Encryption alone ensures confidentiality but does not prevent tampering. To verify that the data has not been altered, Nintendo employs (Hash‑Based Message Authentication Code with the SHA‑256 hash function). The signing operation uses the derived keys to compute an authentication code over the relevant data.
This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later.
Are you looking to or create custom tags ?
user wants a long article on "amiibo encryption key". I need to provide detailed information about the amiibo encryption key, including its function, discovery, reverse engineering, and related tools and legal implications. To do this comprehensively, I need to search for various sources covering different aspects of the topic. I'll break down the search into several distinct queries to gather information on the encryption key explanation, the history of its reverse engineering, the technical details, the tools and tags, and the legal aspects. have gathered information from various sources. The results include technical details from GitHub repositories (amiitool, pyamiibo), community wikis (3dbrew, AmiiboDB), and forum discussions (GBAtemp, Reddit). I have also found sources about the legal aspects of reverse engineering (DMCA). My plan is to structure the long article as follows: Introduction; Technical Foundation: NTAG215 and Amiibo Structure; The Two Master Keys; The Encryption Process; The Password (PWD_AUTH); Reverse Engineering History; Practical Tools and Their Usage; Legal and Ethical Considerations; Conclusion. I will now open the most relevant pages to extract detailed information for each section. search results have provided a wealth of information. I will now structure the article. The introduction will set the stage. The technical foundation section will cover NTAG215 and the structure. The two master keys section will detail their roles. The encryption process section will explain the derivation and AES-CTR. The password section will cover PWD_AUTH. The reverse engineering history will include the timeline and key discoveries. The practical tools section will cover amiitool, TagMo, and others. The legal and ethical considerations section will address the DMCA and fair use. The conclusion will summarize. I will now write the article. The Amiibo Encryption Key: A Deep Dive into Nintendo’s NFC Security amiibo encryption key
To successfully create a functional "backup" using the encryption key, you typically need:
Here's a general overview of how amiibo and their encryption work:
TagMo is the most popular app for writing Amiibo to blank NTAG215 tags. Obtain the key_retail.bin file. This public link is valid for 7 days
The first key is the , commonly known among reverse engineers as locked‑secret.bin (an 80‑byte binary file). Its purpose is to derive an amiibo‑specific tag key that signs the fixed, locked‑in information of the figure. This includes immutable data such as the UID, the character ID (which identifies the specific amiibo, e.g., “Mario,” “Link,” etc.), and the series it belongs to. The tag master key is used to generate keys that authenticate this static payload, ensuring that the fundamental identity of the amiibo cannot be forged or altered.
One of the NTAG215’s features is a password-based access control mechanism. Nintendo implemented this feature to provide an additional layer of security. The password is of the Amiibo. The algorithm takes specific bytes of the UID, performs XOR operations with constant values (0xAA and 0x55), and combines them to form the 32-bit password. This derivation means that the password is mathematically tied to the physical chip’s identity — copying the raw data to a blank tag without also replicating the password generation logic will not fool the console.
The actual encryption of the variable data is performed using . AES‑CTR is a stream cipher construction that converts a block cipher into a synchronous stream cipher. It requires a key (the derived data key) and an initialisation vector (IV) that is typically a nonce combined with a counter. The Process Services PXI on the Nintendo 3DS (and analogous services on the Wii U and Switch) handle this AES‑CTR encryption internally, using a generated_amiibodata buffer to derive the necessary keys. The choice of CTR mode is significant because it allows random‑access decryption of individual blocks without having to decrypt the entire dataset, a useful property when only specific fields (such as the nickname or game progress) need to be updated. Can’t copy the link right now
This key handles the "fixed" information that identifies the figure. It signs data like the unique identifier (UID) and the specific character type. Once written to a standard NTAG215 chip, this information is typically locked and cannot be changed. The key_retail.bin File
Every official Amiibo utilizes a specific type of NFC chip called the , specifically modeled after the NXP NTAG215 . This chip has a total memory capacity of 540 bytes, with 504 bytes available for user data.
