a genuine tag.
What Information Does the CMAC Protect?
The CMAC is calculated using information such as:
- Tag UID
- Scan counter
- SDM read counter
- File data
- Configuration parameters
Because the scan counter changes after every tap, the CMAC also changes after every tap.
This makes replay attacks and cloning extremely difficult.
CMAC in Secure Dynamic Messaging (SDM)
A typical NTAG424 DNA authentication URL looks like:
https://brand.com/auth?uid=049A...&ctr=000123&cmac=8F2D3A...
Or:
https://brand.com/auth?e=AF34B2...&c=98AB34...
Every time the tag is scanned:
- Counter increases.
- New encrypted data is generated.
- New CMAC is generated.
- The URL becomes unique.
Even if somebody copies yesterday’s URL, it will no longer be valid.
How CMAC Is Generated
The simplified process is:
UID + Counter + Data
↓
AES-128 Key
↓
Generate CMAC
The AES key never leaves the tag or the authentication server.
Only parties possessing the correct key can generate or verify the CMAC.
Authentication Workflow
User scans tag
↓
Tag generates dynamic URL
↓
Phone opens URL
↓
Server receives parameters
↓
Server recalculates CMAC
↓
Compare values
↓
Authentication result
If the CMAC values match:
✅ Genuine tag
If the CMAC values do not match:
❌ Invalid or cloned tag
Why Does the CMAC Change Every Time?
This is one of the most important security features of NTAG424 DNA.
The CMAC calculation includes the scan counter.
Example:
| Scan | Counter | CMAC |
|---|---|---|
| First Tap | 1 | A1B2C3 |
| Second Tap | 2 | F7D8E9 |
| Third Tap | 3 | 9A8B7C |
Because the counter changes:
- The URL changes.
- The CMAC changes.
- Cloned URLs become useless.
Can a Counterfeiter Generate a Valid CMAC?
No.
To generate a valid CMAC, the attacker would need:
- The AES-128 secret key
- The correct configuration
- The correct counter value
Without the AES key, creating a valid CMAC is computationally infeasible.
This is the core reason NTAG424 DNA is widely used for anti-counterfeiting applications.
CMAC vs Hash
Many developers confuse CMAC with a hash function.
| Feature | Hash | CMAC |
|---|---|---|
| Secret Key Required | No | Yes |
| Data Integrity | Yes | Yes |
| Authentication | No | Yes |
| Prevents Forgery | No | Yes |
| Used in NTAG424 DNA | No | Yes |
CMAC is much more secure because it depends on a secret key.
CMAC vs Digital Signature
| Feature | CMAC | Digital Signature |
|---|---|---|
| Algorithm | AES-128 | RSA / ECC |
| Secret Key | Shared Key | Private/Public Keys |
| Performance | Very Fast | Slower |
| Suitable for NFC Tags | Yes | Usually No |
| Used by NTAG424 DNA | Yes | No |
Because NFC tags have limited resources, AES-CMAC provides excellent security with minimal computational overhead.
Server-Side CMAC Verification
Most NTAG424 DNA projects verify CMAC values on the server.
Typical backend flow:
Receive URL parameters
↓
Decrypt data (if required)
↓
Calculate expected CMAC
↓
Compare values
↓
Return authentication result
The server should also:
- Validate the scan counter
- Detect duplicate scans
- Record scan locations
- Monitor suspicious activity
Replay Attack Detection
A replay attack occurs when someone copies a previously generated URL.
Example:
https://brand.com/auth?e=xxxx&c=yyyy
The attacker prints the URL as a QR code and reuses it.
NTAG424 DNA can detect this because:
Stored Counter = 120
Received Counter = 95
The server knows that the URL is old and can flag the product as suspicious.
Best Practices for Using CMAC
1. Never Store AES Keys in the Mobile App
The authentication key should remain on the server.
2. Protect Your Backend APIs
Use:
- HTTPS
- API authentication
- Database encryption
3. Validate Counters
Counter validation helps identify cloned or replayed tags.
4. Rotate Keys When Necessary
For high-security applications, consider periodic key updates.
5. Log Authentication Events
Track:
- Time
- Location
- Device
- Counter values
- Authentication status
This data can provide valuable anti-counterfeit intelligence.
Typical Applications Using CMAC
NTAG424 DNA CMAC authentication is widely used in:
- Luxury goods authentication
- Wine and spirits anti-counterfeiting
- Pharmaceutical protection
- Event ticketing
- Digital Product Passports (DPP)
- Electronics authentication
- Limited edition collectibles
- Secure membership cards
Frequently Asked Questions
Can I read the CMAC with an NFC app?
Yes.
The app can read the dynamic URL containing the CMAC.
However, it cannot verify the CMAC without access to the AES key.
Can I generate the CMAC myself?
Yes, if you have:
- The correct AES key
- The correct input data
- The proper CMAC algorithm
This is usually done on the backend server.
Is the CMAC encrypted?
No.
The CMAC is an authentication code, not encrypted data.
Its security comes from the secret AES key.
Can two taps produce the same CMAC?
Under normal operation, no.
Because the counter changes with every scan, each CMAC is unique.
Conclusion
The CMAC mechanism is one of the key technologies that makes NTAG424 DNA an exceptionally secure NFC chip for anti-counterfeiting and authentication projects.
By combining:
- AES-128 cryptography
- Dynamic counters
- Secure Dynamic Messaging (SDM)
- Server-side verification
NTAG424 DNA can prove that a product, ticket, or credential is genuine and detect cloned or replayed tags.
For developers building authentication systems, understanding how CMAC works is essential to creating a secure and reliable NTAG424 DNA solution.